{"report_id":"952f43cc-f111-4b87-985b-64bbede06e36","version":6,"status":"done","tags":[],"date":"2025-11-13T06:42:05Z","url":{"schema":"http","addr":"www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","fqdn":"www.videyd.com","domain":"videyd.com","tld":"com"},"ip":{"addr":"172.67.128.37","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","fqdn":"www.videyd.com","domain":"videyd.com","tld":"com"},"title":"videyd.com/e/ETDR1ZOA?lv1=videypro.site","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","fqdn":"www.videyd.com","domain":"videyd.com","tld":"com"},"ip":{"addr":"172.67.128.37","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-18T06:42:05Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":13}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"js.capndr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"na.nawpush.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"fp.metricswpsh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"ur.foretopheaved.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"ur.foretopheaved.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"2694316985.2c6ee0a58a.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"js.wpadmngr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"36946.phidonatome.com","ip":{"addr":"88.208.22.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-08-24","domain_rank":0,"first_seen":"2025-10-25T22:33:45.251193Z","last_seen":"2025-11-10T18:08:21.061275Z","alert_count":0,"request_count":1,"received_data":32107,"sent_data":420,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ntvpforever.com","ip":{"addr":"116.202.204.105","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2021-11-18","domain_rank":18811,"first_seen":"2021-11-19T01:49:18Z","last_seen":"2025-11-10T13:42:46.476883Z","alert_count":0,"request_count":2,"received_data":681,"sent_data":1032,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"a.labadena.com","ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"domain_registered":"2020-01-21","domain_rank":266368,"first_seen":"2020-05-24T00:28:49Z","last_seen":"2025-11-12T22:42:08.99802Z","alert_count":5,"request_count":5,"received_data":5596,"sent_data":3047,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"accounts.google.com","ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":103,"first_seen":"2012-05-23T06:57:57Z","last_seen":"2025-11-09T22:37:48.153273Z","alert_count":0,"request_count":3,"received_data":6933,"sent_data":1786,"comment":"","tags":null,"fingerprints":[{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"enrtx.com","ip":{"addr":"94.130.197.239","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2024-10-07","domain_rank":18023,"first_seen":"2024-11-04T09:19:58Z","last_seen":"2025-11-10T18:08:20.287194Z","alert_count":0,"request_count":1,"received_data":9795,"sent_data":492,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.16.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-11-09T22:13:41.73664Z","alert_count":0,"request_count":1,"received_data":432683,"sent_data":435,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"api.lixstreamingcaio.com","ip":{"addr":"104.21.21.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-04-29","domain_rank":492115,"first_seen":"2025-06-01T10:17:55.903035Z","last_seen":"2025-11-07T13:07:45.722936Z","alert_count":0,"request_count":6,"received_data":5969,"sent_data":3366,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"na.nawpush.com","ip":{"addr":"45.133.44.25","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2020-12-21","domain_rank":175362,"first_seen":"2020-12-23T08:18:12Z","last_seen":"2025-11-10T18:08:20.421086Z","alert_count":1,"request_count":1,"received_data":1620,"sent_data":478,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ads.google.com","ip":{"addr":"142.250.178.110","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":2062,"first_seen":"2013-08-25T13:03:13Z","last_seen":"2025-11-12T04:38:23.382162Z","alert_count":0,"request_count":1,"received_data":208,"sent_data":402,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ur.foretopheaved.com","ip":{"addr":"172.255.106.134","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-10","domain_rank":0,"first_seen":"2025-08-13T14:30:31.596497Z","last_seen":"2025-11-11T03:40:29.873803Z","alert_count":2,"request_count":1,"received_data":1420,"sent_data":429,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"29383601-36946-ex.coreadness.com","ip":{"addr":"88.208.22.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-08-28","domain_rank":0,"first_seen":"2025-11-13T06:42:08.823536Z","last_seen":"2025-11-13T06:42:08.823536Z","alert_count":0,"request_count":1,"received_data":2484,"sent_data":1396,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"bvtpk.com","ip":{"addr":"104.21.5.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-03-16","domain_rank":37068,"first_seen":"2025-05-21T11:34:02.786268Z","last_seen":"2025-11-12T04:22:12.576178Z","alert_count":0,"request_count":2,"received_data":222632,"sent_data":814,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.imaginary-flower.pro","ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-11-12T08:56:09.051181Z","last_seen":"2025-11-12T08:56:09.051181Z","alert_count":0,"request_count":2,"received_data":208222,"sent_data":922,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"nereserv.com","ip":{"addr":"116.202.204.105","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2020-12-21","domain_rank":17097,"first_seen":"2020-12-21T11:07:56Z","last_seen":"2025-11-10T18:08:20.835249Z","alert_count":4,"request_count":2,"received_data":644,"sent_data":1116,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2025-11-10T01:38:56.234977Z","alert_count":0,"request_count":1,"received_data":837,"sent_data":435,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fp.metricswpsh.com","ip":{"addr":"157.90.84.242","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2021-10-29","domain_rank":154722,"first_seen":"2022-04-22T11:20:32Z","last_seen":"2025-11-10T08:13:02.382113Z","alert_count":2,"request_count":2,"received_data":818,"sent_data":1056,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"2694316985.2c6ee0a58a.com","ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2025-10-14","domain_rank":0,"first_seen":"2025-11-13T02:10:39.885234Z","last_seen":"2025-11-13T02:10:39.885234Z","alert_count":1,"request_count":1,"received_data":345,"sent_data":839,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"js.wpadmngr.com","ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2021-06-02","domain_rank":77954,"first_seen":"2021-06-02T14:43:46Z","last_seen":"2025-11-10T23:36:10.670505Z","alert_count":1,"request_count":1,"received_data":146781,"sent_data":422,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"driverhugoverblown.com","ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"domain_registered":"2025-03-12","domain_rank":75021,"first_seen":"2025-03-30T06:27:07.780857Z","last_seen":"2025-11-09T15:26:26.516171Z","alert_count":0,"request_count":4,"received_data":163649,"sent_data":3022,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"p2yn.com","ip":{"addr":"139.45.195.12","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2022-03-18","domain_rank":40878,"first_seen":"2025-04-23T09:18:49.672335Z","last_seen":"2025-11-09T15:29:38.003583Z","alert_count":4,"request_count":2,"received_data":1658,"sent_data":1186,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-11-09T22:15:57.703898Z","alert_count":0,"request_count":1,"received_data":18927,"sent_data":452,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"sm.luxsmab.com","ip":{"addr":"104.18.48.8","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-04-29","domain_rank":492434,"first_seen":"2025-06-06T00:49:08.423003Z","last_seen":"2025-11-08T01:23:40.240723Z","alert_count":0,"request_count":2,"received_data":2506195,"sent_data":1085,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"js.capndr.com","ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2021-08-30","domain_rank":156902,"first_seen":"2021-08-30T12:51:01Z","last_seen":"2025-11-11T02:47:59.061319Z","alert_count":2,"request_count":2,"received_data":96144,"sent_data":845,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"accuratephrase.com","ip":{"addr":"188.72.219.35","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2024-08-07","domain_rank":440697,"first_seen":"2024-08-17T02:04:15Z","last_seen":"2025-11-07T06:03:28.77592Z","alert_count":0,"request_count":2,"received_data":39562,"sent_data":1062,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.tapioni.com","ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-05-27","domain_rank":177570,"first_seen":"2021-07-01T10:46:55Z","last_seen":"2025-11-10T10:16:06.538577Z","alert_count":5,"request_count":5,"received_data":942898,"sent_data":2067,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"lz.faenasturbit.com","ip":{"addr":"172.241.53.182","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-06-20","domain_rank":0,"first_seen":"2025-09-26T02:41:00.932867Z","last_seen":"2025-11-07T06:04:46.516221Z","alert_count":0,"request_count":1,"received_data":1489,"sent_data":430,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"bereave.onelinevideo.com","ip":{"addr":"47.253.93.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"domain_registered":"2025-04-21","domain_rank":486265,"first_seen":"2025-06-06T00:49:08.421363Z","last_seen":"2025-11-07T13:07:45.724361Z","alert_count":0,"request_count":2,"received_data":492,"sent_data":1046,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.videyd.com","ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-05-19","domain_rank":259694,"first_seen":"2025-07-12T00:39:41.964715Z","last_seen":"2025-11-11T12:54:11.428936Z","alert_count":0,"request_count":8,"received_data":2896737,"sent_data":4160,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"driverhugoverblown.com/get/2081141?id=2081141\u0026jp=_clxlanxqpxudzurfzfxzws\u0026dr=49\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.634-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=4yeIDWfaHR0cHM6Ly93d3cudmlkZXlkLmNvbS9lL0VURFIxWk9BP2x2MT12aWRleXByby5zaXRl\u0026afid=678490976950784\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026dto=2\u0026pload=2718\u0026rlp=%5B0%2C22%2C275%2C206%2C66722%2C11907%2C5620%2C11484%2C1%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026uf=0","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"1d5e3e38e9b7e6378e6f9a60d6020d68","sha1":"10813da5cf948415835045fc970ab50ddae63d59","sha256":"ecf448a1367a471f2ad495da390a7d247e648a8043065b0c947039bcfb0d390e","sha512":"1036435ea7138e68820f1f6b9e112f89d2137ff748425afda20fc60e1ce8167e6b81cedd91c7371fb6606a3a91ae1a4e2988642a58fce42896399fc303688af2","ssdeep":"","tlshash":"ae6184e4e08eb1b44d7dbb180677ff1818c2285ac9635406c0249d75d0c8c775eeeade","size":3275,"data":"","first_seen":"2025-11-13T06:42:14.228753Z","last_seen":"2025-11-13T06:42:14.228753Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.videyd.com/assets/main-DZzRK3LC-1762936680624.js","fqdn":"www.videyd.com","domain":"videyd.com","tld":"com"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5f7d0ffb2273287a2dc1d70f4daf11cb","sha1":"e0db0cfb625e498bfee9e3506c0a9b1b20150b80","sha256":"c7ae471ad67d1d14c1128a41cda8f406fdf8ae23e9f99202765c6edf8bde7d7c","sha512":"faf488f37a0c64c1394d94926fb35bd4390ac05bba7841df37ae03a16146a16d1fcbc6fab15fc80d061a1c9f51f00a9b0a3d4c43aaaec9c343ccd0bb23ddb012","ssdeep":"1536:dA5Au4drIFf+HrSvylBzD8jHqPFfnBJC2MyPok8Zsbg0zsqOTSQ5OFsFx4fNP4Pt:dAr4CFf+HkAyH0/NPBQ5ugP+Ne3Fh","tlshash":"21a38eed502d8e3df86609c5783a9534b828366bf928c8c1f0fe3c125b94d8459ab7dd","size":103317,"data":"","first_seen":"2025-11-12T22:10:15.64044Z","last_seen":"2025-11-14T02:12:46.72159Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.videyd.com/assets/vendor-chunks-OPaeN_P5-1762936680624.js","fqdn":"www.videyd.com","domain":"videyd.com","tld":"com"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"50d712bd0033f3622be3eb62bdf0ee37","sha1":"7e591c03cc188d65f46a25ff5547db7bb0d09633","sha256":"ac0d86604f2c0c30aa4a18d5e06d2d3971a3d22720676e860cdcb7775b0c7ead","sha512":"d075c1f6396bf475ae51a6ac8a3cf243b01f5f524a0e0b768d2a733ccb8c6a80191abba6e7cda7975ff5335eb0536f67f530b11eb6bed8a0e1173ca8c83e4618","ssdeep":"24576:TLgcTD3IaDerXpsBbIw98z6CS2dSG6MIIsPGiUcWFYMKduqC6:TscTD3IaDerXpsBbIw98z6Cz6MIIsPGK","tlshash":"b7454cd972a67062879361a4503f1207723a7d16248cc05cf63bf9ea2eb8d09647bf7d","size":1270326,"data":"","first_seen":"2025-11-03T21:11:09.356347Z","last_seen":"2025-11-19T23:14:59.417113Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"104.21.5.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"591efce4afde1d9210c2db3ad6a0b5a1","sha1":"3c903bef225b8bc6f730fdda4508935c0b8bdffe","sha256":"fa09cc05a83063ac906665bcb8d54917827c01940295bf5445d7c0180aab25b6","sha512":"bcc94c4b749ce802720f4f79e6f6fdaf6f593d17aef48f3d5d5438c1663a0809b9da6218344a9d10082a55a57c1d207f5cb9941de8759042d8800360771f006d","ssdeep":"3072:e2+gQaEJ1XvWwmUNYj0S0BE33BvHxB+E8v:3+DdXvWwmUiYS0C3xvHGZ","tlshash":"73b319da22666459126f402405abec0d75ae8c81048dcd78f0e5fc762d78f26e3f7be9","size":110117,"data":"","first_seen":"2025-11-12T17:53:45.689689Z","last_seen":"2025-11-13T09:58:50.478315Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accuratephrase.com/cqDJ9V6rb.2U5jl/S/WDQM9WN/jHY/4OOCD-kf3/NqiV0j2_NDjKgH4cODTtce3l","fqdn":"accuratephrase.com","domain":"accuratephrase.com","tld":"com"},"ip":{"addr":"188.72.219.35","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"55b648f30163269fdd24f989bb19836c","sha1":"36c634a8279b0218b8a254181678a16039ff8ee8","sha256":"f8ccee2908e9e26f7e876b8c32e540d1b796f0aa3435c96c0ba455f1f3c22f39","sha512":"3ca43dd8861f5c16c0986dca685e6c494787c6cad7dea3b0ec37a395eeaec2afc713b7c2a200bfc1f27f6694528420c9e9adf2a18d5e0c4931e5754df6b66e69","ssdeep":"768:QZhdZg7J02MLfTF9dFaQpp8JY29c6SboEBkleZ2YoOcLhCgPTgLg0oDEiG82ImpT:QZ1g7JQLqQpp8Jr9c6SboEBkleZ2qcLK","tlshash":"1103b7c8b1c3642642ea507d713f7208b23a54655429b028bc7dc8e5bc79e8f8577bbe","size":38258,"data":"","first_seen":"2025-11-13T06:42:14.245166Z","last_seen":"2025-11-13T06:42:14.245166Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.capndr.com/popunder-admanager/build.m.js","fqdn":"js.capndr.com","domain":"capndr.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9fcd0ce6da93385c2aae7faae9ee533d","sha1":"4e81cc0eb5a5e4a80ac043722254a206a2467d21","sha256":"044cbb4a44b387749d187da88b0888e8ff2da383ca1bf3bf8390752a90aa322d","sha512":"877349afc430e39cd8267d0f2c544022abd64568136237d5f8ba8aa0bf90138755fad1b45c30e34e530f757291b27924da67f4f040146f5c75b06aa012ff52b8","ssdeep":"768:ubVWcprcLsdOKo/+PDPfVal3ATlP8JnU2qbJ/XSURcq3TG9sh8sf2x22Zf4dsU9w:WkmOK1Nh8J0/tddEf","tlshash":"899318cdb7d2b07043b765ba902f151ab33f2a09b809441cf969d9d138ad84e9327f79","size":95357,"data":"","first_seen":"2025-11-10T18:08:30.272513Z","last_seen":"2026-04-10T08:08:30.486685Z","times_seen":309,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/vast-im.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ef71e3a5fcdca2418129fff7f4e54e50","sha1":"10aee0abfddbfb0a11737088d393d5fe88ba24c0","sha256":"d685cc4df641365217ddcc69a3efcf9a6ad8b1535125dffd0a9df95bc0f46882","sha512":"a4951a72b5fef052521f78900f47c405563dfcb8c729a66c638eefb675dc50f2175433308dd2228118ff250944954d65abbc5a8b7f067937d922be440aa3007f","ssdeep":"3072:StY4dFHJC/KyWM8exrt9pGW18MHy3rxXqkPj92La7/rK/cJs83h3f2g:IdFg/KBeNt9j6JEkPj9iB/cy83h3fP","tlshash":"3a64a3c9b6c6b0a543e7b0b8403f520ef276a955b44ac9c0e266e9d1ac7c94e5037f7c","size":315377,"data":"","first_seen":"2025-11-10T18:08:30.221651Z","last_seen":"2025-11-25T08:32:30.006114Z","times_seen":106,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"36946.phidonatome.com/4/js/260941","fqdn":"36946.phidonatome.com","domain":"phidonatome.com","tld":"com"},"ip":{"addr":"88.208.22.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"ef1eba048701dba38ddb7236210e9372","sha1":"fbeea08f0dba6cf7877dd92088be0d216846a7d9","sha256":"7567672152bfcc34ff4dbce28ca700334e7b92055ae403e5ec3bd38686dc300b","sha512":"4d614e7ae5b50cb702aa4a26055c644c6d36fc126af366bfeff05836e9f986cd0bf74d4161830140f8026d342be80bfde30ab46c35bea0e38b824b3a080badf2","ssdeep":"768:Hq5mbr/4nqZVnyTPxVC2/R3hMwsZwJmvnDY87bBZzBPZvzXRb7iGqj:KUyxnufF3qj","tlshash":"40e22a95f996703443f7087a403f511af3361a94789e8460da2b95822c66f8b837bf7d","size":31404,"data":"","first_seen":"2025-11-13T06:42:14.231137Z","last_seen":"2025-11-13T06:42:14.231137Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lz.faenasturbit.com/sSB8ld39qI9j8pgT/130607","fqdn":"lz.faenasturbit.com","domain":"faenasturbit.com","tld":"com"},"ip":{"addr":"172.241.53.182","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"f7a2939527fd9e68723da600e96d76bd","sha1":"a9e717b6364d2895ee0a716050db32ca0ef1bb42","sha256":"d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a","sha512":"e6956ec633c76eb3ebc408528f950b81373238cd1d5b9fff5ddd97089ea14a1ff5934f23769bac5d93cc4cdb6a1fbc4ce69baebfb940a55d8a7a89caccaf92b5","ssdeep":"","tlshash":"ec300000003000000000000000000000000c0000000000000000000000000c00000000","size":5,"data":"","first_seen":"2023-03-07T01:14:39Z","last_seen":"2026-04-21T08:35:36.779348Z","times_seen":14009,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/on.js","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"e47aec8e510e5165897d0be483eaee0a","sha1":"38149e2de75fb0746389ed3cb4b0ce1c14e61064","sha256":"435516b41b71dc6480bde7b2986f9bcfa9256f8ddeecc2711f376a02f4a28175","sha512":"cf1f2d8b3ed8b8187355fd92f4e2d73f208ed80c5747762503813e12f13f6840cb7dbc898a098ba759135da48a51a62f21dd8c9a2fac5e4589ab23ebd6dbaf41","ssdeep":"1536:O1SNwWZPsz4mACVnM79vCmVrFcB3m3/MY6QCME5RXj8zdhUF6qeM2Iq1LWy4Bsx1:O1SNxm48C60kpRDaN0ssRKY6","tlshash":"f9e396afb6812c33424e94ae643f9d0fa72597e1a89c400cc473f1963e7a576c261ef5","size":155901,"data":"","first_seen":"2025-11-12T14:55:39.098756Z","last_seen":"2025-11-13T06:42:14.257094Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.imaginary-flower.pro/ecc874/937d343a2f19.js","fqdn":"www.imaginary-flower.pro","domain":"imaginary-flower.pro","tld":"pro"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"48c3653f997ba87b7ea5b2e85287eb97","sha1":"bcaa21e2b5668b68b823c05ec1d579707466def8","sha256":"d0decd7cadd1fc1cda622cd49facf38829c27ea0a50ebd990fcf80794a56824a","sha512":"70ecfd9405f6494e0aadbf5cdfc59d80e8066949d2c5b1e9e77bfd070c01431a82085a12145f4ad987dc2743231009141e549ec374708f35c3e2afccc6dccc50","ssdeep":"1536:rM+iZ3YOYuyx6PUQwRxcs8P3nhkQ8vL7T7Q6eGozzwVEnHzHRbPvx:OijxEQq3P5Enne9zkWHLf","tlshash":"7ea33461350b64fd2ad0c1e7eb6b20886c295810e469cca1ecd1d7c7d6eb8e3429b5f7","size":103680,"data":"","first_seen":"2025-11-12T08:56:16.316174Z","last_seen":"2025-11-14T06:59:41.088918Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","fqdn":"www.videyd.com","domain":"videyd.com","tld":"com"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"20c32381f2958704dbda31cb9899e749","sha1":"0d1f76bf765e0b54db0c3b4c5e52a593c00122d2","sha256":"289167e4f6166260213381fc3fcdabb568382bd426fb4774a2bd57fc4469cbef","sha512":"a0f4ae95a388456981c5f0b99af0f6fea7f1bd845a413b3ab910ba2c7dac1e9f4d3eec0f542a28a8034ea6bb849a466ad2d22beb0abdf5f0955400a37d99e7dc","ssdeep":"","tlshash":"b4c022b465a89030001800a9307bc6ad3830300865927084889d781c9a70ed30452c64","size":188,"data":"","first_seen":"2025-10-30T14:32:25.979508Z","last_seen":"2025-11-19T23:14:59.414178Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/ip-push.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3b4d2cef2d654ba5b8451f3274d2eec2","sha1":"bc0ccbcae68a88da5dbf353cd189aead463ddb9d","sha256":"8702933a72df2217e6c61d654f4494fe0b7814c4eed13205b52e6d024559e93d","sha512":"e64660c80c8580f2302fc44f2ee4162682f4ba80896fd60b1d03b2cc67d0c11d0e7bba180d2034baa52cbcd02ae9330e68f021f8fbeb0eaad970ae2e9fc5dafe","ssdeep":"1536:gmQEWeFL35kTTLy8UFV5tl2NuZ8UnbyVqb0IjzYrOpwQ4:XQEWeFWTTLy8mJHZ8mq","tlshash":"efd3628dbbc1b5a106a37064023f540af2b73a54b48fc8c0f669d5e06e7e94f6167e2d","size":134332,"data":"","first_seen":"2025-11-10T18:08:30.266138Z","last_seen":"2025-11-25T01:12:43.431593Z","times_seen":87,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","fqdn":"www.videyd.com","domain":"videyd.com","tld":"com"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c4b39905819a02943aab42aaa3ace049","sha1":"397c25ba91f8946c07fcd15b85dde33073d13cc0","sha256":"56b98849a8c00948afc8281671da6d0955145a28b9cab57cb3f3cb67803dc520","sha512":"45185272dd93386022e633bba5581ebd898db3eae1dac640eaab69d546c0f1037b10c423e2b94e8383cf196255c6fa96b4374e9ecad48cd30475491950b1e7c9","ssdeep":"","tlshash":"10c08ca82aab4c7110f73a428fbf21057016a3132090cd313e0eb6848f34e2bda94808","size":190,"data":"","first_seen":"2025-08-29T08:56:06.9123Z","last_seen":"2026-02-02T17:50:52.010918Z","times_seen":319,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","fqdn":"www.videyd.com","domain":"videyd.com","tld":"com"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"21c18bdf0b85cac648181b0fda8c2f35","sha1":"ac5e740cd3011e645d4d92f117699d743b819acb","sha256":"264638badeb5ca45bdabf7ea2e8407322bd8e210d07745d0fcee6b3a5aff3b69","sha512":"7ed4d29f1178a5f105a4ebd39f646fdbe9cfb5e467c6e271661e2b8a8d3a1bb97afaaf988136ec3531a181b422271ae43b0c99178447974fb9c4d602b153d143","ssdeep":"","tlshash":"33e06f9a0c025060865b607b833d8b0cb022a1038435d040b4ace04f3f20fca9c2ff78","size":383,"data":"","first_seen":"2025-10-30T14:32:25.97671Z","last_seen":"2025-11-16T06:53:30.779829Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/check.html","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":true,"md5":"8f2e0cd22b41fa7c9212af0b11f449d3","sha1":"6c552632a2eeaa712496444594c3e8c68eadbbb0","sha256":"d7ca5af269e02e5109a61ef55df0196e2206204d6c742daba5a153defc097fda","sha512":"c90bb9984fc0b2a5374129cb10fc509e937ba565063e2530578430fb0329f8058c145c914de139fa166d8530cfff9799a8c78aa1ad2752d9ec72e24c0fed477c","ssdeep":"","tlshash":"d201685934f5684d5127b630255b22182d32a40325cbd94efb2cdb301f825a7eca8aef","size":762,"data":"","first_seen":"2025-03-07T08:34:13.499254Z","last_seen":"2026-03-04T07:06:03.173543Z","times_seen":7245,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.wpadmngr.com/static/adManager.js","fqdn":"js.wpadmngr.com","domain":"wpadmngr.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b2f0972afc8bc1fe3b080eb543a86b47","sha1":"ab71ef7d872e2a44f4aef851853fdf259f2fd746","sha256":"8c001a2bddac6af4af1e5aedba188d8fd9fd355208562fea36994d1418aadc68","sha512":"449884607fa6eb4ce120b484a0f3da066fa83bdc5f3bc14eb656d96606b9b47733d67876887b9218582b71d6b7445d8e55eab7adec3fc2463f2d6cce97eb22bf","ssdeep":"1536:ZaN12toXV0jtQyFem169zKKpKf7xbAQ9c+ts4aAUOPEH9ZoxlB5RnWM8k8MdnCjH:5Pemo9GqK9coDts0KnoxlTA7+da","tlshash":"78e34acdb2d2b07407e75059d83f1207b73a1a16b80c9058f6a6e9c17878dda9237f7a","size":146393,"data":"","first_seen":"2025-11-06T14:45:06.101541Z","last_seen":"2025-11-27T11:34:20.174539Z","times_seen":466,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ur.foretopheaved.com/r4xjjmZUr51mvyQ/RNklR","fqdn":"ur.foretopheaved.com","domain":"foretopheaved.com","tld":"com"},"ip":{"addr":"172.255.106.134","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"848667c49f5d3aef59cd65ed276cd7ae","sha1":"bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763","sha256":"cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8","sha512":"4248ad0e684224ba8503b1e73517aae6ffe4431cd16b7633d2ccbf4b96f845e318dbee175d19cd4676ca37353f53add2231ed167ad6c4aa0d9fe185f7359238c","ssdeep":"","tlshash":"f23000000000000000cc00000000000000000000c000000000000000000000003c0000","size":5,"data":"","first_seen":"2025-04-24T10:17:49.831301Z","last_seen":"2026-04-21T09:20:44.423433Z","times_seen":15670,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"12dd498bf90c536803c2aad708b66c2b","sha1":"5f9363d39a405d1c94328cf2303ff4a05c0ad163","sha256":"c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a","sha512":"ec593a501ebf74c092e564a1aaf0b477d3da6813c9a88f29d0d2a0db8143bdf19718ba4e6b13f64295b077ca5cb9c13460c30f9f2f35982a82597b22f79ffdd1","ssdeep":"192:l3GySZoj5oOg8pu564aEzn5nVMnyk3sBakk3cx7x0IlQV0Hf1b5SwU+ahpfex/W9:lWytjU64auV0ISjyW5RAe","tlshash":"6f82b38cb295f0b553d710b5403f910fe2366928654ec4d8f288d5ea2c7899d663bf3d","size":17908,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-20T17:11:04.360014Z","times_seen":7114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/asg_embed.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe439ed2222d8c3e4eed412da17055c3","sha1":"27808772b3210cd7fbe67dfd71ee3c0a8fa5e20c","sha256":"d9e6d2d5de74e5ef74575e3fb2ed9679c30625de9dc24551959dcb9c70064f50","sha512":"21baa7d660683e476d1d8d80b473aeaa709dcbd5a058ef8c0de1b17adc6dc477dd029ee2136b2dc9dfbd4434e1c49f133d9b83882f45207f5b1864b1ce547cd0","ssdeep":"6144:cGdO0Ur4i8d+5csa6tZylzd+2TG5vH2aj0gpt9RO+JgtOrgfAs28wzxordsQmwZ9:srOd+OYREP","tlshash":"4334a689b6c1b0a403e3a1f4016f551af277b904744ec5c2f729d9d1aeb9a0e5a27f3c","size":244907,"data":"","first_seen":"2025-11-10T10:16:11.775638Z","last_seen":"2025-11-25T12:42:17.612638Z","times_seen":150,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/users/494246?host=www.videyd.com\u0026ev=224\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fwww.videyd.com%2Fe%2FETDR1ZOA%3Flv1%3Dvideypro.site\u0026sid=79d7ab2c-fef0-4643-8d61-731f92ec9246\u0026i=1\u0026s1=1983049288540758018\u0026fs1=1\u0026url=https%3A%2F%2Fwww.videyd.com%2Fe%2FETDR1ZOA%3Flv1%3Dvideypro.site","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"introduction_type":"scriptElement","is_inline":false,"md5":"4208f93df8850e7f4d3b95fa52dc8350","sha1":"b88012aa36fe23756bed4f800df4062ac95aa2fe","sha256":"5b476ecc5392cac9c9a45b3f8135e4105d2aacb05979865d57f117317099dd5e","sha512":"a6b68be9b7a9dc531afba6c6e533351c1cffe7cfc5ad6f7d9cabe27c3011beb7b2f07eb5ff001301bf0a6e2dd7a04782d48fa7c8cf5977a6e1a3a6c91f0dfa57","ssdeep":"","tlshash":"080102c5479c55ff478850e3dd3d4fb65e8e49786755201afb74830f54ca08142a01c7","size":661,"data":"","first_seen":"2025-11-13T06:42:14.237205Z","last_seen":"2025-11-13T06:42:14.237205Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/users/494333?host=www.videyd.com\u0026ev=224\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fwww.videyd.com%2Fe%2FETDR1ZOA%3Flv1%3Dvideypro.site\u0026sid=79d7ab2c-fef0-4643-8d61-731f92ec9246\u0026i=1\u0026s1=1983049288540758018\u0026fs1=1\u0026url=https%3A%2F%2Fwww.videyd.com%2Fe%2FETDR1ZOA%3Flv1%3Dvideypro.site","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"introduction_type":"scriptElement","is_inline":false,"md5":"299ffd9d414faa822b56445f822c565d","sha1":"380a5a374fd83e6f9b2fbaa26e1a38e184e539d8","sha256":"903a6b6b52ed5775861ec954567970aaa722481d490ca9a51b92cc014b0d0268","sha512":"0255b95fabccbf859037cc22958dae1688252611e13b541ffd1fcbbee20895fc7d1284beb00dfbf036454a5433677150565257619446c7bcc2f8ceb376cc23d7","ssdeep":"","tlshash":"b601ddc1465ca9ef8b8851f3dd3d4fb26d4d49383b496016fba5931b58ca18253a0287","size":672,"data":"","first_seen":"2025-11-13T06:42:14.232614Z","last_seen":"2025-11-13T06:42:14.232614Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-FZ6E2FXG92","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"27def819b9380315ef5b8fe739e49f9f","sha1":"88187a876669edc32ddf5ad1859b2c5ef12e01d5","sha256":"4d4a47a662421cbe56625b34b469fb049c762fdaa363484bd04ecb70c4d02a8f","sha512":"05aa52952d17afa56700314ac83649c62abe8131b190b110da86d7f0b53cc11df0a86ec9bb9ea77923b3ac726aa83001ce48bcec76dc2fe4fc0962f9c945d271","ssdeep":"6144:X4Jio7CyGOsjtxj31KC2sUOJdR+rVmIQZOBZDTQ3kLQz:XO97ZGOytV1KjsmQZOH8","tlshash":"b69418de73d674265396f078502f018ba57b28a2b44cc896f1c9cde02e74a9a4277f7c","size":432079,"data":"","first_seen":"2025-11-13T06:42:14.242765Z","last_seen":"2025-11-13T06:42:14.242765Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/adgpt.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4b545479ce261f8f128bca42b01f2b48","sha1":"24a48b2711e0bdc8b80c1037760a9d6106a812c3","sha256":"8bc734c4ee2f7f3f39b1a1e7b57f483f31b108c553af0fe16bd17c7b2abe8a38","sha512":"0a1b3d7e3f89748fc6fc016db882aa8cc5b55e7576ef84f23f93409796d67900b1926385bfcec76ff2460135a2c511f1429e28c8a143af8eb6873e34afae8905","ssdeep":"","tlshash":"162165da31e0f8d213cb6956113f4009f2aa6c65157fa0d0c358cd75bcf8889a1a2faa","size":1285,"data":"","first_seen":"2025-11-10T10:16:11.78532Z","last_seen":"2025-11-25T02:54:33.370695Z","times_seen":160,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","fqdn":"www.videyd.com","domain":"videyd.com","tld":"com"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"20c32381f2958704dbda31cb9899e749","sha1":"0d1f76bf765e0b54db0c3b4c5e52a593c00122d2","sha256":"289167e4f6166260213381fc3fcdabb568382bd426fb4774a2bd57fc4469cbef","sha512":"a0f4ae95a388456981c5f0b99af0f6fea7f1bd845a413b3ab910ba2c7dac1e9f4d3eec0f542a28a8034ea6bb849a466ad2d22beb0abdf5f0955400a37d99e7dc","ssdeep":"","tlshash":"b4c022b465a89030001800a9307bc6ad3830300865927084889d781c9a70ed30452c64","size":188,"data":"","first_seen":"2025-10-30T14:32:25.979508Z","last_seen":"2025-11-19T23:14:59.414178Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"104.21.5.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"591efce4afde1d9210c2db3ad6a0b5a1","sha1":"3c903bef225b8bc6f730fdda4508935c0b8bdffe","sha256":"fa09cc05a83063ac906665bcb8d54917827c01940295bf5445d7c0180aab25b6","sha512":"bcc94c4b749ce802720f4f79e6f6fdaf6f593d17aef48f3d5d5438c1663a0809b9da6218344a9d10082a55a57c1d207f5cb9941de8759042d8800360771f006d","ssdeep":"3072:e2+gQaEJ1XvWwmUNYj0S0BE33BvHxB+E8v:3+DdXvWwmUiYS0C3xvHGZ","tlshash":"73b319da22666459126f402405abec0d75ae8c81048dcd78f0e5fc762d78f26e3f7be9","size":110117,"data":"","first_seen":"2025-11-12T17:53:45.689689Z","last_seen":"2025-11-13T09:58:50.478315Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/asg_embed.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe439ed2222d8c3e4eed412da17055c3","sha1":"27808772b3210cd7fbe67dfd71ee3c0a8fa5e20c","sha256":"d9e6d2d5de74e5ef74575e3fb2ed9679c30625de9dc24551959dcb9c70064f50","sha512":"21baa7d660683e476d1d8d80b473aeaa709dcbd5a058ef8c0de1b17adc6dc477dd029ee2136b2dc9dfbd4434e1c49f133d9b83882f45207f5b1864b1ce547cd0","ssdeep":"6144:cGdO0Ur4i8d+5csa6tZylzd+2TG5vH2aj0gpt9RO+JgtOrgfAs28wzxordsQmwZ9:srOd+OYREP","tlshash":"4334a689b6c1b0a403e3a1f4016f551af277b904744ec5c2f729d9d1aeb9a0e5a27f3c","size":244907,"data":"","first_seen":"2025-11-10T10:16:11.775638Z","last_seen":"2025-11-25T12:42:17.612638Z","times_seen":150,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/spots/494334?s1=1983049288540758018\u0026fs1=1\u0026i=1\u0026url=https%3A%2F%2Fwww.videyd.com%2Fe%2FETDR1ZOA%3Flv1%3Dvideypro.site\u0026sid=79d7ab2c-fef0-4643-8d61-731f92ec9246","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"introduction_type":"scriptElement","is_inline":false,"md5":"a0bdd949b6735024b20d991e1322aee8","sha1":"c1391b2bfac455c3b81fe297a1aacd42663a54c8","sha256":"3774d5328f791da6b07aab7ec0f4c382c8283a159570e6053e40a55bd4a7f3c7","sha512":"9725bc70f9830bf2fcbdfe89f9acb828081f0ac52330184a1645aff87408777518936e2e052c9455974ba4396e23d72cbc0631b19fbb5c323d7d34df4e5132cc","ssdeep":"","tlshash":"48517584d6e86316f62710b0dd7acb9f555ea24192198075eeb726aac3cc64c067128a","size":2572,"data":"","first_seen":"2025-11-13T06:42:14.255106Z","last_seen":"2025-11-13T06:42:14.255106Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"bereave.onelinevideo.com/moire/calibre/eclipse","fqdn":"bereave.onelinevideo.com","domain":"onelinevideo.com","tld":"com"},"ip":{"addr":"47.253.93.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:45.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bereave.onelinevideo.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 21 Apr 2025 00:00:00 GMT","end":"Mon, 20 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E0:8E:3E:B2:04:D3:F1:8E:24:9D:86:3A:9E:82:A4:F5:45:3F:D1:AD","sha256":"92:99:82:77:56:12:E5:7A:6F:E4:9E:E1:33:D0:ED:6E:11:A4:AF:65:E4:1A:60:B9:75:F8:9B:59:74:D7:01:8B"}}},"request":{"raw":"POST /moire/calibre/eclipse HTTP/1.1\r\nHost: bereave.onelinevideo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.videyd.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 919\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: no-store\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with no line terminators","md5":"9a9ea2c0ba0ee114869965dfee4c4071","sha1":"c69b702b31d29048c1d2b821dd9b108e101bb9b4","sha256":"ce2d5eb324fa73a7f92b42caf2fa5f1742d8f1237813d1170007b296a6006358","sha512":"d0894b9d44fab093a7f92999ec4f5015dd959f3d7c4aedbeb4699f22cff5c82bd7f010e5ffda4b9f42009adaeef98dea65b24b4a54291372b87751cfe54b1f22","ssdeep":"","tlshash":"7c800450150445c41c5c00401053cd1f3775004143c305005450d51511300574344510","first_seen":"2025-11-13T06:42:14.227775Z","last_seen":"2025-11-13T06:42:14.227775Z","times_seen":1,"resource_available":false,"data":null}},"time_used":959,"timings":{"blocked":426,"dns":58,"connect":118,"send":0,"wait":109,"receive":0,"ssl":245},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/get/2081141?id=2081141\u0026jp=_clxlanxqpxudzurfzfxzws\u0026dr=49\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.634-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=4yeIDWfaHR0cHM6Ly93d3cudmlkZXlkLmNvbS9lL0VURFIxWk9BP2x2MT12aWRleXByby5zaXRl\u0026afid=678490976950784\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026dto=2\u0026pload=2718\u0026rlp=%5B0%2C22%2C275%2C206%2C66722%2C11907%2C5620%2C11484%2C1%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026uf=0","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:47.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"driverhugoverblown.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:57 GMT","end":"Wed, 21 Jan 2026 14:23:56 GMT"},"fingerprint":{"sha1":"AB:39:B2:8C:70:D6:0B:38:B0:1E:73:99:51:2D:35:30:EA:6B:4A:70","sha256":"86:18:14:14:6C:52:E9:C3:AC:03:AF:10:49:19:37:24:9D:9A:36:E6:1A:05:C8:1C:8E:69:BE:53:1E:CE:6F:65"}}},"request":{"raw":"GET /get/2081141?id=2081141\u0026jp=_clxlanxqpxudzurfzfxzws\u0026dr=49\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.634-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=4yeIDWfaHR0cHM6Ly93d3cudmlkZXlkLmNvbS9lL0VURFIxWk9BP2x2MT12aWRleXByby5zaXRl\u0026afid=678490976950784\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026dto=2\u0026pload=2718\u0026rlp=%5B0%2C22%2C275%2C206%2C66722%2C11907%2C5620%2C11484%2C1%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026uf=0 HTTP/1.1\r\nHost: driverhugoverblown.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nCookie: cart=1; cart_p=2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 13 Nov 2025 06:41:47 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-route-id: config\r\nset-cookie: CHCK=1; Path=/; Expires=Thu, 17 Dec 2026 06:41:47 GMT; Secure; SameSite=None\nPTS=; Path=/; Expires=Thu, 17 Dec 2026 06:41:47 GMT; Secure; SameSite=None\nUID=25111301417979151f17b340cbbb250366f4; Path=/; Expires=Thu, 17 Dec 2026 06:41:47 GMT; Secure; SameSite=None\r\ncontent-encoding: gzip\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3275,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (3275), with no line terminators","md5":"1d5e3e38e9b7e6378e6f9a60d6020d68","sha1":"10813da5cf948415835045fc970ab50ddae63d59","sha256":"ecf448a1367a471f2ad495da390a7d247e648a8043065b0c947039bcfb0d390e","sha512":"1036435ea7138e68820f1f6b9e112f89d2137ff748425afda20fc60e1ce8167e6b81cedd91c7371fb6606a3a91ae1a4e2988642a58fce42896399fc303688af2","ssdeep":"","tlshash":"ae6184e4e08eb1b44d7dbb180677ff1818c2285ac9635406c0249d75d0c8c775eeeade","first_seen":"2025-11-13T06:42:14.228753Z","last_seen":"2025-11-13T06:42:14.228753Z","times_seen":1,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.videyd.com/assets/vendor-chunks-OPaeN_P5-1762936680624.js","fqdn":"www.videyd.com","domain":"videyd.com","tld":"com"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:44.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"videyd.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 01:20:20 GMT","end":"Wed, 11 Feb 2026 02:18:02 GMT"},"fingerprint":{"sha1":"52:63:3C:87:C3:70:CB:53:B8:56:10:73:02:F4:01:00:7E:03:88:F7","sha256":"A0:53:8F:A1:44:00:BA:49:12:62:04:2D:5B:D9:CA:A5:BD:4E:B3:F2:75:7C:8E:13:1C:82:1B:83:53:51:78:DA"}}},"request":{"raw":"GET /assets/vendor-chunks-OPaeN_P5-1762936680624.js HTTP/1.1\r\nHost: www.videyd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:44 GMT\r\ncontent-type: application/x-javascript\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A7737600BB19578AA0FBA272B\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 12 Nov 2025 08:38:12 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2587891\r\nvia: EU-IRL-dublin-EDGE2-CACHE4[6],EU-IRL-dublin-EDGE2-CACHE5[0,TCP_HIT,4],EU-IRL-dublin-GLOBAL1-CACHE17[3],EU-IRL-dublin-GLOBAL1-CACHE19[0,TCP_HIT,2]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 2652e0753656866e3ba15327293a5033\r\nnginx-hit: 1\r\nage: 0\r\ncontent-encoding: br\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"50d712bd0033f3622be3eb62bdf0ee37\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mSFzLs5aHCAqyD7Ey2RxYkPJ8SmLJ9SNwye4%2B7pD0lyQNJSj79gumvmfwXyIVWyTpwFykHn1fXR0rwj2dM7CxobIuJWYIabKYxQjdlwO\"}]}\r\ncf-ray: 99dc48ff7ede23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1270326,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (37925)","md5":"d5ffa44357e80f1c65fe87c30587f50b","sha1":"49a1b3fff2091d1562aa749bccd4c98a4cd4ed15","sha256":"966cc679f98dd01db5c608878ab396b5825fdcfbe3264cd2f00989ae989c64ca","sha512":"324ae875fa279ce79883c0ce2e7c6e6eb6fb740c232bee33e83c8734e73a4a89856d3e8ed9d544f98139564b8df901ee315833ef562df7b88f94eb6701e8b4a6","ssdeep":"24576:TLgcTD3IaDerXpsBbIw98z6CS2dSG6MIIsPGiUcWFYMKduqC8:TscTD3IaDerXpsBbIw98z6Cz6MIIsPGs","tlshash":"26254bd932a6706287d361a4503f5207723a7d16248cc45cf63af9ea2eb8d09647bf7c","first_seen":"2025-11-03T21:11:09.309439Z","last_seen":"2026-01-18T18:49:56.054383Z","times_seen":122,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":53,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.videyd.com/favicon.ico","fqdn":"www.videyd.com","domain":"videyd.com","tld":"com"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:44.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"videyd.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 01:20:20 GMT","end":"Wed, 11 Feb 2026 02:18:02 GMT"},"fingerprint":{"sha1":"52:63:3C:87:C3:70:CB:53:B8:56:10:73:02:F4:01:00:7E:03:88:F7","sha256":"A0:53:8F:A1:44:00:BA:49:12:62:04:2D:5B:D9:CA:A5:BD:4E:B3:F2:75:7C:8E:13:1C:82:1B:83:53:51:78:DA"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.videyd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site\r\nCookie: _ga_FZ6E2FXG92=GS2.1.s1763016103$o1$g0$t1763016103$j60$l0$h0; _ga=GA1.1.705463368.1763016103\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:45 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1a%2Bj4hXJKdhJQQk2esyyMKo8jsfBAx0mhddYnyJJ%2FGQdrR%2B2dg%2Bo5X%2BEt88Xumy0T%2BEq7IZbuhuCXrbmNm1ca5LQ8Z%2B2lNOONMqLVNZq\"}]}\r\npriority: u=6,i=?0\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A77372D1FB014DFD932A9244B\r\ncontent-encoding: br\r\nlast-modified: Wed, 12 Nov 2025 08:38:12 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nvia: EA-SGP-EDGE7-CACHE13[2],EA-SGP-EDGE7-CACHE4[0,TCP_HIT,0],EA-SGP-GLOBAL1-CACHE23[3],EA-SGP-GLOBAL1-CACHE10[0,TCP_HIT,1]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 452697472cc633166c26268466b79378\r\nage: 79410\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 99dc49000ee123eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":2018,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a019eb53c9bbd06625b52c894ad6b06f","sha1":"9deb40b58c3d0c0a8f6324d245ac0dedb0dfc012","sha256":"13769f77824e041a6cc98cd29d24db339aafa99db896bc66c4428f5aad24c2d2","sha512":"581f5b01d254b052caf5a937f14bdafa3a553ac27b696fb473ce26bfed59d3e8019542a3ba9b6a29219fcd61401e75a98a8bfdd541b7fb84f8322de28b729821","ssdeep":"","tlshash":"504131472de3884465209a556fe2f1286d56f2438f49e99471ee7238cf81b83ccc38b8","first_seen":"2025-11-12T22:10:15.644814Z","last_seen":"2025-11-14T02:12:46.688681Z","times_seen":9,"resource_available":false,"data":null}},"time_used":538,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":538,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"36946.phidonatome.com/4/js/260941","fqdn":"36946.phidonatome.com","domain":"phidonatome.com","tld":"com"},"ip":{"addr":"88.208.22.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.phidonatome.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 10 Nov 2025 09:13:10 GMT","end":"Sun, 08 Feb 2026 09:13:09 GMT"},"fingerprint":{"sha1":"D1:79:EC:D3:41:C5:94:89:05:BD:DF:2C:EA:FE:0D:E3:B2:42:25:47","sha256":"44:7D:1E:F2:C0:52:2F:E1:0F:B3:A0:98:03:B5:E2:57:13:66:36:49:33:A6:9D:B4:E1:45:A3:41:BB:EA:43:CE"}}},"request":{"raw":"GET /4/js/260941 HTTP/1.1\r\nHost: 36946.phidonatome.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-length: 11318\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 86400\r\nreferrer-policy: unsafe-url\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory\r\naccept-ch-lifetime: 31536000\r\nset-cookie: _ccid=16161551749767758709; expires=Mon, 13 Nov 2028 06:41:46 GMT; domain=phidonatome.com; path=/; HttpOnly; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31404,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (31404), with no line terminators","md5":"ef1eba048701dba38ddb7236210e9372","sha1":"fbeea08f0dba6cf7877dd92088be0d216846a7d9","sha256":"7567672152bfcc34ff4dbce28ca700334e7b92055ae403e5ec3bd38686dc300b","sha512":"4d614e7ae5b50cb702aa4a26055c644c6d36fc126af366bfeff05836e9f986cd0bf74d4161830140f8026d342be80bfde30ab46c35bea0e38b824b3a080badf2","ssdeep":"768:Hq5mbr/4nqZVnyTPxVC2/R3hMwsZwJmvnDY87bBZzBPZvzXRb7iGqj:KUyxnufF3qj","tlshash":"40e22a95f996703443f7087a403f511af3361a94789e8460da2b95822c66f8b837bf7d","first_seen":"2025-11-13T06:42:14.231137Z","last_seen":"2025-11-13T06:42:14.231137Z","times_seen":1,"resource_available":true,"data":null}},"time_used":158,"timings":{"blocked":48,"dns":3,"connect":17,"send":0,"wait":28,"receive":1,"ssl":58},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ntvpforever.com/keywords","fqdn":"ntvpforever.com","domain":"ntvpforever.com","tld":"com"},"ip":{"addr":"116.202.204.105","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:47.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 02:00:40 GMT","end":"Sat, 24 Jan 2026 02:00:39 GMT"},"fingerprint":{"sha1":"2B:72:A9:3F:14:00:92:B9:05:AC:BC:3B:22:CB:D9:87:80:23:C8:3D","sha256":"60:5B:BA:7E:5F:7A:B1:E0:55:4D:4C:29:EA:C7:21:68:37:AF:03:5B:A7:3D:15:98:F1:65:96:AB:4A:3E:17:3B"}}},"request":{"raw":"OPTIONS /keywords HTTP/1.1\r\nHost: ntvpforever.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.videyd.com/\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx/1.24.0\r\ndate: Thu, 13 Nov 2025 06:41:47 GMT\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T10:33:46.692209Z","times_seen":14011623,"resource_available":true,"data":null}},"time_used":170,"timings":{"blocked":67,"dns":5,"connect":25,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/users/494333?host=www.videyd.com\u0026ev=224\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fwww.videyd.com%2Fe%2FETDR1ZOA%3Flv1%3Dvideypro.site\u0026sid=79d7ab2c-fef0-4643-8d61-731f92ec9246\u0026i=1\u0026s1=1983049288540758018\u0026fs1=1\u0026url=https%3A%2F%2Fwww.videyd.com%2Fe%2FETDR1ZOA%3Flv1%3Dvideypro.site","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 06 Nov 2025 23:28:43 GMT","end":"Wed, 04 Feb 2026 23:28:42 GMT"},"fingerprint":{"sha1":"66:4E:04:65:51:00:00:6F:45:5C:CD:BC:6C:DD:60:70:78:C4:D0:F8","sha256":"57:1A:C5:4F:7F:E6:61:6B:64:F0:82:6B:5F:1D:34:EC:2B:4C:B2:39:E0:5B:C9:DE:A4:CA:BD:76:ED:3E:9A:61"}}},"request":{"raw":"GET /api/users/494333?host=www.videyd.com\u0026ev=224\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fwww.videyd.com%2Fe%2FETDR1ZOA%3Flv1%3Dvideypro.site\u0026sid=79d7ab2c-fef0-4643-8d61-731f92ec9246\u0026i=1\u0026s1=1983049288540758018\u0026fs1=1\u0026url=https%3A%2F%2Fwww.videyd.com%2Fe%2FETDR1ZOA%3Flv1%3Dvideypro.site HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nCookie: nauid=1Ty1PzsVVD84eF3VDd1k\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 13 Nov 2025 06:41:47 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-robots-tag: noindex, nofollow\r\ncache-control: private\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":672,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (362)","md5":"299ffd9d414faa822b56445f822c565d","sha1":"380a5a374fd83e6f9b2fbaa26e1a38e184e539d8","sha256":"903a6b6b52ed5775861ec954567970aaa722481d490ca9a51b92cc014b0d0268","sha512":"0255b95fabccbf859037cc22958dae1688252611e13b541ffd1fcbbee20895fc7d1284beb00dfbf036454a5433677150565257619446c7bcc2f8ceb376cc23d7","ssdeep":"","tlshash":"b601ddc1465ca9ef8b8851f3dd3d4fb26d4d49383b496016fba5931b58ca18253a0287","first_seen":"2025-11-13T06:42:14.232614Z","last_seen":"2025-11-13T06:42:14.232614Z","times_seen":1,"resource_available":true,"data":null}},"time_used":323,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":323,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v2/s/home/resources/ETDR1ZOA","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"104.21.21.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:45.254Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 09:33:43 GMT","end":"Wed, 21 Jan 2026 10:32:28 GMT"},"fingerprint":{"sha1":"4B:56:A4:B4:FD:CC:C3:10:87:7C:9D:AF:AA:DD:15:76:A6:A6:24:82","sha256":"47:9F:6B:6B:87:90:3E:BD:D7:80:43:FF:15:2C:13:C1:55:79:08:46:0A:9F:49:69:9F:4A:06:B8:50:C5:B3:3A"}}},"request":{"raw":"POST /v2/s/home/resources/ETDR1ZOA HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.videyd.com/\r\nContent-Type: application/json\r\nX-Stream-L1: videypro.site\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:45 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.videyd.com\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nx-xbox-platform: streaming\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rxjM6n7LmJAgVKEdIQNoTaKyVdRRV%2Bsnfut0xwyVR9jSsIxLJ7hIBjD%2F%2FsiBn6ZL1cOhcpk%2BIIewOJ%2Bb41ZY4d143UfVaE%2BOvEVwVJV4%2F4FRAy4AQtyr6A%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 99dc4901afd1a41f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":572,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"cae3e7904f12cdae6a655b5674c0f280","sha1":"7da76115b90c0bfa9396de5a187a7a54c00b9ffb","sha256":"95bd5c7c76560e6355fe4f3ed6f9a24600497e760ef2aab21835d1d97a2e6d98","sha512":"4303ac3d0e44468e4078556385078f389b8e9bdd59d092ab5b089bfde1be556efda53cec2292f533c6e01b641ad98c0fff4d3a3102f6eff404899cf167fd267e","ssdeep":"","tlshash":"7df0ebe71a20d0839bd070869e0b6a079219e246a4db088fccd3d70cc0b90e23a8438f","first_seen":"2025-11-13T06:42:14.233553Z","last_seen":"2025-11-13T06:42:14.233553Z","times_seen":1,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.videyd.com/assets/icon-L3kzdSYP-1762936680624.png","fqdn":"www.videyd.com","domain":"videyd.com","tld":"com"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"videyd.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 01:20:20 GMT","end":"Wed, 11 Feb 2026 02:18:02 GMT"},"fingerprint":{"sha1":"52:63:3C:87:C3:70:CB:53:B8:56:10:73:02:F4:01:00:7E:03:88:F7","sha256":"A0:53:8F:A1:44:00:BA:49:12:62:04:2D:5B:D9:CA:A5:BD:4E:B3:F2:75:7C:8E:13:1C:82:1B:83:53:51:78:DA"}}},"request":{"raw":"GET /assets/icon-L3kzdSYP-1762936680624.png HTTP/1.1\r\nHost: www.videyd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site\r\nCookie: _ga_FZ6E2FXG92=GS2.1.s1763016103$o1$g0$t1763016103$j60$l0$h0; _ga=GA1.1.705463368.1763016103\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 12350\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A77376B20B19F7FACC216653C\r\netag: \"37e3e456df677e380ab34f5e0043db7d\"\r\nlast-modified: Wed, 12 Nov 2025 08:38:11 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nvia: EU-FRA-marseille-EDGE3-CACHE19[3],EU-FRA-marseille-EDGE3-CACHE8[0,TCP_HIT,2],EU-IRL-dublin-GLOBAL1-CACHE14[5],EU-IRL-dublin-GLOBAL1-CACHE11[0,TCP_HIT,0]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 3f9861a27fe256ce4ad9dc0e78d4b47e\r\nnginx-hit: 1\r\nage: 3565\r\nx-ccdn-expires: 2588435\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0xbKXy9DT9YDB86rEkDWozPXKXwed3H5074LUAw5aWdxx5Y0UPT%2FrRKfowUrAL3Fk1uoJqHIf1GhTuQHkfpzVgphMp1%2FvFIQlp5D8X34\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 99dc49070f7a23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12350,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGB, non-interlaced","md5":"37e3e456df677e380ab34f5e0043db7d","sha1":"64ad1b4cca68328e5d987582f76ae59ea79a2d63","sha256":"0d8d6d6357c54934d059569ec6bd54e03b1f0ebad04ace58f8af20a88c2ea8a1","sha512":"7850cd6a4b9fe0cf8b0f1c07851fa283d4929e8d03e2c860470d89b621fbc3147a83812facd7f6b51b2fcc1bafb3cafabae9694077b9497bf7570c83983a273e","ssdeep":"192:whxxxL8uzJHxhnGn6dm0rrkV5Hm1qjDbPU6tbNi/esZtkcJ7Pzx0Xqh8:whxxxlRxhI6Zy5G1uDA+bNetvhVc08","tlshash":"dc429df7d9287f5827e17b23bad19a22f0ed40ae92056004f5da45b757393c8c046e93","first_seen":"2025-06-18T09:39:56.944198Z","last_seen":"2026-02-27T13:27:16.34167Z","times_seen":398,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.imaginary-flower.pro/ecc874/937d343a2f19.js","fqdn":"www.imaginary-flower.pro","domain":"imaginary-flower.pro","tld":"pro"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.imaginary-flower.pro","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 12 Nov 2025 07:03:12 GMT","end":"Tue, 10 Feb 2026 07:03:11 GMT"},"fingerprint":{"sha1":"DE:3A:C5:95:87:2C:BF:7A:D1:4A:DD:BA:D3:B3:D5:43:8B:F1:F1:91","sha256":"55:60:FC:56:6A:C7:10:20:F5:E5:D8:07:10:B6:6D:65:31:76:E1:93:F0:98:70:53:86:FB:1B:BE:C9:88:6E:7B"}}},"request":{"raw":"GET /ecc874/937d343a2f19.js HTTP/1.1\r\nHost: www.imaginary-flower.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: text/plain\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: Content-Type\r\ncache-control: max-age=172800\r\ncontent-encoding: gzip\r\nexpires: Sat, 15 Nov 2025 06:41:46 GMT\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":103680,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"48c3653f997ba87b7ea5b2e85287eb97","sha1":"bcaa21e2b5668b68b823c05ec1d579707466def8","sha256":"d0decd7cadd1fc1cda622cd49facf38829c27ea0a50ebd990fcf80794a56824a","sha512":"70ecfd9405f6494e0aadbf5cdfc59d80e8066949d2c5b1e9e77bfd070c01431a82085a12145f4ad987dc2743231009141e549ec374708f35c3e2afccc6dccc50","ssdeep":"1536:rM+iZ3YOYuyx6PUQwRxcs8P3nhkQ8vL7T7Q6eGozzwVEnHzHRbPvx:OijxEQq3P5Enne9zkWHLf","tlshash":"7ea33461350b64fd2ad0c1e7eb6b20886c295810e469cca1ecd1d7c7d6eb8e3429b5f7","first_seen":"2025-11-12T08:56:16.316174Z","last_seen":"2025-11-14T06:59:41.088918Z","times_seen":29,"resource_available":true,"data":null}},"time_used":277,"timings":{"blocked":119,"dns":71,"connect":19,"send":0,"wait":38,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nereserv.com/in/dip?event_id=b130794a-7db7-4f19-8e1b-9fc10c68eece\u0026subid=1450210302\u0026spot_id=1457063\u0026created_at=2025-11-13\u0026timezone=0\u0026ver=1.170.1","fqdn":"nereserv.com","domain":"nereserv.com","tld":"com"},"ip":{"addr":"116.202.204.105","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:48.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 02:00:40 GMT","end":"Sat, 24 Jan 2026 02:00:39 GMT"},"fingerprint":{"sha1":"2B:72:A9:3F:14:00:92:B9:05:AC:BC:3B:22:CB:D9:87:80:23:C8:3D","sha256":"60:5B:BA:7E:5F:7A:B1:E0:55:4D:4C:29:EA:C7:21:68:37:AF:03:5B:A7:3D:15:98:F1:65:96:AB:4A:3E:17:3B"}}},"request":{"raw":"GET /in/dip?event_id=b130794a-7db7-4f19-8e1b-9fc10c68eece\u0026subid=1450210302\u0026spot_id=1457063\u0026created_at=2025-11-13\u0026timezone=0\u0026ver=1.170.1 HTTP/1.1\r\nHost: nereserv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0\r\ndate: Thu, 13 Nov 2025 06:41:48 GMT\r\ncontent-length: 0\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T10:33:46.692209Z","times_seen":14011623,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","fqdn":"www.videyd.com","domain":"videyd.com","tld":"com"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-13T06:41:42.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"videyd.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 01:20:20 GMT","end":"Wed, 11 Feb 2026 02:18:02 GMT"},"fingerprint":{"sha1":"52:63:3C:87:C3:70:CB:53:B8:56:10:73:02:F4:01:00:7E:03:88:F7","sha256":"A0:53:8F:A1:44:00:BA:49:12:62:04:2D:5B:D9:CA:A5:BD:4E:B3:F2:75:7C:8E:13:1C:82:1B:83:53:51:78:DA"}}},"request":{"raw":"GET /e/ETDR1ZOA?lv1=videypro.site HTTP/1.1\r\nHost: www.videyd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:42 GMT\r\ncontent-type: text/html\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A773B50C9B19E7725A625A0F1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FZH2VPgothKsXXiGxr8EbqwP0N%2BXJrhAmi80Tu%2FRXkaDyHBlk38vUEeaKiw2DTwV%2FfX%2FU%2F2qrZeZ3JoWOQBKBxY4NTGEzcVMxFnJ8A%3D%3D\"}]}\r\nlast-modified: Wed, 12 Nov 2025 08:38:12 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2513199\r\nvia: EU-ESP-madrid-AREA1-CACHE4[3],EU-ESP-madrid-AREA1-CACHE4[0,TCP_HIT,3],EU-IRL-dublin-GLOBAL1-CACHE16[5],EU-IRL-dublin-GLOBAL1-CACHE19[0,TCP_HIT,3]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 71742e292f080da32b08207e33610eec\r\nnginx-hit: 1\r\nage: 78801\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 99dc48ef4e3ab512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":2018,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a019eb53c9bbd06625b52c894ad6b06f","sha1":"9deb40b58c3d0c0a8f6324d245ac0dedb0dfc012","sha256":"13769f77824e041a6cc98cd29d24db339aafa99db896bc66c4428f5aad24c2d2","sha512":"581f5b01d254b052caf5a937f14bdafa3a553ac27b696fb473ce26bfed59d3e8019542a3ba9b6a29219fcd61401e75a98a8bfdd541b7fb84f8322de28b729821","ssdeep":"","tlshash":"504131472de3884465209a556fe2f1286d56f2438f49e99471ee7238cf81b83ccc38b8","first_seen":"2025-11-12T22:10:15.644814Z","last_seen":"2025-11-14T02:12:46.688681Z","times_seen":9,"resource_available":false,"data":null}},"time_used":445,"timings":{"blocked":25,"dns":0,"connect":1,"send":0,"wait":395,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v2/s/assets/f?id=7aa2fc92-567e-45f0-a42f-3fb3c375be10\u0026uid=1983049288540758018","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"104.21.21.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:45.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 09:33:43 GMT","end":"Wed, 21 Jan 2026 10:32:28 GMT"},"fingerprint":{"sha1":"4B:56:A4:B4:FD:CC:C3:10:87:7C:9D:AF:AA:DD:15:76:A6:A6:24:82","sha256":"47:9F:6B:6B:87:90:3E:BD:D7:80:43:FF:15:2C:13:C1:55:79:08:46:0A:9F:49:69:9F:4A:06:B8:50:C5:B3:3A"}}},"request":{"raw":"OPTIONS /v2/s/assets/f?id=7aa2fc92-567e-45f0-a42f-3fb3c375be10\u0026uid=1983049288540758018 HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.videyd.com/\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:45 GMT\r\ncontent-length: 0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.videyd.com\r\naccess-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE\r\naccess-control-allow-headers: content-type\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q6W5BLguxDslVU0TgyEgBMCmzdh3cynYwWnovGao1hp3EWYTzX3bJhkztNS95BYYpTAiuB9aP9y8rUxpBpr4J9s0Yo4YIb1iHU2PM%2BSgiN6lRvmLv1bboQ%3D%3D\"}]}\r\ncf-ray: 99dc490368fba41f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T10:33:46.692209Z","times_seen":14011623,"resource_available":true,"data":null}},"time_used":209,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p2yn.com/5/10111173/?oo=1\u0026js_build=iclick-v1.1616.0\u0026userId=0802807b00154958f44916a16e45970e\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=0","fqdn":"p2yn.com","domain":"p2yn.com","tld":"com"},"ip":{"addr":"139.45.195.12","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:45.882Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"p2yn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Sep 2025 05:27:55 GMT","end":"Sun, 28 Dec 2025 05:27:54 GMT"},"fingerprint":{"sha1":"3A:5A:0E:B8:A9:06:87:BA:DC:58:BC:E1:AE:2A:E3:CB:58:5D:59:7D","sha256":"27:5C:19:3A:05:81:0F:0E:62:D4:C2:B2:7E:E1:93:86:B8:9F:2C:9D:90:0B:A5:AE:52:48:27:FE:CA:75:F4:5E"}}},"request":{"raw":"POST /5/10111173/?oo=1\u0026js_build=iclick-v1.1616.0\u0026userId=0802807b00154958f44916a16e45970e\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=0 HTTP/1.1\r\nHost: p2yn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2635\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Thu, 13 Nov 2025 06:41:45 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://www.videyd.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T10:33:46.692209Z","times_seen":14011623,"resource_available":true,"data":null}},"time_used":219,"timings":{"blocked":95,"dns":10,"connect":26,"send":0,"wait":29,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/postscribe/2.0.8/postscribe.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 5117\r\ncf-ray: 99dc4907c8e15a0f-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03faa-45f4\"\r\nlast-modified: Mon, 04 May 2020 16:15:38 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 97988\r\nexpires: Tue, 03 Nov 2026 06:41:46 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=mRUBP59njx6mWLZC9we0jdnJ6%2Fmdx%2FxpkKH0B1Tz6ffDaGqpU3nbsIFC8t%2BW5EuIjZm8bIIk%2Blh51CeNATOa4CsiE6zuxVe1ofl8E4UHQlDjxpN5PMUd2xxGOddTrcllKyq6f3j%2F\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17908,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (17660)","md5":"12dd498bf90c536803c2aad708b66c2b","sha1":"5f9363d39a405d1c94328cf2303ff4a05c0ad163","sha256":"c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a","sha512":"ec593a501ebf74c092e564a1aaf0b477d3da6813c9a88f29d0d2a0db8143bdf19718ba4e6b13f64295b077ca5cb9c13460c30f9f2f35982a82597b22f79ffdd1","ssdeep":"192:l3GySZoj5oOg8pu564aEzn5nVMnyk3sBakk3cx7x0IlQV0Hf1b5SwU+ahpfex/W9:lWytjU64auV0ISjyW5RAe","tlshash":"6f82b38cb295f0b553d710b5403f910fe2366928654ec4d8f288d5ea2c7899d663bf3d","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-20T17:11:04.360014Z","times_seen":7114,"resource_available":true,"data":null}},"time_used":56,"timings":{"blocked":18,"dns":0,"connect":6,"send":0,"wait":15,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sm.luxsmab.com/xbox-streaming/1983049288540758018/307be80f-fd8c-458e-a98a-d2e2d87ee8f1.mp4","fqdn":"sm.luxsmab.com","domain":"luxsmab.com","tld":"com"},"ip":{"addr":"104.18.48.8","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"luxsmab.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Oct 2025 04:00:36 GMT","end":"Wed, 14 Jan 2026 05:00:30 GMT"},"fingerprint":{"sha1":"A6:4A:9F:7E:AE:10:91:65:EE:0B:9B:83:C2:A5:D2:6F:0E:BE:B7:22","sha256":"68:F7:74:BD:17:BD:50:EE:18:62:75:7B:62:20:04:6A:A1:11:F6:00:43:C6:67:5C:B5:C8:20:5D:D5:31:58:CA"}}},"request":{"raw":"GET /xbox-streaming/1983049288540758018/307be80f-fd8c-458e-a98a-d2e2d87ee8f1.mp4 HTTP/1.1\r\nHost: sm.luxsmab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 2414416\r\ncf-ray: 99dc4907d8ba4c11-OSL\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A7387DB3BB19720E60E0D932C\r\netag: \"f67860f14d785d813a068309a80678af-1\"\r\nlast-modified: Mon, 10 Nov 2025 13:29:50 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-origin-time: 406\r\nvia: EU-FRA-marseille-EDGE3-CACHE18[617],EU-FRA-marseille-EDGE3-CACHE16[613,TCP_MISS,616],EU-IRL-dublin-GLOBAL1-CACHE14[585],EU-IRL-dublin-GLOBAL1-CACHE2[406,TCP_MISS,585]\r\nx-hcs-proxy-type: 0\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 4a5dd0347295ad9d6ed0aaf964616b08\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncf-cache-status: HIT\r\nage: 19672\r\nexpires: Thu, 13 Nov 2025 10:41:46 GMT\r\ncache-control: public, max-age=14400\r\ncontent-range: bytes 0-2414415/2414416\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":2414416,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"e8e4d20bf5c96bb44bf5e563ce6b3390","sha1":"a284beffb3019b316146d21ccf598427b758e85d","sha256":"3591936f1a6b6bfee23bebada83a5f72d593c67b6833e5859802927a01e4bee8","sha512":"cf45bd0f5c1cd7c38a1a57e35851a793770682c5e2ad3f2ccb41b6eac863b38cc19b1f998b2fdf190614af1d1dab8ba061f4f7bd20f89aac76e8dc69e4689de0","ssdeep":"24576:7bEpCLUkagNNdKfMFg8RnvVB6HTF9BnlmOIvl5dxymQ1tH:3EpCLdagNNYzCvVoZ0hl5dxyDF","tlshash":"2625125a9bf2d994d91b423cd6eb830432b8e574d117c32b8776f83e387679c5ca8029","first_seen":"2025-11-13T06:42:14.236301Z","last_seen":"2025-11-13T06:42:14.236301Z","times_seen":1,"resource_available":false,"data":null}},"time_used":383,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":367,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.capndr.com/advertising.js","fqdn":"js.capndr.com","domain":"capndr.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"js.capndr.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Oct 2025 02:32:03 GMT","end":"Sun, 11 Jan 2026 02:32:02 GMT"},"fingerprint":{"sha1":"4F:91:E2:5E:A1:B1:4D:7F:49:01:1E:73:C6:07:EB:0A:BE:44:4C:44","sha256":"7B:0D:8E:03:0E:6E:23:65:30:3D:E8:FC:0C:E7:66:46:E2:5B:7F:FA:FD:D2:FF:61:4C:A4:18:08:24:70:51:6B"}}},"request":{"raw":"GET /advertising.js HTTP/1.1\r\nHost: js.capndr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 0\r\nserver: nginx/1.18.0\r\nlast-modified: Fri, 14 Jul 2023 08:23:25 GMT\r\netag: \"64b105fd-0\"\r\nexpires: Thu, 13 Nov 2025 06:46:46 GMT\r\ncache-control: max-age=300\r\nx-cdn-host-id: AH1742\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T10:33:46.692209Z","times_seen":14011623,"resource_available":true,"data":null}},"time_used":176,"timings":{"blocked":74,"dns":32,"connect":21,"send":0,"wait":21,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"js.capndr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/users/494246?host=www.videyd.com\u0026ev=224\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fwww.videyd.com%2Fe%2FETDR1ZOA%3Flv1%3Dvideypro.site\u0026sid=79d7ab2c-fef0-4643-8d61-731f92ec9246\u0026i=1\u0026s1=1983049288540758018\u0026fs1=1\u0026url=https%3A%2F%2Fwww.videyd.com%2Fe%2FETDR1ZOA%3Flv1%3Dvideypro.site","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 06 Nov 2025 23:28:43 GMT","end":"Wed, 04 Feb 2026 23:28:42 GMT"},"fingerprint":{"sha1":"66:4E:04:65:51:00:00:6F:45:5C:CD:BC:6C:DD:60:70:78:C4:D0:F8","sha256":"57:1A:C5:4F:7F:E6:61:6B:64:F0:82:6B:5F:1D:34:EC:2B:4C:B2:39:E0:5B:C9:DE:A4:CA:BD:76:ED:3E:9A:61"}}},"request":{"raw":"GET /api/users/494246?host=www.videyd.com\u0026ev=224\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fwww.videyd.com%2Fe%2FETDR1ZOA%3Flv1%3Dvideypro.site\u0026sid=79d7ab2c-fef0-4643-8d61-731f92ec9246\u0026i=1\u0026s1=1983049288540758018\u0026fs1=1\u0026url=https%3A%2F%2Fwww.videyd.com%2Fe%2FETDR1ZOA%3Flv1%3Dvideypro.site HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nCookie: nauid=1Ty1PzsVVD84eF3VDd1k\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-robots-tag: noindex, nofollow\r\ncache-control: private\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":661,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (351)","md5":"4208f93df8850e7f4d3b95fa52dc8350","sha1":"b88012aa36fe23756bed4f800df4062ac95aa2fe","sha256":"5b476ecc5392cac9c9a45b3f8135e4105d2aacb05979865d57f117317099dd5e","sha512":"a6b68be9b7a9dc531afba6c6e533351c1cffe7cfc5ad6f7d9cabe27c3011beb7b2f07eb5ff001301bf0a6e2dd7a04782d48fa7c8cf5977a6e1a3a6c91f0dfa57","ssdeep":"","tlshash":"080102c5479c55ff478850e3dd3d4fb65e8e49786755201afb74830f54ca08142a01c7","first_seen":"2025-11-13T06:42:14.237205Z","last_seen":"2025-11-13T06:42:14.237205Z","times_seen":1,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026dsh=S1662825339:1763016107927638\u0026ifkv=ARESoU2oTIQAFtYYUqjT-HKmt05eDVD5KrKx2KNmx4rdGJPeHHlTmir70J0qA6yZUQVC7oQvVYVLYg","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:47.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:52 GMT","end":"Mon, 19 Jan 2026 08:35:51 GMT"},"fingerprint":{"sha1":"95:94:D2:A2:42:3D:9B:2F:BB:65:03:35:EA:85:1D:B6:C0:BB:E5:07","sha256":"53:9A:55:C8:25:B4:4A:38:C0:A9:FD:A8:38:B3:FD:CA:8E:7E:1F:2A:79:A9:52:76:8C:00:7C:7B:96:1E:45:33"}}},"request":{"raw":"GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026dsh=S1662825339:1763016107927638\u0026ifkv=ARESoU2oTIQAFtYYUqjT-HKmt05eDVD5KrKx2KNmx4rdGJPeHHlTmir70J0qA6yZUQVC7oQvVYVLYg HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: __Host-GAPS=1:1G8VCqyGRg7sJK3T-I3mEBVTtLCAJg:RIdHcqQtFQ3ookXs;Path=/;Expires=Sat, 13-Nov-2027 06:41:47 GMT;Secure;HttpOnly;Priority=HIGH\r\nx-frame-options: DENY\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Thu, 13 Nov 2025 06:41:47 GMT\r\nlocation: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026dsh=S1662825339%3A1763016107927638\u0026hl=en\u0026ifkv=ARESoU1cOrnO29ylYCu3DCquW62tQX3yTpm_TsWfIdIldY16WYpqp3hzuBbtvyFH6PN_oo_Zw0UwYg\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_gse_qebhlk\"\r\nreport-to: {\"group\":\"coop_gse_qebhlk\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gse_qebhlk\"}]}\r\ncontent-security-policy: script-src 'nonce-5W8_n4dmc4VcokaHmys5Jw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 416\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T10:33:46.692209Z","times_seen":14011623,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.videyd.com/assets/vendor-chunks-OPaeN_P5-1762936680624.js","fqdn":"www.videyd.com","domain":"videyd.com","tld":"com"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:44.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"videyd.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 01:20:20 GMT","end":"Wed, 11 Feb 2026 02:18:02 GMT"},"fingerprint":{"sha1":"52:63:3C:87:C3:70:CB:53:B8:56:10:73:02:F4:01:00:7E:03:88:F7","sha256":"A0:53:8F:A1:44:00:BA:49:12:62:04:2D:5B:D9:CA:A5:BD:4E:B3:F2:75:7C:8E:13:1C:82:1B:83:53:51:78:DA"}}},"request":{"raw":"GET /assets/vendor-chunks-OPaeN_P5-1762936680624.js HTTP/1.1\r\nHost: www.videyd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/assets/main-DZzRK3LC-1762936680624.js\r\nCookie: _ga_FZ6E2FXG92=GS2.1.s1763016103$o1$g0$t1763016103$j60$l0$h0; _ga=GA1.1.705463368.1763016103\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:44 GMT\r\ncontent-type: application/x-javascript\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A7737600BB19578AA0FBA272B\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 12 Nov 2025 08:38:12 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2587891\r\nvia: EU-IRL-dublin-EDGE2-CACHE4[6],EU-IRL-dublin-EDGE2-CACHE5[0,TCP_HIT,4],EU-IRL-dublin-GLOBAL1-CACHE17[3],EU-IRL-dublin-GLOBAL1-CACHE19[0,TCP_HIT,2]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 2652e0753656866e3ba15327293a5033\r\nnginx-hit: 1\r\nage: 4109\r\ncontent-encoding: br\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\netag: W/\"50d712bd0033f3622be3eb62bdf0ee37\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fB5l6pDV9XjO5syQi6PZIskz27HF849CP3PDNrXS2ZeXKxTIrtbvalPnTBYSeshPzX9yT76aP5eGXkKU9twxUdyEDfzZ7RCOKtweUcuo\"}]}\r\ncf-ray: 99dc48fd2ea823eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1270326,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (37925)","md5":"d5ffa44357e80f1c65fe87c30587f50b","sha1":"49a1b3fff2091d1562aa749bccd4c98a4cd4ed15","sha256":"966cc679f98dd01db5c608878ab396b5825fdcfbe3264cd2f00989ae989c64ca","sha512":"324ae875fa279ce79883c0ce2e7c6e6eb6fb740c232bee33e83c8734e73a4a89856d3e8ed9d544f98139564b8df901ee315833ef562df7b88f94eb6701e8b4a6","ssdeep":"24576:TLgcTD3IaDerXpsBbIw98z6CS2dSG6MIIsPGiUcWFYMKduqC8:TscTD3IaDerXpsBbIw98z6Cz6MIIsPGs","tlshash":"26254bd932a6706287d361a4503f5207723a7d16248cc45cf63af9ea2eb8d09647bf7c","first_seen":"2025-11-03T21:11:09.309439Z","last_seen":"2026-01-18T18:49:56.054383Z","times_seen":122,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":185,"receive":46,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v1/user/gray/rules/check","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"104.21.21.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:45.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 09:33:43 GMT","end":"Wed, 21 Jan 2026 10:32:28 GMT"},"fingerprint":{"sha1":"4B:56:A4:B4:FD:CC:C3:10:87:7C:9D:AF:AA:DD:15:76:A6:A6:24:82","sha256":"47:9F:6B:6B:87:90:3E:BD:D7:80:43:FF:15:2C:13:C1:55:79:08:46:0A:9F:49:69:9F:4A:06:B8:50:C5:B3:3A"}}},"request":{"raw":"OPTIONS /v1/user/gray/rules/check HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.videyd.com/\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:45 GMT\r\ncontent-length: 0\r\npriority: u=4,i=?0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.videyd.com\r\naccess-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE\r\naccess-control-allow-headers: content-type\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ll9%2B5ovFnCzvEzR4D8F4XLUnWhXpx3bJPcpPEGBX%2BZyDQdFYYCjpeW5%2FTPFnHju8cEMA6GOM4P6ojxEgAR6gjsrzHz2q2EmJ8MuXwAB1gdBFfcUW245s%2Fg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99dc4903cea535a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T10:33:46.692209Z","times_seen":14011623,"resource_available":true,"data":null}},"time_used":198,"timings":{"blocked":1,"dns":2,"connect":0,"send":0,"wait":195,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/settings/494334","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:45.935Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 06 Nov 2025 23:28:43 GMT","end":"Wed, 04 Feb 2026 23:28:42 GMT"},"fingerprint":{"sha1":"66:4E:04:65:51:00:00:6F:45:5C:CD:BC:6C:DD:60:70:78:C4:D0:F8","sha256":"57:1A:C5:4F:7F:E6:61:6B:64:F0:82:6B:5F:1D:34:EC:2B:4C:B2:39:E0:5B:C9:DE:A4:CA:BD:76:ED:3E:9A:61"}}},"request":{"raw":"GET /api/settings/494334 HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.videyd.com/\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 13 Nov 2025 06:41:45 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-robots-tag: noindex, nofollow\r\ncache-control: private\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"1be64b6d6652effba7dcf744e90def6a","sha1":"d9fbc7d1fa49fa4733f90a3739882d63972c2352","sha256":"72d79d0ad9a70ef53c1bab65c588d44bffb1a1b5aba0eb2f9f6a886c4c3aec4f","sha512":"ff1aee5b5d4ba25f4f78a0ddc80cd878856815c1ded88b32370c72bff242e73522e6aefb60fa5e53c434f10d2611dab7679152edf9321edc2b656e0265ef7006","ssdeep":"","tlshash":"408004c00dc1545410c010f4434043150103140f535c3304d41d1701147f4d17030150","first_seen":"2023-04-06T10:58:14Z","last_seen":"2026-04-21T09:39:50.221306Z","times_seen":7303,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":46,"dns":10,"connect":14,"send":0,"wait":13,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/users/494331?v2=1\u0026fill=0\u0026s1=1983049288540758018\u0026fs1=1\u0026i=1\u0026url=https%3A%2F%2Fwww.videyd.com%2Fe%2FETDR1ZOA%3Flv1%3Dvideypro.site\u0026sid=79d7ab2c-fef0-4643-8d61-731f92ec9246","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:45.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 06 Nov 2025 23:28:43 GMT","end":"Wed, 04 Feb 2026 23:28:42 GMT"},"fingerprint":{"sha1":"66:4E:04:65:51:00:00:6F:45:5C:CD:BC:6C:DD:60:70:78:C4:D0:F8","sha256":"57:1A:C5:4F:7F:E6:61:6B:64:F0:82:6B:5F:1D:34:EC:2B:4C:B2:39:E0:5B:C9:DE:A4:CA:BD:76:ED:3E:9A:61"}}},"request":{"raw":"GET /api/users/494331?v2=1\u0026fill=0\u0026s1=1983049288540758018\u0026fs1=1\u0026i=1\u0026url=https%3A%2F%2Fwww.videyd.com%2Fe%2FETDR1ZOA%3Flv1%3Dvideypro.site\u0026sid=79d7ab2c-fef0-4643-8d61-731f92ec9246 HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.videyd.com/\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: text/xml\r\nvary: Accept-Encoding\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://www.videyd.com\r\naccess-control-expose-headers: X-Asg-Config, X-t\r\nset-cookie: nauid=1Ty1PzsVVD84eF3VDd1k; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None\r\nx-robots-tag: noindex, nofollow\r\nx-t: 0\r\ncache-control: private\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":96,"size_decoded":0,"mime_type":"text/xml","magic":"XML 1.0 document, ASCII text","md5":"73d174f378b492e8958d14c2e6a9a4ec","sha1":"7d699dc411131a000b55c5e3808d6c75b443a25f","sha256":"c6f441dbb28602e988f9ae260f3f9c8556ac8d11eac13a6f997c04519267a621","sha512":"dd3c103c5a448e2e3df63dd51379b0f2225bbe5ce804402f5b13d102bd64500652eff4a136f311426d152d0068f4e9d0ce036e054b567246fb9e1a4156c0d195","ssdeep":"","tlshash":"e0b012867301b43305f16f135b24c01513783b85089d588ce8f30ad01e6440c03481ce","first_seen":"2025-09-24T04:41:31.323262Z","last_seen":"2025-11-20T22:31:42.782605Z","times_seen":115,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:47.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:52 GMT","end":"Mon, 19 Jan 2026 08:35:51 GMT"},"fingerprint":{"sha1":"95:94:D2:A2:42:3D:9B:2F:BB:65:03:35:EA:85:1D:B6:C0:BB:E5:07","sha256":"53:9A:55:C8:25:B4:4A:38:C0:A9:FD:A8:38:B3:FD:CA:8E:7E:1F:2A:79:A9:52:76:8C:00:7C:7B:96:1E:45:33"}}},"request":{"raw":"GET /ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: application/binary\r\nset-cookie: __Host-GAPS=1:8GS_YQxIx7pjIPc85Y0LYCjVyjaOZA:XP4GIZkGifnVDQ-k; Expires=Sat, 13-Nov-2027 06:41:47 GMT; Path=/; Secure; HttpOnly; Priority=HIGH\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Thu, 13 Nov 2025 06:41:47 GMT\r\nlocation: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026dsh=S1662825339:1763016107927638\u0026ifkv=ARESoU2oTIQAFtYYUqjT-HKmt05eDVD5KrKx2KNmx4rdGJPeHHlTmir70J0qA6yZUQVC7oQvVYVLYg\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-7cqPnjw75s7r4wPDY_Il0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: unsafe-none\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T10:33:46.692209Z","times_seen":14011623,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":103,"dns":0,"connect":35,"send":0,"wait":37,"receive":0,"ssl":66},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"enrtx.com/get/","fqdn":"enrtx.com","domain":"enrtx.com","tld":"com"},"ip":{"addr":"94.130.197.239","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:48.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"popunder-base.infrapu.sh","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 05 Nov 2025 02:48:33 GMT","end":"Tue, 03 Feb 2026 02:48:32 GMT"},"fingerprint":{"sha1":"DF:80:3A:A1:4E:A7:47:86:A1:5F:68:2B:5B:AF:F5:A8:BC:15:A6:70","sha256":"4D:BD:57:8F:2B:73:C5:49:EE:D9:2E:BE:D6:03:16:1E:BD:42:5D:7E:AA:12:FA:BF:8D:DF:AA:CB:5D:D0:5F:CD"}}},"request":{"raw":"POST /get/ HTTP/1.1\r\nHost: enrtx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.videyd.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1739\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.16.0\r\ndate: Thu, 13 Nov 2025 06:41:48 GMT\r\ncontent-type: application/json\r\ncontent-length: 3087\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.16.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9416,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"5ab7603ac7882d1a163964d15f1be2f6","sha1":"929c5ffb9acb3d1ae004e58427349f6ae4fb9347","sha256":"7ac746a134231fd92885ccc05427ddaefe1d098f527adcb9cb9db05671c4dce5","sha512":"5f3944ac9e239a7083c31688877e9ae855a1761ba0f45126fed45c14bc1d0e88cdb6a797278b4184a143ee1a21bd8cd0a2034d48ba43f9c97cf05b71f3f2acdb","ssdeep":"96:z4A2iDmwzhuVBytszsLhvq0meiJz6ZQaGX7YC8iIjxdy+1DYLhvq0meiJz6ZQaG6:2siytkIumHBxsmEumH6KsiytkTxs0","tlshash":"fe121843a563f8207c5dd841e5a2a238d7d7e6f7080b9c8beab74658889d35118caf28","first_seen":"2025-11-13T06:42:14.23929Z","last_seen":"2025-11-13T06:42:14.23929Z","times_seen":1,"resource_available":false,"data":null}},"time_used":420,"timings":{"blocked":86,"dns":5,"connect":25,"send":0,"wait":246,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.videyd.com/assets/main-B_bbE6ey-1762936680624.css","fqdn":"www.videyd.com","domain":"videyd.com","tld":"com"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:42.935Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"videyd.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 01:20:20 GMT","end":"Wed, 11 Feb 2026 02:18:02 GMT"},"fingerprint":{"sha1":"52:63:3C:87:C3:70:CB:53:B8:56:10:73:02:F4:01:00:7E:03:88:F7","sha256":"A0:53:8F:A1:44:00:BA:49:12:62:04:2D:5B:D9:CA:A5:BD:4E:B3:F2:75:7C:8E:13:1C:82:1B:83:53:51:78:DA"}}},"request":{"raw":"GET /assets/main-B_bbE6ey-1762936680624.css HTTP/1.1\r\nHost: www.videyd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:44 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A77373BDBB017E319B1293B1C\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 12 Nov 2025 08:38:11 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nvia: EA-HKG-EDGE2-CACHE6[4],EA-HKG-EDGE2-CACHE4[0,TCP_HIT,2],EA-HKG-GLOBAL1-CACHE24[132],EA-HKG-GLOBAL1-CACHE24[92,TCP_MISS,129]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 110ecc336482bba347fefbce53874e2b\r\nnginx-hit: 1\r\nage: 20382\r\nx-ccdn-expires: 2571618\r\ncontent-encoding: br\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\netag: W/\"2763848789ada39d8c3b831ba69fe1b4\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MfuEzUgHimV%2FZGuzIworZH737iGUYMgdWwqExrOiblxDI8AzWYzsWUMVn9x%2F%2F%2FPPBoIgYe4pEIGQfiyNAr%2F9wJwDb37f2uYYmChF%2BDhb\"}]}\r\ncf-ray: 99dc48f348e323eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":63974,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (63973)","md5":"2763848789ada39d8c3b831ba69fe1b4","sha1":"57ffd2477cbbb76806cd4922ee908595d332f307","sha256":"a0b7794d9cdb938e83a3f35b7cac8c7bc1dc726afedb722d4bd912ad44e31442","sha512":"ef75fd9f28c2fefd5521abff8cf1ea5a012cba18cbcd0a176bfaac966b15b4c63dc12c0a070083c94d71337a450534b9e59100b3889da259cf9c486e2e57e9c1","ssdeep":"1536:BSMWKbZ2v1/YVP5cgQ5qNsmbHDXEfSCZDfhTwDzfTK2HnO0iyAoP7GitdtmnyWlz:6KbZ2vmVh7Q5qNsmbHDXEfpDfhTwDzfk","tlshash":"f0538321b6174129b833b9e6e5d4ab5e31349d0ec922c7def601b52dcece395243722e","first_seen":"2025-11-12T22:10:15.657944Z","last_seen":"2025-11-14T02:12:46.724277Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1480,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1477,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v1/user/gray/rules/check","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"104.21.21.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:45.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 09:33:43 GMT","end":"Wed, 21 Jan 2026 10:32:28 GMT"},"fingerprint":{"sha1":"4B:56:A4:B4:FD:CC:C3:10:87:7C:9D:AF:AA:DD:15:76:A6:A6:24:82","sha256":"47:9F:6B:6B:87:90:3E:BD:D7:80:43:FF:15:2C:13:C1:55:79:08:46:0A:9F:49:69:9F:4A:06:B8:50:C5:B3:3A"}}},"request":{"raw":"POST /v1/user/gray/rules/check HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 259\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:45 GMT\r\ncontent-type: application/json\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=37SLqL0PIjCaPmZSfMWdiEEHzy4RsAHZeP8B%2BdDEd2bD1kn0s2GSH6gHQ7mGhfOAD%2B2k%2FmeJW1rjWSS4ciFq4%2BNO1AFm46jMxpkjmAJlN7ystppFlvy%2BcA%3D%3D\"}]}\r\npriority: u=3,i=?0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.videyd.com\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nx-xbox-platform: streaming\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99dc4904febd35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":281,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"a3ccdf4f5cc8da7a6c2caa521331e46a","sha1":"dfe98614ee3b455bca14db2eef682f1338580a8a","sha256":"017e430f25345405c1b0bfeb89dce3a8f2be65237a718e8ad7563b2e977d9b5f","sha512":"afacf3e0a96434042d8417442f5a16ed1642ffb0e964552926b6ef374bfd2cd4e2a270fd66ee6fa906a67a47e750c72731cbcae88c0189c0a51c7a0f3bbe1b24","ssdeep":"","tlshash":"34d05e7d297154ad14985152d651e9c9f78058aabf58b750c423c11f34eb0c8723d2b7","first_seen":"2025-10-16T16:52:07.242118Z","last_seen":"2025-11-20T22:31:42.767036Z","times_seen":72,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":193,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nereserv.com/in/dip?event_id=b130794a-7db7-4f19-8e1b-9fc10c68eece\u0026subid=1450210302\u0026spot_id=1457063\u0026created_at=2025-11-13\u0026timezone=0\u0026ver=1.170.1","fqdn":"nereserv.com","domain":"nereserv.com","tld":"com"},"ip":{"addr":"116.202.204.105","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:47.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 02:00:40 GMT","end":"Sat, 24 Jan 2026 02:00:39 GMT"},"fingerprint":{"sha1":"2B:72:A9:3F:14:00:92:B9:05:AC:BC:3B:22:CB:D9:87:80:23:C8:3D","sha256":"60:5B:BA:7E:5F:7A:B1:E0:55:4D:4C:29:EA:C7:21:68:37:AF:03:5B:A7:3D:15:98:F1:65:96:AB:4A:3E:17:3B"}}},"request":{"raw":"GET /in/dip?event_id=b130794a-7db7-4f19-8e1b-9fc10c68eece\u0026subid=1450210302\u0026spot_id=1457063\u0026created_at=2025-11-13\u0026timezone=0\u0026ver=1.170.1 HTTP/1.1\r\nHost: nereserv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0\r\ndate: Thu, 13 Nov 2025 06:41:47 GMT\r\ncontent-length: 0\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T10:33:46.692209Z","times_seen":14011623,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:45.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 26 Oct 2025 15:37:01 GMT","end":"Sat, 24 Jan 2026 16:36:49 GMT"},"fingerprint":{"sha1":"84:49:FF:DC:BD:D8:BA:3D:2F:25:0B:EF:CA:E4:6D:73:79:8C:F9:7D","sha256":"AF:21:94:4D:14:07:CF:FC:E5:3C:3C:F4:AC:47:9E:83:98:6A:62:87:FB:8C:27:43:25:FB:97:CC:47:15:99:4A"}}},"request":{"raw":"GET /gid.js HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:45 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://www.videyd.com\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=0802807b00154958f44916a16e45970e; expires=Fri, 13 Nov 2026 06:41:45 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 99dc49026a7f5693-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"bc0e14f9d01a51c9e028b17d3cd2f8e4","sha1":"88942c6c45f1eb4161d4a6cc0c18b2981fe24aa0","sha256":"f650d761e573088d45925c5d6a77a6c16b262d028d0e677459107dbf2fba7bed","sha512":"648ec20c7263bbbd7a9e86e6d91dce23c721fe84846ada0c8e803297cf78b786243788778d35f3bea8062f5ffa948588142cc635e22446c6dbb5928c37a0dd13","ssdeep":"","tlshash":"1aa022a80c282cea00f028000ac38f02002880c23c00030020e0c00230aa30eca033c0","first_seen":"2025-11-13T06:42:14.241345Z","last_seen":"2025-11-13T06:42:14.241345Z","times_seen":1,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":23,"dns":4,"connect":1,"send":0,"wait":42,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"na.nawpush.com/tags/349919?version_name=d\u0026domain=www.videyd.com","fqdn":"na.nawpush.com","domain":"nawpush.com","tld":"com"},"ip":{"addr":"45.133.44.25","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"na.nawpush.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Sep 2025 02:32:20 GMT","end":"Thu, 18 Dec 2025 02:32:19 GMT"},"fingerprint":{"sha1":"38:85:B2:05:59:7D:15:16:9D:87:1B:83:46:10:68:2E:DC:7C:7A:D1","sha256":"FE:22:4E:C6:6F:85:46:CA:64:38:8F:48:77:17:E8:29:0E:7C:14:27:20:EA:A9:7B:CB:5E:49:87:A6:B0:60:2F"}}},"request":{"raw":"GET /tags/349919?version_name=d\u0026domain=www.videyd.com HTTP/1.1\r\nHost: na.nawpush.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: application/json\r\nserver: nginx/1.24.0\r\ncache-control: max-age=300, public\r\nx-cdn-host-id: DS5058\r\nx-proxy-cache: EXPIRED\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1377,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"724737368dcffc174707a5a3592371fe","sha1":"5e48ba93a7a55ca212aaf5146ba93c9485f9bb55","sha256":"34b8b5e9295cb0f42deb4fc535c57fff651f9e6a303f1b805e7c672a467318ce","sha512":"33eb45afc9e96f8c90670f505d3a934f9e19e46cac083ee5bed2dc6858ab0d59e714bdbe3b142519b138f850afb4904137f7337ae2b1d40424b8453d3b8d2c7d","ssdeep":"","tlshash":"642163ec8564dcaac0c0478a84d63f4802a4327bb2c87846f4ad497815cf596092f24b","first_seen":"2025-11-07T06:04:51.467309Z","last_seen":"2025-12-08T11:58:51.137804Z","times_seen":18,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":79,"dns":29,"connect":19,"send":0,"wait":63,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"na.nawpush.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-FZ6E2FXG92","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:42.932Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:37:33 GMT","end":"Mon, 05 Jan 2026 08:37:32 GMT"},"fingerprint":{"sha1":"6D:B1:20:6C:4E:45:23:88:91:95:5C:C3:FE:0D:A8:1B:29:43:20:6A","sha256":"15:E2:87:29:F5:07:FE:12:A2:58:8F:EE:D0:AD:2A:AC:63:5D:69:08:82:23:F9:BD:90:70:9F:09:AA:7B:57:8B"}}},"request":{"raw":"GET /gtag/js?id=G-FZ6E2FXG92 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 13 Nov 2025 06:41:43 GMT\r\nexpires: Thu, 13 Nov 2025 06:41:43 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 143155\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":432079,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"27def819b9380315ef5b8fe739e49f9f","sha1":"88187a876669edc32ddf5ad1859b2c5ef12e01d5","sha256":"4d4a47a662421cbe56625b34b469fb049c762fdaa363484bd04ecb70c4d02a8f","sha512":"05aa52952d17afa56700314ac83649c62abe8131b190b110da86d7f0b53cc11df0a86ec9bb9ea77923b3ac726aa83001ce48bcec76dc2fe4fc0962f9c945d271","ssdeep":"6144:X4Jio7CyGOsjtxj31KC2sUOJdR+rVmIQZOBZDTQ3kLQz:XO97ZGOytV1KjsmQZOH8","tlshash":"b69418de73d674265396f078502f018ba57b28a2b44cc896f1c9cde02e74a9a4277f7c","first_seen":"2025-11-13T06:42:14.242765Z","last_seen":"2025-11-13T06:42:14.242765Z","times_seen":1,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":57,"dns":1,"connect":8,"send":0,"wait":32,"receive":29,"ssl":51},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v2/s/assets/f?id=7aa2fc92-567e-45f0-a42f-3fb3c375be10\u0026uid=1983049288540758018","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"104.21.21.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:45.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 09:33:43 GMT","end":"Wed, 21 Jan 2026 10:32:28 GMT"},"fingerprint":{"sha1":"4B:56:A4:B4:FD:CC:C3:10:87:7C:9D:AF:AA:DD:15:76:A6:A6:24:82","sha256":"47:9F:6B:6B:87:90:3E:BD:D7:80:43:FF:15:2C:13:C1:55:79:08:46:0A:9F:49:69:9F:4A:06:B8:50:C5:B3:3A"}}},"request":{"raw":"GET /v2/s/assets/f?id=7aa2fc92-567e-45f0-a42f-3fb3c375be10\u0026uid=1983049288540758018 HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.videyd.com/\r\nContent-Type: application/json\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:45 GMT\r\ncontent-type: application/json\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aQDIRerJ6gGDJuAOndrPEcKDDPbTRXvpqqZ6BiRRDN%2FKk4%2F60wu5raytdX5zKoTXqKwAKAKoIY3RO9GaW19WNYcG8gxwgFNdCIwNPDqXpVzPWX5iYxXuVQ%3D%3D\"}]}\r\npriority: u=4,i=?0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.videyd.com\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nx-xbox-platform: streaming\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99dc4904bebc35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":162,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"836aa6fb1b73885f932290523755cd07","sha1":"cf83576467c119672462b06fafb8afcf8ca9e0f2","sha256":"f220a26254a4d2c29816f431ccf372c85ae9e3eafd14eb66f06229ceba7811f6","sha512":"0dfd0745fb7ed13096dbfc31c384824dbcd81ba23e828000ba9d52c99c1fbb4c38f51c38efbfcce0911dd5e7426be30152079b2ab7508f2aeec7d387e65f91bb","ssdeep":"","tlshash":"8ac080645fad01a56c7014d14c91071b9927e557815e424391a299d5610e3471549054","first_seen":"2025-11-13T06:42:14.244201Z","last_seen":"2025-11-13T06:42:14.244201Z","times_seen":1,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accuratephrase.com/cqDJ9V6rb.2U5jl/S/WDQM9WN/jHY/4OOCD-kf3/NqiV0j2_NDjKgH4cODTtce3l","fqdn":"accuratephrase.com","domain":"accuratephrase.com","tld":"com"},"ip":{"addr":"188.72.219.35","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"accuratephrase.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 06:43:11 GMT","end":"Sat, 10 Jan 2026 06:43:10 GMT"},"fingerprint":{"sha1":"5C:01:82:3D:3E:91:A2:72:76:A4:E8:DA:42:F8:FD:E6:74:85:B6:CF","sha256":"70:75:DE:E9:C6:17:AD:2B:3D:6E:6A:92:30:CC:7F:07:FE:0A:01:18:13:08:46:C7:F6:A5:EE:0D:04:8E:7E:00"}}},"request":{"raw":"GET /cqDJ9V6rb.2U5jl/S/WDQM9WN/jHY/4OOCD-kf3/NqiV0j2_NDjKgH4cODTtce3l HTTP/1.1\r\nHost: accuratephrase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\npragma: no-cache\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64\r\nexpires: Mon, 26 Jul 2011 05:00:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: Content-Type\r\nlast-modified: Thu, 13 Nov 2025 06:41:46 GMT\r\naccess-control-allow-credentials: true\r\nset-cookie: uniqCookie=a2d81fb981161acfa6abc901d8e2bd89; max-age=1765608106; path=/\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38258,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22794)","md5":"55b648f30163269fdd24f989bb19836c","sha1":"36c634a8279b0218b8a254181678a16039ff8ee8","sha256":"f8ccee2908e9e26f7e876b8c32e540d1b796f0aa3435c96c0ba455f1f3c22f39","sha512":"3ca43dd8861f5c16c0986dca685e6c494787c6cad7dea3b0ec37a395eeaec2afc713b7c2a200bfc1f27f6694528420c9e9adf2a18d5e0c4931e5754df6b66e69","ssdeep":"768:QZhdZg7J02MLfTF9dFaQpp8JY29c6SboEBkleZ2YoOcLhCgPTgLg0oDEiG82ImpT:QZ1g7JQLqQpp8Jr9c6SboEBkleZ2qcLK","tlshash":"1103b7c8b1c3642642ea507d713f7208b23a54655429b028bc7dc8e5bc79e8f8577bbe","first_seen":"2025-11-13T06:42:14.245166Z","last_seen":"2025-11-13T06:42:14.245166Z","times_seen":1,"resource_available":true,"data":null}},"time_used":231,"timings":{"blocked":79,"dns":1,"connect":17,"send":0,"wait":44,"receive":0,"ssl":82},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/asg_embed.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.230Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tapioni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 10:12:45 GMT","end":"Tue, 16 Dec 2025 11:12:39 GMT"},"fingerprint":{"sha1":"53:EE:30:9F:D0:82:6E:D3:05:D7:06:C0:89:A1:7F:95:D2:E2:01:7E","sha256":"21:58:AE:A3:46:B3:6B:EB:5F:82:88:D2:99:DE:87:F2:60:5D:36:27:10:AC:28:89:4F:06:F7:18:18:B4:95:23"}}},"request":{"raw":"GET /asg_embed.js HTTP/1.1\r\nHost: cdn.tapioni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 76922\r\nserver: cloudflare\r\nlast-modified: Mon, 10 Nov 2025 10:05:03 GMT\r\nvary: Accept-Encoding\r\netag: \"6911b8cf-12c7a\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nage: 246861\r\ncf-cache-status: HIT\r\ncf-ray: 99dc4907de5cb4f3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":244907,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators","md5":"fe439ed2222d8c3e4eed412da17055c3","sha1":"27808772b3210cd7fbe67dfd71ee3c0a8fa5e20c","sha256":"d9e6d2d5de74e5ef74575e3fb2ed9679c30625de9dc24551959dcb9c70064f50","sha512":"21baa7d660683e476d1d8d80b473aeaa709dcbd5a058ef8c0de1b17adc6dc477dd029ee2136b2dc9dfbd4434e1c49f133d9b83882f45207f5b1864b1ce547cd0","ssdeep":"6144:cGdO0Ur4i8d+5csa6tZylzd+2TG5vH2aj0gpt9RO+JgtOrgfAs28wzxordsQmwZ9:srOd+OYREP","tlshash":"4334a689b6c1b0a403e3a1f4016f551af277b904744ec5c2f729d9d1aeb9a0e5a27f3c","first_seen":"2025-11-10T10:16:11.775638Z","last_seen":"2025-11-25T12:42:17.612638Z","times_seen":150,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ads.google.com/","fqdn":"ads.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.110","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.701Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adwords.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:00 GMT","end":"Mon, 19 Jan 2026 08:34:59 GMT"},"fingerprint":{"sha1":"6E:F9:B7:5D:8B:97:3D:90:88:FB:8C:FB:22:51:A1:4C:6B:20:E1:B9","sha256":"78:50:FD:35:6D:AD:FA:C3:25:ED:8D:8D:F0:29:98:89:37:20:6F:47:A7:60:87:BE:EB:71:7E:DA:4C:7D:00:2C"}}},"request":{"raw":"HEAD / HTTP/1.1\r\nHost: ads.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.videyd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"HEAD"},"response":{"raw":"HTTP/2 429 Too Many Requests\r\ncontent-length: 1103\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"429","status_text":"Too Many Requests","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T10:33:46.692209Z","times_seen":14011623,"resource_available":true,"data":null}},"time_used":395,"timings":{"blocked":74,"dns":0,"connect":16,"send":0,"wait":242,"receive":0,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fp.metricswpsh.com/fp?tag_id=349919","fqdn":"fp.metricswpsh.com","domain":"metricswpsh.com","tld":"com"},"ip":{"addr":"157.90.84.242","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:47.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"notification.tubecup.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 10 Nov 2025 11:47:47 GMT","end":"Sun, 08 Feb 2026 11:47:46 GMT"},"fingerprint":{"sha1":"05:1E:63:2F:40:1F:87:C3:0D:F0:42:C7:EA:E8:B1:D8:6F:76:7C:FC","sha256":"1C:13:0E:F6:58:8A:8C:D7:DE:1F:9F:20:D5:17:50:15:02:D5:C8:8E:39:40:68:3F:01:24:F2:73:14:BA:25:0F"}}},"request":{"raw":"POST /fp?tag_id=349919 HTTP/1.1\r\nHost: fp.metricswpsh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 1971\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 13 Nov 2025 06:41:47 GMT\r\nContent-Type: application/json; charset=UTF-8\r\nContent-Length: 58\r\nConnection: keep-alive\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Origin: https://www.videyd.com\r\nSet-Cookie: id=8871410872550195422; Expires=Fri, 13 Nov 2026 06:41:47 GMT; Secure; SameSite=None\r\nVary: Origin\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"c4efc1d6d16235d9433cd2565d887460","sha1":"22d069a5f536640e46122475c79db933e82d7f2e","sha256":"f0a6b8c736b7d8c5d3304a9ccd10d2114a0f25f2ba946cce62204df3384a131f","sha512":"af1cfe529f3173efdc7f4aff67355529095e775d8edb38d8a7c9565e09807aff470a465ffdf89ef6555f06cc88efa675823becc942896c63fa64a3140858f539","ssdeep":"","tlshash":"5ba00294c5c00e3c80200c3a73cf901628e4d304120217880ca66b5108822abe333c91","first_seen":"2025-07-26T17:44:43.174102Z","last_seen":"2026-04-21T06:59:23.7014Z","times_seen":6301,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":24,"send":0,"wait":25,"receive":0,"ssl":56},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"fp.metricswpsh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.videyd.com/assets/main-DZzRK3LC-1762936680624.js","fqdn":"www.videyd.com","domain":"videyd.com","tld":"com"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:42.933Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"videyd.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 01:20:20 GMT","end":"Wed, 11 Feb 2026 02:18:02 GMT"},"fingerprint":{"sha1":"52:63:3C:87:C3:70:CB:53:B8:56:10:73:02:F4:01:00:7E:03:88:F7","sha256":"A0:53:8F:A1:44:00:BA:49:12:62:04:2D:5B:D9:CA:A5:BD:4E:B3:F2:75:7C:8E:13:1C:82:1B:83:53:51:78:DA"}}},"request":{"raw":"GET /assets/main-DZzRK3LC-1762936680624.js HTTP/1.1\r\nHost: www.videyd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:44 GMT\r\ncontent-type: application/x-javascript\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A77373C0BB2D443ABC2E848E1\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 12 Nov 2025 08:38:11 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nvia: LA-MEX-queretaro-EDGE1-CACHE2[5],LA-MEX-queretaro-EDGE1-CACHE4[0,TCP_HIT,3],LA-MEX-mexicocity-GLOBAL1-CACHE17[4],LA-MEX-mexicocity-GLOBAL1-CACHE19[0,TCP_HIT,2]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 24925ef41df472b75088c7715f7e7bac\r\nnginx-hit: 1\r\nage: 20378\r\nx-ccdn-expires: 2571622\r\ncontent-encoding: br\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\netag: W/\"5f7d0ffb2273287a2dc1d70f4daf11cb\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Js8h2Wfu8o111OhEdhdKios9zfuOJip2nN72DjvFG44vSZIhr1N7vTqbiqz3t7pZ0M5l5N03e6OLjW%2BoZ%2Bh0E5KxqDKO0ZZKcAla35Hh\"}]}\r\ncf-ray: 99dc48f348e123eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":103317,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14304)","md5":"5f7d0ffb2273287a2dc1d70f4daf11cb","sha1":"e0db0cfb625e498bfee9e3506c0a9b1b20150b80","sha256":"c7ae471ad67d1d14c1128a41cda8f406fdf8ae23e9f99202765c6edf8bde7d7c","sha512":"faf488f37a0c64c1394d94926fb35bd4390ac05bba7841df37ae03a16146a16d1fcbc6fab15fc80d061a1c9f51f00a9b0a3d4c43aaaec9c343ccd0bb23ddb012","ssdeep":"1536:dA5Au4drIFf+HrSvylBzD8jHqPFfnBJC2MyPok8Zsbg0zsqOTSQ5OFsFx4fNP4Pt:dAr4CFf+HkAyH0/NPBQ5ugP+Ne3Fh","tlshash":"21a38eed502d8e3df86609c5783a9534b828366bf928c8c1f0fe3c125b94d8459ab7dd","first_seen":"2025-11-12T22:10:15.64044Z","last_seen":"2025-11-14T02:12:46.72159Z","times_seen":9,"resource_available":true,"data":null}},"time_used":1555,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1550,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v2/s/home/resources/ETDR1ZOA","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"104.21.21.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:44.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 09:33:43 GMT","end":"Wed, 21 Jan 2026 10:32:28 GMT"},"fingerprint":{"sha1":"4B:56:A4:B4:FD:CC:C3:10:87:7C:9D:AF:AA:DD:15:76:A6:A6:24:82","sha256":"47:9F:6B:6B:87:90:3E:BD:D7:80:43:FF:15:2C:13:C1:55:79:08:46:0A:9F:49:69:9F:4A:06:B8:50:C5:B3:3A"}}},"request":{"raw":"OPTIONS /v2/s/home/resources/ETDR1ZOA HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,x-stream-l1\r\nReferer: https://www.videyd.com/\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:45 GMT\r\ncontent-length: 0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.videyd.com\r\naccess-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE\r\naccess-control-allow-headers: content-type, x-stream-l1\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XWAe5Xiw4JfzAaAUKqGYQVlCabyWbokFMjK9WCvoDpBXE7qcGnwc4sSL%2BhdLAuekX6pasEjOgP3mO7o45hlj5f5mNC78rmtrqX%2FBXrDm37Gjv1SdCRRNvw%3D%3D\"}]}\r\ncf-ray: 99dc49005ecaa41f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T10:33:46.692209Z","times_seen":14011623,"resource_available":true,"data":null}},"time_used":280,"timings":{"blocked":30,"dns":7,"connect":1,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/ip-push.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:45.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tapioni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 10:12:45 GMT","end":"Tue, 16 Dec 2025 11:12:39 GMT"},"fingerprint":{"sha1":"53:EE:30:9F:D0:82:6E:D3:05:D7:06:C0:89:A1:7F:95:D2:E2:01:7E","sha256":"21:58:AE:A3:46:B3:6B:EB:5F:82:88:D2:99:DE:87:F2:60:5D:36:27:10:AC:28:89:4F:06:F7:18:18:B4:95:23"}}},"request":{"raw":"GET /ip-push.js HTTP/1.1\r\nHost: cdn.tapioni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:45 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 41273\r\nserver: cloudflare\r\nlast-modified: Mon, 10 Nov 2025 10:05:03 GMT\r\nvary: Accept-Encoding\r\netag: \"6911b8cf-a139\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nage: 246766\r\ncf-cache-status: HIT\r\ncf-ray: 99dc4903ec41b4f3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":134332,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65498), with no line terminators","md5":"3b4d2cef2d654ba5b8451f3274d2eec2","sha1":"bc0ccbcae68a88da5dbf353cd189aead463ddb9d","sha256":"8702933a72df2217e6c61d654f4494fe0b7814c4eed13205b52e6d024559e93d","sha512":"e64660c80c8580f2302fc44f2ee4162682f4ba80896fd60b1d03b2cc67d0c11d0e7bba180d2034baa52cbcd02ae9330e68f021f8fbeb0eaad970ae2e9fc5dafe","ssdeep":"1536:gmQEWeFL35kTTLy8UFV5tl2NuZ8UnbyVqb0IjzYrOpwQ4:XQEWeFWTTLy8mJHZ8mq","tlshash":"efd3628dbbc1b5a106a37064023f540af2b73a54b48fc8c0f669d5e06e7e94f6167e2d","first_seen":"2025-11-10T18:08:30.266138Z","last_seen":"2025-11-25T01:12:43.431593Z","times_seen":87,"resource_available":true,"data":null}},"time_used":78,"timings":{"blocked":33,"dns":9,"connect":1,"send":0,"wait":9,"receive":2,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/asg_embed.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tapioni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 10:12:45 GMT","end":"Tue, 16 Dec 2025 11:12:39 GMT"},"fingerprint":{"sha1":"53:EE:30:9F:D0:82:6E:D3:05:D7:06:C0:89:A1:7F:95:D2:E2:01:7E","sha256":"21:58:AE:A3:46:B3:6B:EB:5F:82:88:D2:99:DE:87:F2:60:5D:36:27:10:AC:28:89:4F:06:F7:18:18:B4:95:23"}}},"request":{"raw":"GET /asg_embed.js HTTP/1.1\r\nHost: cdn.tapioni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 76922\r\nserver: cloudflare\r\nlast-modified: Mon, 10 Nov 2025 10:05:03 GMT\r\nvary: Accept-Encoding\r\netag: \"6911b8cf-12c7a\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nage: 246861\r\ncf-cache-status: HIT\r\ncf-ray: 99dc4907ae45b4f3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":244907,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators","md5":"fe439ed2222d8c3e4eed412da17055c3","sha1":"27808772b3210cd7fbe67dfd71ee3c0a8fa5e20c","sha256":"d9e6d2d5de74e5ef74575e3fb2ed9679c30625de9dc24551959dcb9c70064f50","sha512":"21baa7d660683e476d1d8d80b473aeaa709dcbd5a058ef8c0de1b17adc6dc477dd029ee2136b2dc9dfbd4434e1c49f133d9b83882f45207f5b1864b1ce547cd0","ssdeep":"6144:cGdO0Ur4i8d+5csa6tZylzd+2TG5vH2aj0gpt9RO+JgtOrgfAs28wzxordsQmwZ9:srOd+OYREP","tlshash":"4334a689b6c1b0a403e3a1f4016f551af277b904744ec5c2f729d9d1aeb9a0e5a27f3c","first_seen":"2025-11-10T10:16:11.775638Z","last_seen":"2025-11-25T12:42:17.612638Z","times_seen":150,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ur.foretopheaved.com/r4xjjmZUr51mvyQ/RNklR","fqdn":"ur.foretopheaved.com","domain":"foretopheaved.com","tld":"com"},"ip":{"addr":"172.255.106.134","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ur.foretopheaved.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Sep 2025 09:56:09 GMT","end":"Sat, 13 Dec 2025 09:56:08 GMT"},"fingerprint":{"sha1":"91:AA:F1:1B:14:24:36:CD:6B:51:31:6E:5E:C4:CF:18:8E:A6:40:19","sha256":"C9:CD:6B:8D:1D:0B:25:5F:FC:34:0D:27:E0:29:A6:64:DE:36:11:67:88:AF:25:45:05:AA:32:99:35:95:94:EE"}}},"request":{"raw":"GET /r4xjjmZUr51mvyQ/RNklR HTTP/1.1\r\nHost: ur.foretopheaved.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://www.videyd.com\r\naccess-control-allow-headers: content-type, gyfr29qt4j80vdr0zhsj, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\naccess-control-max-age: 600\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nset-cookie: GL_UI4=eJw9jc1OhDAcB%2FkGddnkl%2FAA%2BwgtUtKrF1%2FBI2npn7UKdFMqq28v8eBtDjOZKIqSpka8FyekX0rgwrnsZSdaybpRqlZr2feCaSEZb8U0CTzYbQhKzxQyVNuifBjCniHXXq2mRr44Q3ONUnt338g3KbJVLYTy1Xqa3PdhqA%2FnkfLn7mC7HhwzJG5r0nOF8s2u5ijPj0g4O5%2BKCE%2B3WYXJ%2BWWwpoiRX70yhPgF1agCXZ3%2FQWlo%2BwzuBrjZDP%2F%2B3zi9c4bC0G5HQu7CO%2FlfoWNCFg%3D%3D; expires=Fri, 14-Nov-2025 06:41:46 GMT; Max-Age=86400; path=/; secure; SameSite=None\nGL_GI10=eJwViD0LglAYRu99ESGS4gGHRpdW0VLBJSTndGhoaBILEcRXrtrH1F9pb4r%2BVWtTWzacA%2BcIIcicgsoGRujaoWN7C9v1PcgClKSgvIaesDpnV0gFcpYgVWOcthVbMfd1N%2Fwc2r8hS0zWVXmxtlz1Xcl1CxoYxawaVll3hGx0Cer47%2FZgCsiTPgNVmRFtPu9Xcf8OwUY0vz33u9UD1LTQHD8IfrcSKq4%3D; expires=Fri, 14-Nov-2025 06:41:46 GMT; Max-Age=86400; path=/; secure; SameSite=None\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"848667c49f5d3aef59cd65ed276cd7ae","sha1":"bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763","sha256":"cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8","sha512":"4248ad0e684224ba8503b1e73517aae6ffe4431cd16b7633d2ccbf4b96f845e318dbee175d19cd4676ca37353f53add2231ed167ad6c4aa0d9fe185f7359238c","ssdeep":"","tlshash":"f23000000000000000cc00000000000000000000c000000000000000000000003c0000","first_seen":"2025-04-24T10:17:49.831301Z","last_seen":"2026-04-21T09:20:44.423433Z","times_seen":15670,"resource_available":true,"data":null}},"time_used":247,"timings":{"blocked":102,"dns":73,"connect":18,"send":0,"wait":21,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"ur.foretopheaved.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"ur.foretopheaved.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"29383601-36946-ex.coreadness.com/jSJDBoAwNQzhZtczvVjDLi9Mktk7qIvcL_RWPcuaG58QN5uQqtlX8s2KWtFjcsLe0tRSLvgk1f6-EbyzSOW6YhzBz6_A77iAJgkUTu92Li9lsc5I_rerQAdBza8skuGW59c01pstOp4dIQ4r9jc-gwTocJJI5kUrWg?kws=\u0026pageUri=https%3A%2F%2Fwww.videyd.com%2Fe%2FETDR1ZOA%3Flv1%3Dvideypro.site\u0026referer=\u0026bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22false%22%2C%22Win32%22%2C%22llvmpipe%22%2C%22Mozilla%22%2C%22llvmpipe%22%2C%22Mesa%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Thu%20Nov%2013%202025%2006%3A41%3A46%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22true%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D\u0026btdb=0\u0026prsl=1","fqdn":"29383601-36946-ex.coreadness.com","domain":"coreadness.com","tld":"com"},"ip":{"addr":"88.208.22.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:49.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.coreadness.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 Aug 2025 20:53:48 GMT","end":"Wed, 26 Nov 2025 20:53:47 GMT"},"fingerprint":{"sha1":"23:B4:32:83:1B:15:C9:53:CF:CD:D9:42:47:5D:A3:38:E8:71:E4:18","sha256":"E6:46:2A:D2:CC:DF:91:5D:5F:95:FF:4F:36:51:B1:DA:4F:C9:02:B3:46:ED:F3:43:13:C9:82:7B:84:6A:DB:8B"}}},"request":{"raw":"GET /jSJDBoAwNQzhZtczvVjDLi9Mktk7qIvcL_RWPcuaG58QN5uQqtlX8s2KWtFjcsLe0tRSLvgk1f6-EbyzSOW6YhzBz6_A77iAJgkUTu92Li9lsc5I_rerQAdBza8skuGW59c01pstOp4dIQ4r9jc-gwTocJJI5kUrWg?kws=\u0026pageUri=https%3A%2F%2Fwww.videyd.com%2Fe%2FETDR1ZOA%3Flv1%3Dvideypro.site\u0026referer=\u0026bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22false%22%2C%22Win32%22%2C%22llvmpipe%22%2C%22Mozilla%22%2C%22llvmpipe%22%2C%22Mesa%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Thu%20Nov%2013%202025%2006%3A41%3A46%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22true%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D\u0026btdb=0\u0026prsl=1 HTTP/1.1\r\nHost: 29383601-36946-ex.coreadness.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 13 Nov 2025 06:41:49 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: https://www.videyd.com\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 86400\r\nreferrer-policy: unsafe-url\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory\r\naccept-ch-lifetime: 31536000\r\np3p: CP=\"NOI DEVa TAIa OUR BUS UNI STA\"\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\nlast-modified: Thu, 13 Nov 2025 06:41:49 UTC\r\nexpires: Thu, 13 Nov 2025 06:41:49 UTC\r\nset-cookie: _ccid=16161551749767758709; expires=Mon, 13 Nov 2028 06:41:49 GMT; domain=coreadness.com; path=/; HttpOnly; secure; SameSite=None\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1556,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (1556), with no line terminators","md5":"0a3b4c74c82fb4af62dda80f347fedea","sha1":"7107bc6460072174943d509195b8f758b0e39132","sha256":"9120a3e5adc7b16988c29fc4157892a3cf9afd25d5a0ac47015d632d4bf8fc15","sha512":"fc4aa5bcbdec9ab0632ad4eb99cbf707223bb98afb3b32fb1e190b1ac5b27f5100389ec12d5ffcdb39639f609a64706aedbbdda80fec91cbb8d620b31fc0ee60","ssdeep":"","tlshash":"b3310afd78c4d0cb1ecb826d6051fdd142456702ddc52c81a68f802ebde95ace0a1431","first_seen":"2025-11-13T06:42:14.249592Z","last_seen":"2025-11-13T06:42:14.249592Z","times_seen":1,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":65,"dns":6,"connect":17,"send":0,"wait":99,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accuratephrase.com/Yl2mx.pnZ-Wp5q0rZsG_Fu0vYwTx9-yzcAmBlCk_PETFgG4HY-mJNKjLOMD_JOhPYQzRE-1TOUTVkW1_OYDZdajbM-jdUe2fYgz_AiwjNkDlA-ynNompQqz_Ysztku0v","fqdn":"accuratephrase.com","domain":"accuratephrase.com","tld":"com"},"ip":{"addr":"188.72.219.35","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"accuratephrase.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 06:43:11 GMT","end":"Sat, 10 Jan 2026 06:43:10 GMT"},"fingerprint":{"sha1":"5C:01:82:3D:3E:91:A2:72:76:A4:E8:DA:42:F8:FD:E6:74:85:B6:CF","sha256":"70:75:DE:E9:C6:17:AD:2B:3D:6E:6A:92:30:CC:7F:07:FE:0A:01:18:13:08:46:C7:F6:A5:EE:0D:04:8E:7E:00"}}},"request":{"raw":"POST /Yl2mx.pnZ-Wp5q0rZsG_Fu0vYwTx9-yzcAmBlCk_PETFgG4HY-mJNKjLOMD_JOhPYQzRE-1TOUTVkW1_OYDZdajbM-jdUe2fYgz_AiwjNkDlA-ynNompQqz_Ysztku0v HTTP/1.1\r\nHost: accuratephrase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 78\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-length: 0\r\nexpires: Mon, 26 Jul 2011 05:00:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T10:33:46.692209Z","times_seen":14011623,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"2694316985.2c6ee0a58a.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxODA5Mzg0OTk2MzQ4NjU5MzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIyLjM4LjgiLCJ0YWdfaWQiOjM0OTkxOSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjcyLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9","fqdn":"2694316985.2c6ee0a58a.com","domain":"2c6ee0a58a.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:47.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"2694316985.2c6ee0a58a.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 10 Nov 2025 02:47:56 GMT","end":"Sun, 08 Feb 2026 02:47:55 GMT"},"fingerprint":{"sha1":"73:A6:D9:F2:A6:03:A0:55:5B:9A:00:C4:CF:C4:2D:6A:3D:15:E4:54","sha256":"13:5C:5F:01:71:3A:AF:AC:1E:D5:1B:7D:AE:F3:8D:68:90:8E:AE:83:81:85:BF:C7:E3:4C:08:FD:65:38:4E:32"}}},"request":{"raw":"GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxODA5Mzg0OTk2MzQ4NjU5MzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIyLjM4LjgiLCJ0YWdfaWQiOjM0OTkxOSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjcyLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 HTTP/1.1\r\nHost: 2694316985.2c6ee0a58a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:47 GMT\r\ncontent-length: 0\r\nserver: nginx/1.18.0\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nx-cdn-host-id: AH1747\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T10:33:46.692209Z","times_seen":14011623,"resource_available":true,"data":null}},"time_used":299,"timings":{"blocked":123,"dns":74,"connect":21,"send":0,"wait":50,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"2694316985.2c6ee0a58a.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ntvpforever.com/keywords","fqdn":"ntvpforever.com","domain":"ntvpforever.com","tld":"com"},"ip":{"addr":"116.202.204.105","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:47.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 02:00:40 GMT","end":"Sat, 24 Jan 2026 02:00:39 GMT"},"fingerprint":{"sha1":"2B:72:A9:3F:14:00:92:B9:05:AC:BC:3B:22:CB:D9:87:80:23:C8:3D","sha256":"60:5B:BA:7E:5F:7A:B1:E0:55:4D:4C:29:EA:C7:21:68:37:AF:03:5B:A7:3D:15:98:F1:65:96:AB:4A:3E:17:3B"}}},"request":{"raw":"POST /keywords HTTP/1.1\r\nHost: ntvpforever.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 81\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0\r\ndate: Thu, 13 Nov 2025 06:41:47 GMT\r\ncontent-type: application/json\r\ncontent-length: 15\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"32323194b8b07fd0aa9b6f7fc79a7b30","sha1":"ea248c45722bff267b55a453dc794bc42171cef6","sha256":"080040b4937f3f423f32cd7f19b2a79ba1e1e213f1d9f4f4db4f609d4ad778d8","sha512":"e6b7cefe758be1e47a28ed8fc319cd61814e942838f0f65a26e629f0af39fae2547bece75c020c0cad5294b741a20911757b43b493dea2d3b109e4cf3ae3e9a3","ssdeep":"","tlshash":"9d600008200a08020880a000a20082002000a002002008282880008083002000888800","first_seen":"2023-09-22T06:12:14Z","last_seen":"2026-04-21T10:01:28.004155Z","times_seen":2358,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"104.21.5.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:44.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bvtpk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 20:07:09 GMT","end":"Thu, 05 Feb 2026 21:05:30 GMT"},"fingerprint":{"sha1":"D2:20:C9:EE:4B:2D:3A:82:43:E2:14:9E:C3:25:30:01:9F:8F:BB:C3","sha256":"D2:57:0B:6C:75:32:2D:6D:C0:F7:1B:32:FC:56:BA:06:7F:64:4B:FC:95:E2:29:A1:4F:59:5C:DD:D3:8D:37:7B"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: bvtpk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:45 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-trace-id: 6f43eb7a43982c04fabfd2a74e78d1ce\r\ncache-control: public, max-age=600, s-maxage=1800\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 8\r\ncf-cache-status: HIT\r\nlast-modified: Thu, 13 Nov 2025 06:41:36 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VIUtd2Lcnjt%2Bi7i79HGvKdlphzcBdmrDcpd7FskSHWZWQHRkDMD9siyGka4TRsbylov%2Bk8vFzeTW2kAcRa4c3f4oYbR6vf4%3D\"}]}\r\ncf-ray: 99dc49005a85b4f1-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":110117,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"591efce4afde1d9210c2db3ad6a0b5a1","sha1":"3c903bef225b8bc6f730fdda4508935c0b8bdffe","sha256":"fa09cc05a83063ac906665bcb8d54917827c01940295bf5445d7c0180aab25b6","sha512":"bcc94c4b749ce802720f4f79e6f6fdaf6f593d17aef48f3d5d5438c1663a0809b9da6218344a9d10082a55a57c1d207f5cb9941de8759042d8800360771f006d","ssdeep":"3072:e2+gQaEJ1XvWwmUNYj0S0BE33BvHxB+E8v:3+DdXvWwmUiYS0C3xvHGZ","tlshash":"73b319da22666459126f402405abec0d75ae8c81048dcd78f0e5fc762d78f26e3f7be9","first_seen":"2025-11-12T17:53:45.689689Z","last_seen":"2025-11-13T09:58:50.478315Z","times_seen":23,"resource_available":true,"data":null}},"time_used":77,"timings":{"blocked":35,"dns":4,"connect":1,"send":0,"wait":5,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.capndr.com/popunder-admanager/build.m.js","fqdn":"js.capndr.com","domain":"capndr.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:47.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"js.capndr.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Oct 2025 02:32:03 GMT","end":"Sun, 11 Jan 2026 02:32:02 GMT"},"fingerprint":{"sha1":"4F:91:E2:5E:A1:B1:4D:7F:49:01:1E:73:C6:07:EB:0A:BE:44:4C:44","sha256":"7B:0D:8E:03:0E:6E:23:65:30:3D:E8:FC:0C:E7:66:46:E2:5B:7F:FA:FD:D2:FF:61:4C:A4:18:08:24:70:51:6B"}}},"request":{"raw":"GET /popunder-admanager/build.m.js HTTP/1.1\r\nHost: js.capndr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:47 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx/1.18.0\r\nlast-modified: Mon, 10 Nov 2025 11:57:34 GMT\r\netag: W/\"6911d32e-1747d\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 13 Nov 2025 06:46:47 GMT\r\ncache-control: max-age=300\r\nx-cdn-host-id: AH1742\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":95357,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9fcd0ce6da93385c2aae7faae9ee533d","sha1":"4e81cc0eb5a5e4a80ac043722254a206a2467d21","sha256":"044cbb4a44b387749d187da88b0888e8ff2da383ca1bf3bf8390752a90aa322d","sha512":"877349afc430e39cd8267d0f2c544022abd64568136237d5f8ba8aa0bf90138755fad1b45c30e34e530f757291b27924da67f4f040146f5c75b06aa012ff52b8","ssdeep":"768:ubVWcprcLsdOKo/+PDPfVal3ATlP8JnU2qbJ/XSURcq3TG9sh8sf2x22Zf4dsU9w:WkmOK1Nh8J0/tddEf","tlshash":"899318cdb7d2b07043b765ba902f151ab33f2a09b809441cf969d9d138ad84e9327f79","first_seen":"2025-11-10T18:08:30.272513Z","last_seen":"2026-04-10T08:08:30.486685Z","times_seen":309,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"js.capndr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fp.metricswpsh.com/fp?tag_id=349919","fqdn":"fp.metricswpsh.com","domain":"metricswpsh.com","tld":"com"},"ip":{"addr":"157.90.84.242","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:47.542Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"notification.tubecup.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 10 Nov 2025 11:47:47 GMT","end":"Sun, 08 Feb 2026 11:47:46 GMT"},"fingerprint":{"sha1":"05:1E:63:2F:40:1F:87:C3:0D:F0:42:C7:EA:E8:B1:D8:6F:76:7C:FC","sha256":"1C:13:0E:F6:58:8A:8C:D7:DE:1F:9F:20:D5:17:50:15:02:D5:C8:8E:39:40:68:3F:01:24:F2:73:14:BA:25:0F"}}},"request":{"raw":"OPTIONS /fp?tag_id=349919 HTTP/1.1\r\nHost: fp.metricswpsh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.videyd.com/\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx/1.20.1\r\nDate: Thu, 13 Nov 2025 06:41:47 GMT\r\nConnection: keep-alive\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Headers: content-type\r\nAccess-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\nAccess-Control-Allow-Origin: https://www.videyd.com\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T10:33:46.692209Z","times_seen":14011623,"resource_available":true,"data":null}},"time_used":183,"timings":{"blocked":79,"dns":0,"connect":24,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"fp.metricswpsh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026dsh=S1662825339%3A1763016107927638\u0026hl=en\u0026ifkv=ARESoU1cOrnO29ylYCu3DCquW62tQX3yTpm_TsWfIdIldY16WYpqp3hzuBbtvyFH6PN_oo_Zw0UwYg\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:48.011Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:52 GMT","end":"Mon, 19 Jan 2026 08:35:51 GMT"},"fingerprint":{"sha1":"95:94:D2:A2:42:3D:9B:2F:BB:65:03:35:EA:85:1D:B6:C0:BB:E5:07","sha256":"53:9A:55:C8:25:B4:4A:38:C0:A9:FD:A8:38:B3:FD:CA:8E:7E:1F:2A:79:A9:52:76:8C:00:7C:7B:96:1E:45:33"}}},"request":{"raw":"GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026dsh=S1662825339%3A1763016107927638\u0026hl=en\u0026ifkv=ARESoU1cOrnO29ylYCu3DCquW62tQX3yTpm_TsWfIdIldY16WYpqp3hzuBbtvyFH6PN_oo_Zw0UwYg\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Thu, 13 Nov 2025 06:41:48 GMT\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"AccountsSignInUi\"\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncontent-security-policy: script-src 'nonce-XugrNWrCUaDKWvcFTnQ2Pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.google.com/tools/feedback/ https://www.gstatic.com/feedback/js/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://support.google.com/inapp/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport\r\ncontent-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/recaptcha/enterprise.js https://www.gstatic.com/recaptcha/ https://www.google.com/tools/feedback/chat_load.js https://www.google.com/tools/feedback/help_api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.gstatic.com/feedback/js/ https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.uG4g8ADWTlc.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist\r\nreport-to: {\"group\":\"AccountsSignInUi\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi\"}]}\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T10:33:46.692209Z","times_seen":14011623,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.videyd.com/assets/vendor-chunks-DoTr35U9-1762936680624.css","fqdn":"www.videyd.com","domain":"videyd.com","tld":"com"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:42.934Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"videyd.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 01:20:20 GMT","end":"Wed, 11 Feb 2026 02:18:02 GMT"},"fingerprint":{"sha1":"52:63:3C:87:C3:70:CB:53:B8:56:10:73:02:F4:01:00:7E:03:88:F7","sha256":"A0:53:8F:A1:44:00:BA:49:12:62:04:2D:5B:D9:CA:A5:BD:4E:B3:F2:75:7C:8E:13:1C:82:1B:83:53:51:78:DA"}}},"request":{"raw":"GET /assets/vendor-chunks-DoTr35U9-1762936680624.css HTTP/1.1\r\nHost: www.videyd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:43 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A77373BDEB0D367DF8AA75C47\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 12 Nov 2025 08:38:11 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2574640\r\nvia: EU-IRL-dublin-EDGE2-CACHE5[3],EU-IRL-dublin-EDGE2-CACHE6[0,TCP_HIT,2],EU-IRL-dublin-GLOBAL1-CACHE17[4],EU-IRL-dublin-GLOBAL1-CACHE16[0,TCP_HIT,2]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 2f1653d049aa2f49370955410aa3212a\r\nnginx-hit: 1\r\nage: 17360\r\ncontent-encoding: br\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\netag: W/\"583c695c76766d48b720411106e87599\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JP9P4x4P3U2zWNu%2FfH7PACuLII725rnGWgk6%2F2wECrHhMOUqTctqGCcQp9OoJrwwoc%2FOqRf3hLBD01MaBkyU%2F4vfjafdDjs4%2BcGmSSXZ\"}]}\r\ncf-ray: 99dc48f348e223eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":161718,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"583c695c76766d48b720411106e87599","sha1":"e7e75b7ea87593b675eac8f4937a1af7db66f102","sha256":"3f61af115313bbfe92c14794125043e3c53029cc5be9de758ce7a6a4e503275d","sha512":"a9c008b55f23c2460d6650529750b10d9ff30b66cdeb90ca7ad75ec21bb350c619593ae0e01975bacf784d013e08795f40f95c365deeaa4e594a6aa3785e2756","ssdeep":"768:eK4kaqXtxtd5+NuoRbV/es4idulogKFjY3xkjS5nz1miiJykXEK1rBw0OBp6EnUp:eKLvTdw7tejDxkjS5nzK8BTpZaKjpi","tlshash":"58f39569ea10a27de91faf259bc49f8ca224e881cd311af7f685610c4dc3bf115e274d","first_seen":"2025-06-14T07:01:13.355089Z","last_seen":"2026-02-27T13:27:16.333567Z","times_seen":523,"resource_available":false,"data":null}},"time_used":994,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":987,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bereave.onelinevideo.com/moire/calibre/eclipse","fqdn":"bereave.onelinevideo.com","domain":"onelinevideo.com","tld":"com"},"ip":{"addr":"47.253.93.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:45.530Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bereave.onelinevideo.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 21 Apr 2025 00:00:00 GMT","end":"Mon, 20 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E0:8E:3E:B2:04:D3:F1:8E:24:9D:86:3A:9E:82:A4:F5:45:3F:D1:AD","sha256":"92:99:82:77:56:12:E5:7A:6F:E4:9E:E1:33:D0:ED:6E:11:A4:AF:65:E4:1A:60:B9:75:F8:9B:59:74:D7:01:8B"}}},"request":{"raw":"POST /moire/calibre/eclipse HTTP/1.1\r\nHost: bereave.onelinevideo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.videyd.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 904\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:45 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: no-store\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with no line terminators","md5":"d5ebf83082d35e077f1fadc61249c872","sha1":"b65f5215896ea66a74ce33aa2d68b08417e1850c","sha256":"342527dd976c3e2f3dfdd1a59222bfc893187253422a0da42f8f163afccc414e","sha512":"158140b46555663f18a0d59b877cb9be40ce17b877c810438a5a5fb50c364879c8b70e45ca1715297838f208384b1f0f415a69e6ece7fb738c1a522bd041ef3f","ssdeep":"","tlshash":"698004051111d0311155c1550430c070557c04711011101dd07c071fdcc1414c111c55","first_seen":"2025-11-13T06:42:14.253676Z","last_seen":"2025-11-13T06:42:14.253676Z","times_seen":1,"resource_available":false,"data":null}},"time_used":889,"timings":{"blocked":391,"dns":47,"connect":105,"send":0,"wait":108,"receive":0,"ssl":236},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/vast-im.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:45.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tapioni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 10:12:45 GMT","end":"Tue, 16 Dec 2025 11:12:39 GMT"},"fingerprint":{"sha1":"53:EE:30:9F:D0:82:6E:D3:05:D7:06:C0:89:A1:7F:95:D2:E2:01:7E","sha256":"21:58:AE:A3:46:B3:6B:EB:5F:82:88:D2:99:DE:87:F2:60:5D:36:27:10:AC:28:89:4F:06:F7:18:18:B4:95:23"}}},"request":{"raw":"GET /vast-im.js HTTP/1.1\r\nHost: cdn.tapioni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:45 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 88978\r\nserver: cloudflare\r\nlast-modified: Mon, 10 Nov 2025 10:05:03 GMT\r\nvary: Accept-Encoding\r\netag: \"6911b8cf-15b92\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nage: 246856\r\ncf-cache-status: HIT\r\ncf-ray: 99dc4903fc48b4f3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":315377,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators","md5":"ef71e3a5fcdca2418129fff7f4e54e50","sha1":"10aee0abfddbfb0a11737088d393d5fe88ba24c0","sha256":"d685cc4df641365217ddcc69a3efcf9a6ad8b1535125dffd0a9df95bc0f46882","sha512":"a4951a72b5fef052521f78900f47c405563dfcb8c729a66c638eefb675dc50f2175433308dd2228118ff250944954d65abbc5a8b7f067937d922be440aa3007f","ssdeep":"3072:StY4dFHJC/KyWM8exrt9pGW18MHy3rxXqkPj92La7/rK/cJs83h3f2g:IdFg/KBeNt9j6JEkPj9iB/cy83h3fP","tlshash":"3a64a3c9b6c6b0a543e7b0b8403f520ef276a955b44ac9c0e266e9d1ac7c94e5037f7c","first_seen":"2025-11-10T18:08:30.221651Z","last_seen":"2025-11-25T08:32:30.006114Z","times_seen":106,"resource_available":true,"data":null}},"time_used":83,"timings":{"blocked":36,"dns":8,"connect":4,"send":0,"wait":7,"receive":4,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/spots/494334?s1=1983049288540758018\u0026fs1=1\u0026i=1\u0026url=https%3A%2F%2Fwww.videyd.com%2Fe%2FETDR1ZOA%3Flv1%3Dvideypro.site\u0026sid=79d7ab2c-fef0-4643-8d61-731f92ec9246","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:45.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 06 Nov 2025 23:28:43 GMT","end":"Wed, 04 Feb 2026 23:28:42 GMT"},"fingerprint":{"sha1":"66:4E:04:65:51:00:00:6F:45:5C:CD:BC:6C:DD:60:70:78:C4:D0:F8","sha256":"57:1A:C5:4F:7F:E6:61:6B:64:F0:82:6B:5F:1D:34:EC:2B:4C:B2:39:E0:5B:C9:DE:A4:CA:BD:76:ED:3E:9A:61"}}},"request":{"raw":"GET /api/spots/494334?s1=1983049288540758018\u0026fs1=1\u0026i=1\u0026url=https%3A%2F%2Fwww.videyd.com%2Fe%2FETDR1ZOA%3Flv1%3Dvideypro.site\u0026sid=79d7ab2c-fef0-4643-8d61-731f92ec9246 HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nset-cookie: nauid=VUteFcQXbcc8mi8HQVep; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None\r\nx-robots-tag: noindex, nofollow\r\ncache-control: private\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2572,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (2071)","md5":"a0bdd949b6735024b20d991e1322aee8","sha1":"c1391b2bfac455c3b81fe297a1aacd42663a54c8","sha256":"3774d5328f791da6b07aab7ec0f4c382c8283a159570e6053e40a55bd4a7f3c7","sha512":"9725bc70f9830bf2fcbdfe89f9acb828081f0ac52330184a1645aff87408777518936e2e052c9455974ba4396e23d72cbc0631b19fbb5c323d7d34df4e5132cc","ssdeep":"","tlshash":"48517584d6e86316f62710b0dd7acb9f555ea24192198075eeb726aac3cc64c067128a","first_seen":"2025-11-13T06:42:14.255106Z","last_seen":"2025-11-13T06:42:14.255106Z","times_seen":1,"resource_available":true,"data":null}},"time_used":161,"timings":{"blocked":67,"dns":6,"connect":26,"send":0,"wait":27,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sm.luxsmab.com/thumbnails/xbox-streaming/1983049288540758018/f77a0e92-5f00-4158-ba97-2c1cc913a939/screenshot/3x3.jpg","fqdn":"sm.luxsmab.com","domain":"luxsmab.com","tld":"com"},"ip":{"addr":"104.18.48.8","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"luxsmab.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Oct 2025 04:00:36 GMT","end":"Wed, 14 Jan 2026 05:00:30 GMT"},"fingerprint":{"sha1":"A6:4A:9F:7E:AE:10:91:65:EE:0B:9B:83:C2:A5:D2:6F:0E:BE:B7:22","sha256":"68:F7:74:BD:17:BD:50:EE:18:62:75:7B:62:20:04:6A:A1:11:F6:00:43:C6:67:5C:B5:C8:20:5D:D5:31:58:CA"}}},"request":{"raw":"GET /thumbnails/xbox-streaming/1983049288540758018/f77a0e92-5f00-4158-ba97-2c1cc913a939/screenshot/3x3.jpg HTTP/1.1\r\nHost: sm.luxsmab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 89548\r\ncf-ray: 99dc4907881d4c11-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ncf-bgj: h2pri,csam-hash\r\ncloudservicediscount: CDN\r\ncontent-disposition: inline\r\netag: \"442bfd312455a3804c350fdeea61ebfe\"\r\nlast-modified: Mon, 10 Nov 2025 13:31:45 GMT\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-origin-time: 401\r\nx-ccdn-req-id-46b1: 338fd34110ae1b0928f9774645dcbf8f\r\nvia: EU-FRA-marseille-EDGE3-CACHE16[621],EU-FRA-marseille-EDGE3-CACHE17[618,TCP_MISS,620],EU-IRL-dublin-GLOBAL1-CACHE8[584],EU-IRL-dublin-GLOBAL1-CACHE12[401,TCP_MISS,584]\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-amz-request-id: 0000019A7387DB64B1171CF5F8A0A998\r\nx-hcs-proxy-type: 0\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncf-cache-status: HIT\r\nage: 19672\r\nexpires: Thu, 13 Nov 2025 10:41:46 GMT\r\ncache-control: public, max-age=14400\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":89548,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1212x2160, components 3","md5":"442bfd312455a3804c350fdeea61ebfe","sha1":"17560cff1090a4c2f24b60674b8c3ac48d2f4572","sha256":"614b936f71258c6ffce4d74e480b9d5234b6a4a561efc0fad6325ff63c7d7de9","sha512":"0e364d21df3594f8c7c9d034a4b4c6f7b1417e0454eb2a0645a969713e0e61e980b2f19af189818a5e068e2b5007630786c508f6fc1a35930e975e9f99b3cc69","ssdeep":"1536:HrvSlDRTKH7b/ED32Xhk+6VTUj9woqWGTEENTFYNHks06v4uuBA6WY93Q/B:HrvSCbbiGXhOUj9RGTFM514Hqy38B","tlshash":"8b9302a797019c13e64fd23818b3a31176a36222ff9b1a5b5eee47546aa07301e0e8d4","first_seen":"2025-11-13T06:42:14.255988Z","last_seen":"2025-11-13T06:42:14.255988Z","times_seen":1,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":24,"dns":7,"connect":1,"send":0,"wait":12,"receive":4,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/on.js","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.217Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"driverhugoverblown.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:57 GMT","end":"Wed, 21 Jan 2026 14:23:56 GMT"},"fingerprint":{"sha1":"AB:39:B2:8C:70:D6:0B:38:B0:1E:73:99:51:2D:35:30:EA:6B:4A:70","sha256":"86:18:14:14:6C:52:E9:C3:AC:03:AF:10:49:19:37:24:9D:9A:36:E6:1A:05:C8:1C:8E:69:BE:53:1E:CE:6F:65"}}},"request":{"raw":"GET /on.js HTTP/1.1\r\nHost: driverhugoverblown.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Wed, 12 Nov 2025 14:11:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69149597-260fd\"\r\nexpires: Thu, 20 Nov 2025 06:41:46 GMT\r\ncache-control: max-age=604800\r\nx-js-ab: current\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":155901,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"e47aec8e510e5165897d0be483eaee0a","sha1":"38149e2de75fb0746389ed3cb4b0ce1c14e61064","sha256":"435516b41b71dc6480bde7b2986f9bcfa9256f8ddeecc2711f376a02f4a28175","sha512":"cf1f2d8b3ed8b8187355fd92f4e2d73f208ed80c5747762503813e12f13f6840cb7dbc898a098ba759135da48a51a62f21dd8c9a2fac5e4589ab23ebd6dbaf41","ssdeep":"1536:O1SNwWZPsz4mACVnM79vCmVrFcB3m3/MY6QCME5RXj8zdhUF6qeM2Iq1LWy4Bsx1:O1SNxm48C60kpRDaN0ssRKY6","tlshash":"f9e396afb6812c33424e94ae643f9d0fa72597e1a89c400cc473f1963e7a576c261ef5","first_seen":"2025-11-12T14:55:39.098756Z","last_seen":"2025-11-13T06:42:14.257094Z","times_seen":14,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":63,"dns":3,"connect":20,"send":0,"wait":21,"receive":0,"ssl":69},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"104.21.5.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bvtpk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 20:07:09 GMT","end":"Thu, 05 Feb 2026 21:05:30 GMT"},"fingerprint":{"sha1":"D2:20:C9:EE:4B:2D:3A:82:43:E2:14:9E:C3:25:30:01:9F:8F:BB:C3","sha256":"D2:57:0B:6C:75:32:2D:6D:C0:F7:1B:32:FC:56:BA:06:7F:64:4B:FC:95:E2:29:A1:4F:59:5C:DD:D3:8D:37:7B"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: bvtpk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nx-trace-id: 6f43eb7a43982c04fabfd2a74e78d1ce\r\ncache-control: public, max-age=600, s-maxage=1800\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\nlast-modified: Thu, 13 Nov 2025 06:41:36 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mLhTNxgpZSsuqGFFX1wwHDol8v%2FHXfAJiejmaOWMpn8Y7jV0C5FcuK9B02PFJLzTx0u64cZPlQbsNtO8fq3E7dbXGh8FSrovRQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99dc4907ad3c76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":110117,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"591efce4afde1d9210c2db3ad6a0b5a1","sha1":"3c903bef225b8bc6f730fdda4508935c0b8bdffe","sha256":"fa09cc05a83063ac906665bcb8d54917827c01940295bf5445d7c0180aab25b6","sha512":"bcc94c4b749ce802720f4f79e6f6fdaf6f593d17aef48f3d5d5438c1663a0809b9da6218344a9d10082a55a57c1d207f5cb9941de8759042d8800360771f006d","ssdeep":"3072:e2+gQaEJ1XvWwmUNYj0S0BE33BvHxB+E8v:3+DdXvWwmUiYS0C3xvHGZ","tlshash":"73b319da22666459126f402405abec0d75ae8c81048dcd78f0e5fc762d78f26e3f7be9","first_seen":"2025-11-12T17:53:45.689689Z","last_seen":"2025-11-13T09:58:50.478315Z","times_seen":23,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/adgpt.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.520Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tapioni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 10:12:45 GMT","end":"Tue, 16 Dec 2025 11:12:39 GMT"},"fingerprint":{"sha1":"53:EE:30:9F:D0:82:6E:D3:05:D7:06:C0:89:A1:7F:95:D2:E2:01:7E","sha256":"21:58:AE:A3:46:B3:6B:EB:5F:82:88:D2:99:DE:87:F2:60:5D:36:27:10:AC:28:89:4F:06:F7:18:18:B4:95:23"}}},"request":{"raw":"GET /adgpt.js HTTP/1.1\r\nHost: cdn.tapioni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 635\r\nserver: cloudflare\r\nlast-modified: Mon, 10 Nov 2025 10:05:03 GMT\r\nvary: Accept-Encoding\r\netag: \"6911b8cf-27b\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nage: 246865\r\ncf-cache-status: HIT\r\ncf-ray: 99dc4909bf8fb4f3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1285,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (1285), with no line terminators","md5":"4b545479ce261f8f128bca42b01f2b48","sha1":"24a48b2711e0bdc8b80c1037760a9d6106a812c3","sha256":"8bc734c4ee2f7f3f39b1a1e7b57f483f31b108c553af0fe16bd17c7b2abe8a38","sha512":"0a1b3d7e3f89748fc6fc016db882aa8cc5b55e7576ef84f23f93409796d67900b1926385bfcec76ff2460135a2c511f1429e28c8a143af8eb6873e34afae8905","ssdeep":"","tlshash":"162165da31e0f8d213cb6956113f4009f2aa6c65157fa0d0c358cd75bcf8889a1a2faa","first_seen":"2025-11-10T10:16:11.78532Z","last_seen":"2025-11-25T02:54:33.370695Z","times_seen":160,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"js.wpadmngr.com/static/adManager.js","fqdn":"js.wpadmngr.com","domain":"wpadmngr.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"js.wpadmngr.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 01 Nov 2025 03:32:41 GMT","end":"Fri, 30 Jan 2026 03:32:40 GMT"},"fingerprint":{"sha1":"E3:9D:D3:89:FB:90:7B:AA:8C:19:20:0E:65:8F:8A:B8:25:1C:19:1C","sha256":"DA:2F:33:FE:DB:D4:DD:3C:4D:80:E7:DE:2D:70:4B:D7:61:B4:0C:64:DA:A2:78:BB:8F:0B:66:29:AA:A3:2F:37"}}},"request":{"raw":"GET /static/adManager.js HTTP/1.1\r\nHost: js.wpadmngr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx/1.18.0\r\nlast-modified: Thu, 06 Nov 2025 14:16:07 GMT\r\netag: W/\"690cada7-23bd9\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 13 Nov 2025 06:46:46 GMT\r\ncache-control: max-age=300\r\nx-cdn-host-id: AH1747\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146393,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"b2f0972afc8bc1fe3b080eb543a86b47","sha1":"ab71ef7d872e2a44f4aef851853fdf259f2fd746","sha256":"8c001a2bddac6af4af1e5aedba188d8fd9fd355208562fea36994d1418aadc68","sha512":"449884607fa6eb4ce120b484a0f3da066fa83bdc5f3bc14eb656d96606b9b47733d67876887b9218582b71d6b7445d8e55eab7adec3fc2463f2d6cce97eb22bf","ssdeep":"1536:ZaN12toXV0jtQyFem169zKKpKf7xbAQ9c+ts4aAUOPEH9ZoxlB5RnWM8k8MdnCjH:5Pemo9GqK9coDts0KnoxlTA7+da","tlshash":"78e34acdb2d2b07407e75059d83f1207b73a1a16b80c9058f6a6e9c17878dda9237f7a","first_seen":"2025-11-06T14:45:06.101541Z","last_seen":"2025-11-27T11:34:20.174539Z","times_seen":466,"resource_available":true,"data":null}},"time_used":256,"timings":{"blocked":93,"dns":26,"connect":42,"send":0,"wait":42,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"js.wpadmngr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lz.faenasturbit.com/sSB8ld39qI9j8pgT/130607","fqdn":"lz.faenasturbit.com","domain":"faenasturbit.com","tld":"com"},"ip":{"addr":"172.241.53.182","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.518Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lz.faenasturbit.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 21:32:56 GMT","end":"Wed, 28 Jan 2026 21:32:55 GMT"},"fingerprint":{"sha1":"D6:1B:84:26:55:A1:83:01:23:8C:CD:42:C8:38:30:73:F4:D6:EF:57","sha256":"53:E3:FE:81:08:0E:DC:4F:44:48:DE:93:85:98:37:CB:86:0A:DE:F4:21:AF:D8:5D:C9:7D:40:12:D9:C0:72:E7"}}},"request":{"raw":"GET /sSB8ld39qI9j8pgT/130607 HTTP/1.1\r\nHost: lz.faenasturbit.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 5\r\nvary: Origin\r\naccess-control-expose-headers: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, GYFR29QT4J80VDR0ZHSJ, X-Forwarded-For, X-Requested-With, Cache-Control, Pragma, Expires, Credentials\r\naccess-control-allow-methods: GET, HEAD, POST, PUT, OPTIONS\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\nset-cookie: GGI10=G/oAAMTPn1PZ5ukSnmw8bfFluN+NzXY8UNxg3bXor6yA1l1Q1Ehi7W0i4uUri1ln1r6w/wfpMoYdhMBQA121TdVwbMjomg2EKIa0MtzekzpAgIwYCwTdIjXxmOdNOhn57T8G8VYwYuBodzgPL+m+zdd9CgwZayOyUl8QVpdb4xKy/dxeb9BjEMhIXZpZsl50kCH3TAzNiZP3Ysk+WNjoC265xMo9Sxf+fw==; max-age=3600000; path=/; secure; SameSite=None\nGUI42=G1EDAGRzTeWjR7p6Qu3mU4YH9Pm/d8f/s18Bwh2ttYAWSICBJJLv1p7hISgwsLmvbx6l1gny/4B8HjAzIAA9j+CKoejWQE7Q1BwPyagP3EDzrQkKAFxCMsFpubg+UtqnIlX8zN9T+7IO1X2MMktWiYNbyuVNiRJnf7wfUIbm+H7AEgzQyUwzPGiPsMTAVKsDJfFwD4xfforJPYXioCIf2lWxUYhhKoQ7HRcZYY50oYzyqxv9qsGaDbWD1wCyt75hKpW3uB8gHqUhyEoTSk1RxkUr1lwWVmkJtMRDLDKRhK6JKZeSpVJNYZhr9NBIY1zkqp1pIcXRmpOuXZbnZmrK1GQprh3FhAWw37LLQmbTCH66VE33X9bD3yqgSeP7AeXr1OsuO6qcJayqp9VMtT1A/4JTwT1AkJZzjPhTkAfWGyG/j8JzziRG0P/cNw==; max-age=3600000; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"f7a2939527fd9e68723da600e96d76bd","sha1":"a9e717b6364d2895ee0a716050db32ca0ef1bb42","sha256":"d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a","sha512":"e6956ec633c76eb3ebc408528f950b81373238cd1d5b9fff5ddd97089ea14a1ff5934f23769bac5d93cc4cdb6a1fbc4ce69baebfb940a55d8a7a89caccaf92b5","ssdeep":"","tlshash":"ec300000003000000000000000000000000c0000000000000000000000000c00000000","first_seen":"2023-03-07T01:14:39Z","last_seen":"2026-04-21T08:35:36.779348Z","times_seen":14009,"resource_available":true,"data":null}},"time_used":254,"timings":{"blocked":132,"dns":57,"connect":17,"send":0,"wait":20,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.imaginary-flower.pro/ecc874/937d343a2f19.js","fqdn":"www.imaginary-flower.pro","domain":"imaginary-flower.pro","tld":"pro"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.imaginary-flower.pro","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 12 Nov 2025 07:03:12 GMT","end":"Tue, 10 Feb 2026 07:03:11 GMT"},"fingerprint":{"sha1":"DE:3A:C5:95:87:2C:BF:7A:D1:4A:DD:BA:D3:B3:D5:43:8B:F1:F1:91","sha256":"55:60:FC:56:6A:C7:10:20:F5:E5:D8:07:10:B6:6D:65:31:76:E1:93:F0:98:70:53:86:FB:1B:BE:C9:88:6E:7B"}}},"request":{"raw":"GET /ecc874/937d343a2f19.js HTTP/1.1\r\nHost: www.imaginary-flower.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: Content-Type\r\ncache-control: max-age=172800\r\ncontent-encoding: gzip\r\nexpires: Sat, 15 Nov 2025 06:41:46 GMT\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":103680,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"48c3653f997ba87b7ea5b2e85287eb97","sha1":"bcaa21e2b5668b68b823c05ec1d579707466def8","sha256":"d0decd7cadd1fc1cda622cd49facf38829c27ea0a50ebd990fcf80794a56824a","sha512":"70ecfd9405f6494e0aadbf5cdfc59d80e8066949d2c5b1e9e77bfd070c01431a82085a12145f4ad987dc2743231009141e549ec374708f35c3e2afccc6dccc50","ssdeep":"1536:rM+iZ3YOYuyx6PUQwRxcs8P3nhkQ8vL7T7Q6eGozzwVEnHzHRbPvx:OijxEQq3P5Enne9zkWHLf","tlshash":"7ea33461350b64fd2ad0c1e7eb6b20886c295810e469cca1ecd1d7c7d6eb8e3429b5f7","first_seen":"2025-11-12T08:56:16.316174Z","last_seen":"2025-11-14T06:59:41.088918Z","times_seen":29,"resource_available":true,"data":null}},"time_used":278,"timings":{"blocked":119,"dns":70,"connect":19,"send":0,"wait":40,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/check.html","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:46.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"driverhugoverblown.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:57 GMT","end":"Wed, 21 Jan 2026 14:23:56 GMT"},"fingerprint":{"sha1":"AB:39:B2:8C:70:D6:0B:38:B0:1E:73:99:51:2D:35:30:EA:6B:4A:70","sha256":"86:18:14:14:6C:52:E9:C3:AC:03:AF:10:49:19:37:24:9D:9A:36:E6:1A:05:C8:1C:8E:69:BE:53:1E:CE:6F:65"}}},"request":{"raw":"GET /check.html HTTP/1.1\r\nHost: driverhugoverblown.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 13 Nov 2025 06:41:46 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Thu, 23 Oct 2025 09:18:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68f9f2c9-39e\"\r\nx-js-ab: current\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":926,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"088dba8e97eede53134c93219f7ebbae","sha1":"adb707654d1fe0af7d0d7a9f55660d22bd3625e4","sha256":"6da0120b4c7bc45b63fcbb87595c3c1ea2cdca482b0c48d4d2ab434f9e897aff","sha512":"23a1f87731e8aee4658993cd1ce35ec179fea80b89bf52aca7634488f1bdfcf88b9cabca4859481357a9fee06cbb49df64bbe0878b1dae0e5df4fa34003c6d80","ssdeep":"","tlshash":"6211d04934e1684c1127a6301597a2183c32a40315cbd949fb9cd7301f815a7dc596df","first_seen":"2024-11-22T16:59:41.974716Z","last_seen":"2026-03-04T10:11:28.020186Z","times_seen":13721,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/solid.gif?z=2081141\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.634-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=4yeIDWfaHR0cHM6Ly93d3cudmlkZXlkLmNvbS9lL0VURFIxWk9BP2x2MT12aWRleXByby5zaXRl\u0026afid=678490976950784\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026dto=2\u0026pload=2718\u0026rlp=%5B0%2C22%2C275%2C206%2C66722%2C11907%2C5620%2C11484%2C1%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:47.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"driverhugoverblown.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:57 GMT","end":"Wed, 21 Jan 2026 14:23:56 GMT"},"fingerprint":{"sha1":"AB:39:B2:8C:70:D6:0B:38:B0:1E:73:99:51:2D:35:30:EA:6B:4A:70","sha256":"86:18:14:14:6C:52:E9:C3:AC:03:AF:10:49:19:37:24:9D:9A:36:E6:1A:05:C8:1C:8E:69:BE:53:1E:CE:6F:65"}}},"request":{"raw":"POST /solid.gif?z=2081141\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.634-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=4yeIDWfaHR0cHM6Ly93d3cudmlkZXlkLmNvbS9lL0VURFIxWk9BP2x2MT12aWRleXByby5zaXRl\u0026afid=678490976950784\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026dto=2\u0026pload=2718\u0026rlp=%5B0%2C22%2C275%2C206%2C66722%2C11907%2C5620%2C11484%2C1%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5 HTTP/1.1\r\nHost: driverhugoverblown.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nCookie: cart=1; cart_p=2\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 13 Nov 2025 06:41:47 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nx-route-id: stats.tag.loaded\r\nset-cookie: UID=25111301419acda72a2e1a4c409b16b9cc3f; Path=/; Expires=Thu, 17 Dec 2026 06:41:47 GMT; Secure; SameSite=None\nCHCK=1; Path=/; Expires=Thu, 17 Dec 2026 06:41:47 GMT; Secure; SameSite=None\nPTS=; Path=/; Expires=Thu, 17 Dec 2026 06:41:47 GMT; Secure; SameSite=None\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"28e463819a210071de3b45ebe7633613","sha1":"6dccd571828ec0912629119cf7eabfea9f33ddbc","sha256":"44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84","sha512":"8a82ac5a7883cd9b74bdb561cf825ce86474e259ad8c445e538d697b0003e3f2b1d6edcd3dc6512f4ad16e9074da204a79938257c457ecf68f4329eac0182e67","ssdeep":"","tlshash":"04900003e280e082c3a0c0300e0ccb802b88a2308a28030fb0fc2baefc3a3a20c23000","first_seen":"2023-04-05T09:26:54Z","last_seen":"2026-04-21T09:04:04.901241Z","times_seen":21015,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p2yn.com/5/10111173/?oo=1\u0026js_build=iclick-v1.1616.0\u0026userId=0802807b00154958f44916a16e45970e\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=0","fqdn":"p2yn.com","domain":"p2yn.com","tld":"com"},"ip":{"addr":"139.45.195.12","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.videyd.com/e/ETDR1ZOA?lv1=videypro.site","date":"2025-11-13T06:41:47.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"p2yn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Sep 2025 05:27:55 GMT","end":"Sun, 28 Dec 2025 05:27:54 GMT"},"fingerprint":{"sha1":"3A:5A:0E:B8:A9:06:87:BA:DC:58:BC:E1:AE:2A:E3:CB:58:5D:59:7D","sha256":"27:5C:19:3A:05:81:0F:0E:62:D4:C2:B2:7E:E1:93:86:B8:9F:2C:9D:90:0B:A5:AE:52:48:27:FE:CA:75:F4:5E"}}},"request":{"raw":"POST /5/10111173/?oo=1\u0026js_build=iclick-v1.1616.0\u0026userId=0802807b00154958f44916a16e45970e\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=0 HTTP/1.1\r\nHost: p2yn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2635\r\nOrigin: https://www.videyd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.videyd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Thu, 13 Nov 2025 06:41:47 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://www.videyd.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T10:33:46.692209Z","times_seen":14011623,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-13","alert":"Sinkholed","trigger":"p2yn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}