{"report_id":"9b214111-7ca0-4ebd-b17a-61d2cb95d47f","version":6,"status":"done","tags":[],"date":"2025-12-07T20:02:14Z","url":{"schema":"http","addr":"sexiframe.com/","fqdn":"sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"104.21.78.28","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"sexiframe.com/","fqdn":"sexiframe.com","domain":"sexiframe.com","tld":"com"},"title":"SexIframe: Daily Free Sex Pics from Every Naughty Category You Love","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"sexiframe.com/","fqdn":"sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"104.21.78.28","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-11T20:02:14Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdni.sexiframe.com","ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2021-03-28","domain_rank":0,"first_seen":"2025-10-10T20:34:44.02027Z","last_seen":"2025-10-21T19:22:33.79196Z","alert_count":260,"request_count":260,"received_data":22374112,"sent_data":120851,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}]},{"fqdn":"sexiframe.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-03-28","domain_rank":1911606,"first_seen":"2021-04-26T00:09:18Z","last_seen":"2025-10-21T19:22:33.775286Z","alert_count":7,"request_count":7,"received_data":293690,"sent_data":3078,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.3.8","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"sexiframe.com/scripts/jquery-3.5.1.min.js","fqdn":"sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ac39dc31635a363e377eda0f6fbe03f","sha1":"29fa5ad995e9ec866ece1d3d0b698fc556580eee","sha256":"9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38","sha512":"0799ae01799707b444fca518c3af9b91fda40d0a2c114e84bc52bd1f756b5e0d60f6fd239f04bd4d5bc37b6cdbf02d299185cd62410f2a514a7b3bd4d60b49fc","ssdeep":"1536:/jExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakV:/Yh8eip3huuf6IidlrvakdtQ47GKl","tlshash":"0693f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89476,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-17T07:09:32.69832Z","times_seen":7333,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sexiframe.com/scripts/main.min.js","fqdn":"sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"acd41824e014f19045acab1cff8a76cb","sha1":"7df2efc7ba6bdac8c6d35b6bfbfb3b29dbca1148","sha256":"4a52fadac291ce063deb0e1a6baedf50b73f49154404bc99e868fa9a1453aa7e","sha512":"65f432c188a3019d6a1de6d0ac871f17d8587f312ef6b46d9903a209a6e7122fcad227c95a4b250ea1847b20323ca12061978441f33c83b892edf0286e979bae","ssdeep":"1536:Rca9ycSvyUZWQk1dEbI+TAa3wKX8hKRwFSxdHcUVg2o1mfZ3EKB/ib1JCTBAhsI1:R79y1QpeB8ZhUQaCEu7","tlshash":"24c30a4d7254b97602eb61b6903f460bb237689a540b801cb629d9ed2d7cd8e3237f3d","size":126405,"data":"","first_seen":"2024-08-19T13:19:50.368917Z","last_seen":"2026-05-15T10:57:15.106118Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/386/43211877/43211877_097_148f.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/386/43211877/43211877_097_148f.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 141092\r\nserver: nginx\r\nlast-modified: Sun, 02 Jan 2022 05:33:02 GMT\r\netag: \"61d1390e-22724\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":141092,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"5640645931694d0dbc0b32eec183ae73","sha1":"e58b82db5abc7e6068ad1e78b15aa3641b8cc810","sha256":"23be22a946033ad9467d212f03942d15a94cc51a972cd398c959d147ddc5c8a0","sha512":"a38d68ee9e6b1dc87159a7f2f26667d9d7fc0882b183cd082e391ba682ccd6c60c47c8d187006f6808f9a8d3ac380f5c66b54e8f86b19c500449bae4d030dc9e","ssdeep":"3072:Yl8Q0HNarpVBYqXZngmWqQZia1BMTuGbDXZNCb8l3vL0y8IMbrfp:Yl85a9VuMZaqQZZ1iJbDX/CIlz02MbLp","tlshash":"15d31263e37f79cdc419fe6c46957db54899eeace885bb1dc0012b852b008f24b3945e","first_seen":"2025-10-10T20:35:07.310171Z","last_seen":"2025-12-07T20:02:45.544105Z","times_seen":3,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/504/96829926/96829926_119_47f1.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/504/96829926/96829926_119_47f1.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 112301\r\nserver: nginx\r\nlast-modified: Thu, 09 Dec 2021 09:32:11 GMT\r\netag: \"61b1cd1b-1b6ad\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":112301,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"20bd1eb27423b9b195a1e13e5ed9b51a","sha1":"d5bd4b5a7958525624f7b605a0e497c8e7a43574","sha256":"71a8e505aa5a0fbe54bf61bbd2ceea6a3524a27869ee3a6677ec1b2d06f09898","sha512":"c14a9b1e97f6f36419a1a426c2a71aad03c740d6bce1850d6dc38cf33f0285c0030b4974e965d705eb1113fce10ff64ba8ea544b67704a50375e480a6969e70a","ssdeep":"3072:9TZt2emKVt8ZteQww1VpOmxa2rkmE+Uej:roTKVithwApOwkmzn","tlshash":"e0b3120bef1249a5bb5da1be4f43312c19d83ceaf12e617f627d15dae20a807e1414dd","first_seen":"2025-10-10T20:35:07.634665Z","last_seen":"2025-12-07T20:02:45.550183Z","times_seen":3,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/361/69435444/69435444_053_a9fd.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/361/69435444/69435444_053_a9fd.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 103642\r\nserver: Angie\r\nlast-modified: Thu, 07 Apr 2022 04:32:38 GMT\r\netag: \"624e6966-194da\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,ds6620,DS6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":103642,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x705, components 3","md5":"1bd9b137bc46d9f88f740d7f58988112","sha1":"99b785575bd604be4e18ace490f4c632e24f0f8f","sha256":"c17f7687f388665341e8dbaf502062f2a4dc623af4479322ac36e6b87d090642","sha512":"af47714652bac983fe9af4c090693643eb470abe864af11d05470424b2e0d3508a38ef02d1a7d661fff921b76ab6780d4045ae37f6c548889b9050ae16e7a09d","ssdeep":"3072:ExjtnC1qIEo1cLIaFRO8o9ffRVZ3Yd0VZUln1kA:ENs1Mow9FRUffRVZ5mjT","tlshash":"c0a31228f6291dff29fec478226c636a32c535dd78df226b0c114842e5b8561b31be56","first_seen":"2025-10-10T20:35:07.345282Z","last_seen":"2025-12-07T20:02:45.553527Z","times_seen":3,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/716/85035470/85035470_004_a026.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/716/85035470/85035470_004_a026.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 61419\r\nserver: nginx\r\nlast-modified: Mon, 08 Jul 2024 03:15:34 GMT\r\netag: \"668b59d6-efeb\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":61419,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"73d38ef20dd845eaa279b900266f95da","sha1":"1b17a742b5e3cc4b41f5a03e47f03a5f375f9be9","sha256":"aa4aa17f03dbe64b54772217ca4fdcd00cb6ab9d0c7a7848897b788e05e2d6d4","sha512":"9f35414853d195c683f74fdbb2b70feb414d229d01e3cee44f9f8668b531b67205b188e84806e0798c0727754dca27e6e47f1781273017f6fe0fab13acdc29b9","ssdeep":"1536:8sw/oNv4c/gEDb74gpgcZ01p+NpqKiKY9Wufwg6s:Uom3ELScZ0ieKJY9WOw7s","tlshash":"9c53013b5addaac22e18fff12704f749e8d46648d9611e533c44e18971ea4d6cf31829","first_seen":"2025-10-10T20:35:07.428855Z","last_seen":"2025-12-07T20:02:45.556456Z","times_seen":3,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":55,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/39/15244811/15244811_102_2011.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.996Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/39/15244811/15244811_102_2011.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 83980\r\nserver: Angie\r\nlast-modified: Sat, 13 Nov 2021 02:31:35 GMT\r\netag: \"618f2387-1480c\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":83980,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"a51179180c717b9dfc7c2fd1e70df233","sha1":"9bbbb8726db18053d346e273193aa1b345ca33d1","sha256":"8f65b7648d1086d6d4b5639ca9f32e3ad7854db6c13ebbc270c2024212ef2671","sha512":"f496f4a05cd697998343ff488589ee529588489c318687161758e35f20109f0f12ae7626d22fb0108efc2852ebf6e1f5618f12999bf828adaa73935d130ad580","ssdeep":"1536:kE0XlkjPipfFbtJZyVntBmGbKytrJmEz9gjsPndmZYtayIa2W:WX5VtJ0nDmSmEBAtSIa2W","tlshash":"6c831212f77b37f5aa3220f70252f98015a56d0a438069585394a6ebe720a2d83fd67f","first_seen":"2025-10-10T20:35:07.600479Z","last_seen":"2025-12-07T20:02:45.560345Z","times_seen":3,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":139,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/654/66218459/66218459_195_b226.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/654/66218459/66218459_195_b226.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 101286\r\nserver: nginx\r\nlast-modified: Wed, 12 Apr 2023 16:30:54 GMT\r\netag: \"6436dcbe-18ba6\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":101286,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"73c57d6bcd07b55f981e0423aa1b28a3","sha1":"a5002559c87861d64219882cdacfc506dea9e701","sha256":"1443118bd294f2506d03322f44d2e3e0fac123935f7588a6006e062a10bd9ffc","sha512":"bce1e50221f48a0378ba1fb18c10326d45742e683f62f189be19bdfe7a4bb0b10a7ea2fb122daf56def3e129862ad826c20d8ba22ed36a51ddec9eda2817b12e","ssdeep":"1536:kv/r+mgijT+hHLaTAvmgoxdk5GyxiCaBZYChFERtY4yN+w4Hs7hIIF0:a/r4iXQeTxgo/OGvCq9hFERzyQK7ur","tlshash":"01a3125ab91e10632da5b23673810abb58d28ff7bd4c0f798edc04716ad9a04d7a427c","first_seen":"2025-10-10T20:35:07.156587Z","last_seen":"2025-12-07T20:02:45.563285Z","times_seen":3,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":192,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/333/40929982/40929982_118_396c.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/333/40929982/40929982_118_396c.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 95737\r\nserver: Angie\r\nlast-modified: Thu, 15 Dec 2022 16:30:21 GMT\r\netag: \"639b4b9d-175f9\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":95737,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"47ae52df3e9d9a99c8200a858e091809","sha1":"21f9e30891e6d09a378a6ca12190266efcae4d8a","sha256":"7b972ae8ced53af8ee5eef47662ef59d663bde2edbaef5e08f7e2bf57bac1b31","sha512":"6a25383b6b1f017f870906ba9d1cfe6c653f004f30a04652148983351e84bcdaed42a873cb5fd5291c6483a1fce07371247fc7ce1591483976d88f72cc1a8967","ssdeep":"1536:krOSCxBrystW/gtVafKXZwftjx6tRCQmOVtReLMonsjHiGRDW9B216kDaBK0n:aCxBesY3aq6WQmOHRqMos2GM9g16kWBV","tlshash":"e69312bac7b8164dc392c4311e691d6ede09c88eac780c64727b383cfbd9d596445f49","first_seen":"2025-10-10T20:35:07.351439Z","last_seen":"2025-12-07T20:02:45.565263Z","times_seen":3,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":93,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/152/38858322/38858322_052_e2b4.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.725Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/152/38858322/38858322_052_e2b4.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 45292\r\nserver: nginx\r\nlast-modified: Fri, 06 May 2022 21:30:25 GMT\r\netag: \"62759371-b0ec\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":45292,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"f6614e2bbbcf42faacb9d4e9f24fdab3","sha1":"f204f1b66dae79fed56043af4b7c77602c5b7739","sha256":"6e1acf8d31d94a78aa848118aba5d4682b64af2ccb991028663b405d71a376da","sha512":"42d082a560b338f1f2a386a1f2afbe3fb0df157331d816dbd1362de493c0c577633b8e84e51e695e748804ae4946735d5742ebbc9bf3f5d2edebe1aeb77f6d3d","ssdeep":"768:m39pjCd1XU5xveWwg5kLAOTKv6xfxhLEpdSwnu0U1eARtZjsgIUZzt6Hr19OIF4X:m3TCdPLKvCZZbfRrwgIUP6hrlXm","tlshash":"f613f214ea420ff6a93a1efba87d01f12fd64604c978b75b4d3053a9c2de8494731f6a","first_seen":"2025-10-10T20:35:07.441454Z","last_seen":"2025-12-07T20:02:45.567318Z","times_seen":3,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/553/42382526/42382526_007_4838.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/553/42382526/42382526_007_4838.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 100927\r\nserver: nginx\r\nlast-modified: Tue, 15 Mar 2022 02:32:51 GMT\r\netag: \"622ffad3-18a3f\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":100927,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"7c5839c68db1c3bc929c41f921ec9c3c","sha1":"838b700a7ab3684c1e0fa296c01dd88595a3669d","sha256":"3fcc9d91cb65b6c2557b3447c9e46a5e64a245c0bfee705549c147987d1cf7fd","sha512":"672633f952efca4b24eafc5740dbbb47fffcffd11da1832c3776faf58ca661cf7c4802a2324066ccd4b08744eebdf4f2103ca22f1d68d39954c061dd40bf05f3","ssdeep":"1536:krVVzrSxgmU4WGRwoe5zfPiXTDjwtDeB4d68jLWauAKCH9eS+7NI/NhLZKjbu/sU:+VF8DJEHzEVE+OXLZ+evfBKGx","tlshash":"c5a3027c492fcc89626d18f5ccf055e4129cabfa7f3bc29ccb8d85a95e06c94045e398","first_seen":"2025-10-10T20:35:07.717833Z","last_seen":"2025-12-07T20:02:45.5691Z","times_seen":3,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/386/57757921/57757921_097_3121.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.870Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/386/57757921/57757921_097_3121.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 116893\r\nserver: nginx\r\nlast-modified: Mon, 02 May 2022 00:33:32 GMT\r\netag: \"626f26dc-1c89d\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":116893,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"48b23ba144f3afceaa168e052a759b03","sha1":"568c010504242d6303b2d7908dbc7fe5cb1332a7","sha256":"8dfe9a19dbadd4699fd4c57fb7cffb2d3b8a0dedde86ba29ba5f306cd2354665","sha512":"98f038a8496b50aef2a25e4f50b5b486c65c07e96f3353c5fe117193e46f33f320799795887c78e321cdd0f656ab287f685cfdf5523589ac5e352b0c4f9d6cfe","ssdeep":"3072:IHaV3QFtI9+6+CyLcj5cD4cKiHwODLoPy0y5y:mwgFtIosVcYIQy09","tlshash":"d5b312eadbb154ff0473ea759760c149a98fbccc01a497cf66066b6addd8b0bc6040e1","first_seen":"2025-10-10T20:35:07.272612Z","last_seen":"2025-12-07T20:02:45.571105Z","times_seen":3,"resource_available":false,"data":null}},"time_used":531,"timings":{"blocked":116,"dns":89,"connect":22,"send":0,"wait":58,"receive":190,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/774/60314153/60314153_003_89d1.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/774/60314153/60314153_003_89d1.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 129558\r\nserver: Angie\r\nlast-modified: Sat, 01 Mar 2025 06:15:38 GMT\r\netag: \"67c2a60a-1fa16\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":129558,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"2e8e2f79388563d46a4839061814a9d7","sha1":"e2e7f93eae1fa164b6ee47a8b01d2cdfd6d4b2b6","sha256":"c0713075a8b36e7fbd3b45f20e16d182daa213d1bed1d5b31aa5d708a0f49e2b","sha512":"bc7684aea13e2d55ea790b5bae53469d0de1d4dc948401604414f2fae73a67649f880d9e222dfde6acec00eaedd3102d43b44cd6bda5e21187de098c72168378","ssdeep":"3072:6YheGfEJuxSGj2diILz9/u6gdhol6vUCAIo7L/X7ELbIgQl7fA:6YgGMJtGj2d3GZda68CtovT08gAA","tlshash":"d7c31277e61c361dcf8940bdd67a2324ef545b7be046e01d6f22b10a3e02e2da1d16b5","first_seen":"2025-10-10T20:35:07.622365Z","last_seen":"2025-12-07T20:02:45.572922Z","times_seen":3,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":162,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/539/30950116/30950116_168_7383.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/539/30950116/30950116_168_7383.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 84926\r\nserver: nginx\r\nlast-modified: Mon, 27 Jun 2022 07:33:21 GMT\r\netag: \"62b95d41-14bbe\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":84926,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"b30a227a5b41b3e39fbc8364fc7f6a92","sha1":"182761b03d6b9d08665e84d6b1152e60945bd573","sha256":"9fe6979f08e179bf06c67488e0f8aaabe41794c266c24af6e2dafa6ffe5d9c5f","sha512":"cf72009804aa1a2497820c408f283b92e69af8f8f73aa0461965955a14f1cbcf47b2918486a1adae27558b2fcd8031e0ad8fdcbbd9f1194bff5cee0a9ed6c877","ssdeep":"1536:kLe4swvTKvNS/1LEWSxlPRi8Lhp/UESIXu7gOzyBrm+/ru3d/TEh:ge4fTN/NixdRr7MEVPNrm+/epYh","tlshash":"4383125bb5d312fa94096b1503480a0aedaf54d8cfd71a36df89c3a6291f3ba1de440b","first_seen":"2025-10-10T20:35:07.605464Z","last_seen":"2025-12-07T20:02:45.575906Z","times_seen":3,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":188,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/664/82703770/82703770_224_a708.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/664/82703770/82703770_224_a708.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 45398\r\nserver: nginx\r\nlast-modified: Thu, 08 Jun 2023 11:30:17 GMT\r\netag: \"6481bbc9-b156\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":45398,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"6b5c6eb3e01b163bdadb3b6dee58d69b","sha1":"145b03caee52305920a8e379d85b3826d3607513","sha256":"964dee452c0fcc8323adc917d2680a7cb608ddefda5fb67f2b1600d2d3098bda","sha512":"fa6b3dff7485d5c4109ce67e806b611eea69af53942196502d62598afc0895b9f6ad11cb3bc4bace37a51feb8d1d5c0eaab46eef8671af1a4fde35f9c78b5af2","ssdeep":"768:mGlcPQiWoXbKRKiMRxOXzTMG3I6bwEZyQNEW46gXB3ZvgHlh9Sm6uL6G5+8o:mG2PSRsRsNIGlC6cBpvgFehu1K","tlshash":"5a13f136a362931cee454bb82d6b87461e37518feb35e7ca13a572001871d8fda0cd3a","first_seen":"2025-10-10T20:35:07.567172Z","last_seen":"2025-12-07T20:02:45.578318Z","times_seen":3,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/479/90425666/90425666_081_9f2f.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/479/90425666/90425666_081_9f2f.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 69115\r\nserver: Angie\r\nlast-modified: Thu, 16 Dec 2021 09:32:44 GMT\r\netag: \"61bb07bc-10dfb\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":69115,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"14a7d05f711ad0a32f19135bdb121d7c","sha1":"e75d31ca0e613ca9c68403e116f85826f6482d81","sha256":"fbcb8a0c2af8c80b3c3a45e90ef57f9e28861a9fb48675b53171fa40550b6fb0","sha512":"b774d8c667e68daf9839d4b34b7964dd0936a5bf76a1f0f8697e3e2f2a3255e89e090639d7cb2b74402d66d633b88bc2e0acb780ffc2c68e072882b291cb07d6","ssdeep":"1536:kojQmWSTpHnR1lmkDQSRK9gmCeYNr4VPk/nkFUU:vjdPD1lmqNmNfVPk/GUU","tlshash":"e463020cddae209341564e3fd3b2e904b53c5e65a46d7e829bb429b049bff1db21329c","first_seen":"2025-10-10T20:35:07.631356Z","last_seen":"2025-12-07T20:02:45.580333Z","times_seen":3,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/783/13246743/13246743_024_6156.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.007Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/783/13246743/13246743_024_6156.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 40501\r\nserver: Angie\r\nlast-modified: Sun, 13 Apr 2025 00:45:03 GMT\r\netag: \"67fb090f-9e35\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":40501,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"bc64dcde4fb157570e933c01e9f9e92d","sha1":"5c53406e47fce027d0543609d3ba6d1468f4c318","sha256":"af81b4dffb379ad18b01dde098015abaa576760ec21e2bfe0a7bc50422971a0b","sha512":"b079228c5dc88ac04a193946084eedc2d5f80e9e451a7416f88fcb8132dc9efb77fa359245b38d1e0a1889e3e72a61edd50943c87dc4c4e59d6423ad037249ce","ssdeep":"768:meZZZE8Q+s/FipUAWOXmZlDOQnwBsM2X/3TG0hmax3Y8Q1q7sg1rx:meZjjUoaZ8QqT2P3q8m+3qRglx","tlshash":"7603f19e26e2ce2062605efb4d7710975e9650cbe73c09003c7bd78bc996f9a314bad0","first_seen":"2025-10-10T20:35:07.540747Z","last_seen":"2025-12-07T20:02:45.582053Z","times_seen":3,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/420/73897794/73897794_083_d539.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/420/73897794/73897794_083_d539.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 88468\r\nserver: Angie\r\nlast-modified: Sat, 25 Dec 2021 00:31:18 GMT\r\netag: \"61c66656-15994\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":88468,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"8b117878725c0fbae745bf0c9480d8fa","sha1":"59831aaa454f6f62844e2cc62d659cc6a30a285e","sha256":"f575795abf4e25f88ffcb78fda4d0bbc14edc216052e82391653d4a0d2e931f3","sha512":"f9bbdd37178bef30e70338ec8a1a83bd6f05cd56f9471731af2d7b7a2e86d00cbd8de724a257980bde8aa3dc9c4b782c6660e35bae0fd8798c4c17b432eaa2ef","ssdeep":"1536:kK/d38fRveYeYJjrypSiVU5eJL95BSc1YzjIe5erd76o0CtBscujVawzsYqt3Nmm:Z985v9FBiVSe1dtJtBsc8hsldmm","tlshash":"d4831260cf96a1970d03f56bfb39956fe1250966d037a1eb02e2417dc48ff4289e9d50","first_seen":"2025-10-10T20:35:07.304246Z","last_seen":"2025-12-07T20:02:45.583784Z","times_seen":3,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":174,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/92/69907253/69907253_025_8e17.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/92/69907253/69907253_025_8e17.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 133205\r\nserver: nginx\r\nlast-modified: Fri, 24 Jul 2020 19:21:45 GMT\r\netag: \"5f1b34c9-20855\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":133205,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x694, components 3","md5":"4a7643023265b96f66517aaeca364a0d","sha1":"11f0610d6c60746d5c19aea95d06914c0dccf728","sha256":"d2967002d590ccf085a130e773e2f2d25efeefc3ab429c3b9ea576c693415d3a","sha512":"c9b86e1905dec504afba4d7c98880126761067b1eae6a0feba5febcd6ca48d4edb540f3518dd6e28a7643f51a14e2456e067c5095fb680f90584afa1637c0540","ssdeep":"3072:y4iqSheVRTAkon9bcPt9SyqeFoxuEwgW4dSuUH361n4nnHCPzMS:y4i7hezcFnF2ZFnMW48Jq1n4nHKoS","tlshash":"46d312e6f7b379b98b101f5be582ded09f6c9a857827c185322f91a8ff470184678704","first_seen":"2025-10-10T20:35:07.216524Z","last_seen":"2025-12-07T20:02:45.586584Z","times_seen":3,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/485/31641835/31641835_034_50c1.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/485/31641835/31641835_034_50c1.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 73103\r\nserver: nginx\r\nlast-modified: Sun, 23 May 2021 09:30:29 GMT\r\netag: \"60aa20b5-11d8f\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":73103,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"8c93dae448ab8b117557f826815427ad","sha1":"c8e7f0a3e0457721086bbf81401d1cdaa928edc2","sha256":"67555e0004f8dc797bda803a8c86a3ee370f95a395fb6b06f6d94c8e5d73b104","sha512":"a67ecbf62a47cc23f5908c5cb7cff9a6b8295bfe0eda1a8eab7c046aa5408e20b46fc37249cbd177260f3bb83a8c997f7728ad84b9a77a2e62d6ea6e0a182e95","ssdeep":"1536:kFvnCmv6W2SE8tjVXp8HIE6CKnTmP+1zxmodFH6zAliF3pZ7VCc1+Xuwg3B:gHwkZBCKnAWzxddFH68AF3pZxCm+/gR","tlshash":"39630292a32376015d7c8cfab766f8f56c434429cdf0ec6174aeaff05d929490a093a9","first_seen":"2025-10-10T20:35:07.502972Z","last_seen":"2025-12-07T20:02:45.588439Z","times_seen":3,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/5/161/45093777/45093777_009_ca73.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/5/161/45093777/45093777_009_ca73.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 39493\r\nserver: nginx\r\nlast-modified: Fri, 21 May 2021 12:30:51 GMT\r\netag: \"60a7a7fb-9a45\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":39493,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"2df4113c7bf2c9b7d8fd437b77070571","sha1":"59fd08c6c11c11b5d8314bd80b1088654e77165a","sha256":"1b9732b427aaeb367ff5abe1e09645a1ee9767ac651123106293d8bb2dde46f9","sha512":"56b958318596c4556ea7f28d6b36e214f1f308a8c2561157fad3801ce464f7ce15eceff1a09f783ab1fadd15eee963851cea2e9820847478ec0e1f790ac914d2","ssdeep":"768:mAP5Xq74mF27kV/80hUIY/+ln2aZ4yXcMZO6vPIhuNcfMsNzOXK6:mAP5XqsmF7p2IYWfZRcMM6veuyf9Y","tlshash":"a503e198d30769879e2215dfea625c4181b83d2fb2c038b112cbfda525c95f8a1fd365","first_seen":"2025-10-10T20:35:07.264254Z","last_seen":"2025-12-07T20:02:45.590299Z","times_seen":3,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sexiframe.com/apple-touch-icon.png","fqdn":"sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sexiframe.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 28 Nov 2025 07:47:30 GMT","end":"Thu, 26 Feb 2026 08:45:16 GMT"},"fingerprint":{"sha1":"DD:85:8C:C7:DA:BE:16:4F:59:E0:67:AF:F8:27:D9:FD:17:BF:18:AC","sha256":"0E:71:22:8F:CC:64:FC:BA:40:EA:C6:F2:DC:D9:7C:B4:F6:27:D9:21:29:6F:56:E2:01:3F:59:78:93:BB:A2:1B"}}},"request":{"raw":"GET /apple-touch-icon.png HTTP/1.1\r\nHost: sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:42 GMT\r\ncontent-type: image/png\r\ncontent-length: 12676\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\nlast-modified: Mon, 02 Jun 2025 06:50:48 GMT\r\netag: \"683d49c8-3184\"\r\naccept-ranges: bytes\r\nx-frame-options: SAMEORIGIN\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TkVCFCsqLd%2BpBiDeNB%2B%2FzO3GlFq1IJQq%2Bhd5s7QHIWIKWOC3o8teQL5ArgZ1Ha2su4kb8QFofxr%2BlazRIZ410cFq8h4KNEkzFvVQ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa69dcd09e60afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12676,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"5532c448e74520540a4cad4dff766685","sha1":"202ae2134eb8a593fd217a3fefe2dc333069fd72","sha256":"e61db2294c22c93e56ae057b52e4cf1096636a3068dae50a56e51eec771fdc64","sha512":"58f47a361a04ff0c599c118b04d0813aeaa746207a6ce29f3ff3ef655155dbf1576f463b19d58f06e59c8fa64cecb1bc49d8493c67e98b689ca7d30d3b5ca667","ssdeep":"384:brkN2Kp58+obzvaleim5tAh9yBX+aRSlc:brk4K8+obzvalei2KyBuNlc","tlshash":"6d42c04b02e0b5f65ac58b23177f8ce504b5101886f4afbbd4e3158e8aae5a0dd03a49","first_seen":"2025-10-10T20:35:07.317459Z","last_seen":"2025-12-07T20:02:45.592593Z","times_seen":3,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/483/46412021/46412021_005_2880.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/483/46412021/46412021_005_2880.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 91413\r\nserver: nginx\r\nlast-modified: Sat, 20 Nov 2021 12:32:17 GMT\r\netag: \"6198ead1-16515\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":91413,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"719e7565dc9758c4e791dee5e314b511","sha1":"108b8c39e6ea4a33296f61ece4d8c7fe264be617","sha256":"0088b26614ed3239659b0a65e5fa3316800b3c58c4d44d58011186427ce7f4b7","sha512":"41a315ffcc43371ca4120729ee18cc5285af398188eb5635a93c4537e43e254cd185b07fb82e1b2023b34aa46b2c3d408c6d87c3f47b03c8db2cfc60ff7b0b2f","ssdeep":"1536:k9/CdACW1LrCFYLdSt1xlAdhYkrbrZONiWujV6ntU8Fe2fhE7M/i/TJ7TnQ5EIa:xdk1Lri/tLlcYkrbrZAuKOXcKTJ7X","tlshash":"28930294c1b81cc35967dcfd83e79519c6cd0d50da0dad2922afebe061af8423e476e2","first_seen":"2025-10-10T20:35:07.13952Z","last_seen":"2025-12-07T20:02:45.594383Z","times_seen":3,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/331/72051612/72051612_035_e666.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/331/72051612/72051612_035_e666.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 112479\r\nserver: Angie\r\nlast-modified: Sat, 26 Feb 2022 16:33:55 GMT\r\netag: \"621a5673-1b75f\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":112479,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"71facfa15ca6ad373914f02b41e05972","sha1":"e091138d3339dea5a2075d08d2d9375e89e53cbc","sha256":"2147cc0adb2002df601962dedf52b3098cd426e0b2938343f6de98f2008f65b5","sha512":"f908a2c30ff764fa6f8405d83db1ad4f17e44c224dc02aeaaff1729df3f97157155e21169b56f65d3c87566156822b41c882b7aa619696bafb0d1531771d350c","ssdeep":"3072:co1VNjlOhbJtMY/91Bi/r3fQEG2yDs7xAG:B1VNszDzgz3I5Ls9","tlshash":"ccb31247dc411573921039bd3d12b9298459933ea11ca31c3a428bde9ee7c19bbecaed","first_seen":"2025-10-10T20:35:07.730567Z","last_seen":"2025-12-07T20:02:45.596694Z","times_seen":3,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/1/223/67608269/67608269_004_8657.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/1/223/67608269/67608269_004_8657.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 82721\r\nserver: Angie\r\nlast-modified: Tue, 21 Dec 2021 22:30:41 GMT\r\netag: \"61c25591-14321\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":82721,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"8bf4d4d29a5f98e34156f60dc7d06d32","sha1":"9a9d3a9115486924ff360d358a40f79fd698f9df","sha256":"2d5e402222d0c3c5735055dba74065bce47786910e093bf9622dced74d60d8de","sha512":"05497659fb3460124d01ef3c7844e08836f25d2936825c8f43ec009af7ccbba6df84c343256bd39cd56266e903147bdd1ecef77b1ee1ebc90b55aeb516d6a62c","ssdeep":"1536:8rNzH3JvuEg2nBmt1Ds5PpJs9IgsIgsjZIxpgcjda:wJluIBmLsVTs9Hj+x1c","tlshash":"998302a5c7492bfb890bae31d5ebe5061174676d6e6c31f1f7da6604bf8008220a24f6","first_seen":"2025-10-10T20:35:07.637981Z","last_seen":"2025-12-07T20:02:45.598852Z","times_seen":3,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":177,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/1/319/70816229/70816229_010_3ab3.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/1/319/70816229/70816229_010_3ab3.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 70282\r\nserver: nginx\r\nlast-modified: Mon, 03 Jan 2022 15:31:36 GMT\r\netag: \"61d316d8-1128a\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":70282,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"84110452591c44a2d02661599290eb50","sha1":"a5a9a42db5a291cd76ec92bc90820942457e37ac","sha256":"516c15fc000ad36e71e9dc45375728959c4d1c95affaaa8246f9517ddaf97be9","sha512":"8030b6c90d013a951e3227e155ed60a51a2a3901c8fc2e77703c8f9928e316a2a37e3cd2d6cfd76a21e5abb3403de4475f982b7135baa3308b42a8de9f662dcc","ssdeep":"1536:8JobO0hxVX8V5uBEnstWLZuczmDTH2ezMzYZm/5HMgF/mc+6kR:RBxd8V8EnstWLZYDIOm/5Hx/mc+D","tlshash":"48630205efd2c05c032fe1f6ca7ebe64db4b4515f1620198eaf888efd8509653da05aa","first_seen":"2025-10-10T20:35:07.306083Z","last_seen":"2025-12-07T20:02:45.60101Z","times_seen":3,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":90,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/705/17220629/17220629_033_b33a.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/705/17220629/17220629_033_b33a.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 35806\r\nserver: nginx\r\nlast-modified: Sun, 24 Mar 2024 21:30:35 GMT\r\netag: \"66009b7b-8bde\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":35806,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x253, components 3","md5":"b0d0a9f056d259f82f113c9016419025","sha1":"1d834fbaffa794a24e29f43be74df388fe8ffa0f","sha256":"d8a8897312103c2071978af0e0d3cc458cc4b83dce6ad76d90ca748dbbde43fa","sha512":"39a279d84cb92c56ff1a3a9718f1a0c61d96d832d08fc6bde0fba70974da1ee1346e1219dfafeeadda852175b76c9925c4e4b7480efc174ed6d735943b06aeef","ssdeep":"768:lsq8jeiFTUXQP+fJ7XPaJK7yonbyvyQkRM54P0PgdtCee:lslFIh7fe0bk7kRM5BAtG","tlshash":"a0f2e1fdffae733c267f57bbf55a278e57e92824cb018c9f07215464b809494948218d","first_seen":"2025-10-10T20:35:07.222146Z","last_seen":"2025-12-07T20:02:45.603248Z","times_seen":3,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/163/23715055/23715055_065_f8f1.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/163/23715055/23715055_065_f8f1.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 32039\r\nserver: nginx\r\nlast-modified: Wed, 05 May 2021 12:30:52 GMT\r\netag: \"60928ffc-7d27\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":32039,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"55673bcc8e602ac5b1941062088bb5b9","sha1":"5d7ea0cf4d3d6fed2cfa8fa536748b880cbc184b","sha256":"386349e5cdc8dfd253475c3480ad451bc472ae13e06cad87ec2c04483e56a98c","sha512":"3ceef6dee92403bf5a3cfe00c54199a936f815149dd7fd76d757512b6b6ad787e9ef35735aa2832267977b13d6a0b81220cbb3c61af6acfdcd55a7ad3eef049b","ssdeep":"768:mdv20N9x/6WZJlNmdqlWRGuM4+nSsV5mBJ7TXQhN0XRq7N1AC:mpF6mlNzLnSMifXEWXRq7NSC","tlshash":"19e2f1bbfb264277994898fa4d323f27db148395f41263444ae1237c53993392e05a7c","first_seen":"2025-10-10T20:35:07.593088Z","last_seen":"2025-12-07T20:02:45.606057Z","times_seen":3,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/632/11649964/11649964_076_02c9.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/632/11649964/11649964_076_02c9.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 53997\r\nserver: nginx\r\nlast-modified: Tue, 14 Feb 2023 06:30:39 GMT\r\netag: \"63eb2a8f-d2ed\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":53997,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x341, components 3","md5":"fa67b32428d42c1e4718e48003510cd4","sha1":"79fff40d287d00b76b81c6e7a37a73d8a0c15f28","sha256":"d7dc4c769d6d88def6d014dd6be72d2a4f12fbca6e3da0c2a7f6a1764ab04316","sha512":"253573d526ff5a02f31d5e243650b9064c8eb0c85d6f01769b224f79a7bd328470a301ebd2a29247de7fbe03f092734c80f5364d9843bfb45a4f444cbab2810b","ssdeep":"768:+aGcLV5UcFhGcUp9JysKKwM1FrLB+FPT0dt/cFYy3GjzhfE8Tkec4QiK2Gk/URSc:+aGWhFha9cXKwMPyLKHjW2/H+v3UZ2","tlshash":"4e33f14e42b4236340b2123e4a9956355f24de9ee3e618496e1c3ee9bcd28f3f14d307","first_seen":"2025-10-10T20:35:07.218417Z","last_seen":"2025-12-07T20:02:45.608029Z","times_seen":3,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/5/16/72352132/72352132_014_15db.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/5/16/72352132/72352132_014_15db.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 86061\r\nserver: Angie\r\nlast-modified: Tue, 17 May 2022 18:34:09 GMT\r\netag: \"6283eaa1-1502d\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":86061,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"9e5c48f428322cecaeeffe5846a53415","sha1":"35f25d4ed2483e84edc051797a56f0f5ca425409","sha256":"d294e2c6d9eb37c942ac89a7e479fbb676786ab5914c09eeba34d67a17058d77","sha512":"3add3ed16f3c7e9168cbd7fb2253abf1a8ac6700467e4ee9a373bb7d5d8ec1e939204fdae56fcb0c3378a2cd5de6729096380f1a6fb462cbf62b90339fa2e841","ssdeep":"1536:kLarjbaApPLzAZvRfUDNfImkQrVmwEvTaLdmKQhtkk4SdkorLYRhay:/jPTzYiDymkQrgAdjQfkeSorURhay","tlshash":"3783126dd2d94a68afc24436e0a540f7231ba6f1f773b35d864633459682f8286c8dcf","first_seen":"2025-10-10T20:35:07.545999Z","last_seen":"2025-12-07T20:02:45.609793Z","times_seen":3,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/566/91802692/91802692_069_af0c.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/566/91802692/91802692_069_af0c.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 97262\r\nserver: nginx\r\nlast-modified: Wed, 13 Apr 2022 00:32:19 GMT\r\netag: \"62561a13-17bee\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":97262,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"c934be87ddc2b6b5af60a3423beb7851","sha1":"9524925c0b47355f037acadc75a04b09a945cb81","sha256":"6c51738976c54cbf565a8d06e2b9664e35cc78fbb0d979882632ed6ee2934180","sha512":"ea6a440c279c49d856dfea14ed200565c3b1d999002d48a40228eed846853aa07624811abbe1582cf2a8b6694b5a488cb1333abc090e47561001c4cfef4f2bc7","ssdeep":"1536:8cf+PJaQ5rZN5IEFbiuIHAZKnywSie4c1TFoVcRh+KeSyaY0Cuwkdhg1:9+xn2EhiuIJny/P4c0V0EKJyaY5uwkd0","tlshash":"87931246c1637e2ac16099f4a0af4857fcf62e75e7e06225f014adcc7b5de9be80098c","first_seen":"2025-10-10T20:35:07.389487Z","last_seen":"2025-12-07T20:02:45.612045Z","times_seen":3,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/432/37976379/37976379_092_41d6.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/432/37976379/37976379_092_41d6.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 48413\r\nserver: nginx\r\nlast-modified: Thu, 18 Mar 2021 21:30:16 GMT\r\netag: \"6053c668-bd1d\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":48413,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"6be8c3d8e2acb7d98cba13651c629265","sha1":"024737dfef0702f18d231fd154213f0c9df9f537","sha256":"57ba8260eed9f1d6fb57e7c31ab4a85bd1b8ed0f74ebdc7155e64edea6d6742b","sha512":"cadbef19c6e9c40bb478fd3d7cd753cb7359bd2cfaf5d6cc41fbf2479fc5eb6581b630176f38168764807b7a301ad51b52cd04cdb48aecfcd3a7c6d05ddf0536","ssdeep":"768:mpA7ZT4nCy/lJzJ20aEiUL016Xld7wTrTNJ2FBTOoiNn9CM+q3f3T6HAHgNH59i:mm6nlJzJ3LiT1eldETfv2FBOo2n9v37N","tlshash":"d62302ddc45b05247bd34cff26caf223275ac337ea015161279e84aaaec11d6b168fc9","first_seen":"2025-10-10T20:35:07.520217Z","last_seen":"2025-12-07T20:02:45.613785Z","times_seen":3,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":205,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/227/25904715/25904715_012_3f2b.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/227/25904715/25904715_012_3f2b.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 38927\r\nserver: Angie\r\nlast-modified: Sun, 29 Aug 2021 10:30:10 GMT\r\netag: \"612b61b2-980f\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":38927,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"c927aa038ecfce4c59bdf6d202f8819a","sha1":"539b680b37e3bc77d8619a8bda0328be87c85309","sha256":"3c5f9f263de15930d26d87d651d82f96ca8a6dcb977025fbb474c26ef4790d78","sha512":"531eb45a7f78aa81598eed127f8d02271d80eb085a203e2ac2f06810eee5e17b7ea06e287b0d53e2ab978a1b334d67542209e253bcb3761b434789a9907a2d98","ssdeep":"768:mld0/hCyPFqdNYBJiy3188GYTrkje7sZ5SkPcA191/Z4wcNvXhgya2d:mvIhCyPFUuziMGgwmsZjUM9cNvmy/","tlshash":"9a03f239c2781a30ae37fb346134a5a0f77ce90bd8d52659a32097d1cf570b6b419acc","first_seen":"2025-10-10T20:35:07.318951Z","last_seen":"2025-12-07T20:02:45.615523Z","times_seen":3,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/490/87993702/87993702_068_d6fb.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/490/87993702/87993702_068_d6fb.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 89431\r\nserver: nginx\r\nlast-modified: Sat, 08 Jan 2022 19:32:52 GMT\r\netag: \"61d9e6e4-15d57\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":89431,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"8b69e46a8498f6284a42fa51ecc2dcbb","sha1":"1ef43fdeb1621513373ec575189a19cfb8de7bba","sha256":"ac443a86c883c4299b22939f80ae86d35f3a573b7272897c24a8772879e37ffb","sha512":"99412e820cbe514d97830fef1388ecd966665696ee0400e3cb45a505965f62015c074bc23165f8fe05682f4feed5171ed9a7f136ee4a8ecb7eff925d9edfa307","ssdeep":"1536:kFk6UbWOHkr/zLkkpaZqdKYHniDAvF1rm+tInNU3yNGkvhGPV1Jbb17XbV5/+rc/:1Hkv4GawdKYC0tBm+KrGkcPDXDRPhV","tlshash":"ed9302a3e116f35fd0e8c9eaf19e1a4d69a39422f9fdc5402934a809b21c5bcc32b954","first_seen":"2025-10-10T20:35:07.524044Z","last_seen":"2025-12-07T20:02:45.617096Z","times_seen":3,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/789/32929978/32929978_048_54c8.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/789/32929978/32929978_048_54c8.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 36260\r\nserver: Angie\r\nlast-modified: Thu, 08 May 2025 11:45:10 GMT\r\netag: \"681c9946-8da4\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":36260,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"aec0268c0ad7617737e57ebf15b6e3ea","sha1":"8444b0688f0fefd10310b1a8f34e7d9ea6d22903","sha256":"4a7f0c6301284a3404746ed894f58b166ecbbc91adf849d45e4a45dbc567ad05","sha512":"87d4bfadf86397c642323134681af1986b01ab871e1b954209d30fdbf087cca01a56bd33905b7bea1700582965fa1e046fc20dd4c972c510923829dc222f21ee","ssdeep":"768:mF3hCa9sJHaUq4yH/YoRrSz0Z86pLh1v04L57d8IbGizpVkjN4:mF3hCa9sJHu4SxRM2p1u4dxuB4","tlshash":"73f2e1cff8e3d111877bbcbcf26765816b272116e1840a8f153a57b83254ab1a18e5e3","first_seen":"2025-10-10T20:35:07.167448Z","last_seen":"2025-12-07T20:02:45.618507Z","times_seen":3,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":110,"dns":0,"connect":23,"send":0,"wait":58,"receive":85,"ssl":36},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/58/60463806/60463806_072_83ea.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/58/60463806/60463806_072_83ea.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 86142\r\nserver: nginx\r\nlast-modified: Wed, 02 Sep 2020 21:30:43 GMT\r\netag: \"5f500f03-1507e\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":86142,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"3c72799b4fd38d80ce8645370d121990","sha1":"623f733129e4259212076d0ffe960ad554e9faea","sha256":"66d989b969523454b76adf59e7e5d47559325738c874c10f18e0494fcca99cec","sha512":"4b52621d866de791e31f5e0c5ae7212214b4d57f37bc78b52e2d00630cf21decb8fc7881b29c05448ae1be8f954474e1bfc66f24fa4bb64e554f4ab89e645aee","ssdeep":"1536:kA05jezMJtNoi9CnBP69ZbmeDsLP6L9pJaF/s4KjVj289Th1nL9hLZCy5Fnml/+W:k5jezMJQeqq0eK6IF/6jh28NL9hNX5Fy","tlshash":"7583124ec47d9228f1b400f4123455d672f9a90bc1aafbb849764b3baf5c84071979bd","first_seen":"2025-10-10T20:35:07.50795Z","last_seen":"2025-12-07T20:02:45.620197Z","times_seen":3,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":178,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/789/83342693/83342693_022_52c7.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/789/83342693/83342693_022_52c7.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 28705\r\nserver: Angie\r\nlast-modified: Mon, 12 May 2025 02:45:19 GMT\r\netag: \"682160bf-7021\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":28705,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"bf670b04331bbf8895b377a091d47c06","sha1":"fd53b2ea376a1007150016eff61c797755bdc923","sha256":"1149f94edd35c8443b9a4696b8300555be825eaf6b23b70805c70363e54fa0b5","sha512":"8e2a670262f9889e344eeddf001ef85aafcaeeacaa095fb0e132fc9e075ec596ed2bf4be7e85a39c7b1affbc9ff589cc99ccc2f9193ed6af1a0ca8de14446613","ssdeep":"384:RIg7ZoqlnL2XN79CVhS6+CWac6FLzmHpkZJELBKpE30jb29wViTkCwcYtoHeHiPu:mI5CB9X7yhzQpeELBiE3oFQ9wjtnCbC","tlshash":"36d2f123ddf71798a52190ff278aa1e154281d97accfca2a1d3c4f69a202f17ef42650","first_seen":"2025-10-10T20:35:07.259712Z","last_seen":"2025-12-07T20:02:45.622064Z","times_seen":3,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":80,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/777/11575876/11575876_003_7af5.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.510Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/777/11575876/11575876_003_7af5.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 42502\r\nserver: Angie\r\nlast-modified: Sat, 28 Jun 2025 12:45:30 GMT\r\netag: \"685fe3ea-a606\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}],"data":{"size":42502,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 464x309, components 3","md5":"f1155f11b02656c456b5e6739d069b69","sha1":"0fb6a5809dfdd3264ebb17f3344761760c46bdda","sha256":"f290fa02713f90625fc8a28e5a97416a88c6a8ec54f85d49a32670c4c684059c","sha512":"a5b7b852ef189ba28a43ecd6ae1fbe1bd4fef9f39f518edd80711667e72aa776c61e23841cd84f4d44a362ad179c98d8af0c530cb141b1d0fbf7104c322b7993","ssdeep":"768:yYxdC8NqxTRQ8sr46pSjcgwV9RukBUdGCBVtLGU+c4HXPl7J4q+OO/RqW7i:yYe8NqZRQ8skdQgg9RV20Cz9GUh4H/lP","tlshash":"3b1302cdfa6ce8e7a112d0b84cbc5580151938d2e677f8f912689637e6c206c3b3447e","first_seen":"2025-10-10T20:35:07.203158Z","last_seen":"2025-12-07T20:02:45.623632Z","times_seen":3,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":107,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/1/175/50340413/50340413_012_9f7f.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/1/175/50340413/50340413_012_9f7f.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 82355\r\nserver: nginx\r\nlast-modified: Tue, 30 Aug 2022 03:33:22 GMT\r\netag: \"630d8502-141b3\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":82355,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"a5d4d21bd2419ad11987e6e26f3803da","sha1":"40ead45aeb4bde05096bc530b9beb297a4decaf8","sha256":"5e34b073f91910406387e3ffa24cf3e394d30dc983ade32c0a4b09314be30802","sha512":"6cdfc680dd47b8db5039fda44de71950a1a0fc2d2372765aa7768ff91b6abe12d57ca3b755bc22c42293f0e48ac92675d0fa2282f79a4b64dfa6fada14bc2ef8","ssdeep":"1536:kFPiwnyj8P8zqkaUuWTLDZBCYm2R8hGb+dHvdRzg7hD/t6VUFJF7OfRx:cayw8P8zqUnZBCURLb+VF1SD6VUFJF7S","tlshash":"7a830270b6c3b59ebc830f3415f573b6f01481aca7ba14fa29907506d987f60a44aece","first_seen":"2025-10-10T20:35:07.16365Z","last_seen":"2025-12-07T20:02:45.626123Z","times_seen":3,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/5/170/52555925/52555925_015_7d40.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.316Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/5/170/52555925/52555925_015_7d40.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 89507\r\nserver: nginx\r\nlast-modified: Sat, 16 Apr 2022 09:32:02 GMT\r\netag: \"625a8d12-15da3\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89507,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"97e900c602ee2862f52a5fb315f13474","sha1":"c1ce3c6be6e6d8f0ecaea15f38eb6a5e190136be","sha256":"d2ef300b1b71b6b4f9fa6d3f5bce328f23fd483ab0732784eac07c3cd44677e6","sha512":"d70732220f0d8a10e162cf268c888591850ad9803745c6f468a25ab97d06218d2f28cb9f0d788c3bfe657241fb1abd1fea07443b429921e226af0331b4330d9a","ssdeep":"1536:8SFkQHhseDoGQHnt+GUz1Ebk4OL3TZUC8RrfY5sxVWQz9H7LTgGg0:pFThsSoztgz2r23AtfYep7LTtF","tlshash":"50931248507a5992514adb3e893acda6af8b4eab6f901c43c3c75bf7dc70300bb06646","first_seen":"2025-10-10T20:35:07.36853Z","last_seen":"2025-12-07T20:02:45.627772Z","times_seen":3,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/557/51021451/51021451_078_dc5c.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/557/51021451/51021451_078_dc5c.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 88787\r\nserver: nginx\r\nlast-modified: Sat, 19 Mar 2022 08:30:09 GMT\r\netag: \"62359491-15ad3\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":88787,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"f1b9b8132cf9a1ad2c665ebfb43c5d40","sha1":"db523eacf068402f76b0645b9784569c8f1b0ca9","sha256":"c6a115049efbc895a1df65cf36dd8f964c3a4c9914f78693e0c2a8fc6075a5da","sha512":"98e3fc68ae14ac6f80b5af56d35adec43714bbd2c54eb0cf1f9e235fe776fab710717442586b9a52691c246f0ee9e67ad1569cf835b622f4b3b028ae621bc980","ssdeep":"1536:kt5n4X46Ve3xAXdBfjx3gdbY+ChSfaDURkDEIthJjTVeocPuRjEQGqeq73QkKQ:yn4oYe3IdziMHhtQRk9trVeoCudEQ7ee","tlshash":"2f831278d2c50ee543193ebfb55d00493982bf85e582fc7eeb3a4da28e582db4214d15","first_seen":"2025-10-10T20:35:07.383888Z","last_seen":"2025-12-07T20:02:45.629231Z","times_seen":3,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/52/75454403/75454403_098_ab12.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/52/75454403/75454403_098_ab12.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 76111\r\nserver: Angie\r\nlast-modified: Sat, 26 Feb 2022 12:34:27 GMT\r\netag: \"621a1e53-1294f\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":76111,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"a787a4222f887c66f68b1ab9cb96f98e","sha1":"38fe900996912d1cc2a40a738a243098c45f88f8","sha256":"a95e97d41cb65e5b2f5e9145701d1c02d3c58e58f690fda7c0628bc4b3e4ad5d","sha512":"fe1ebfe0717150f90b5e52fdb8e4fc6b92a26deeb4635e19149143f18ae7b19516d9aa0a353b0782d8a6d6fd072387e8df3721a2c897c91d351e5cbf1be4da57","ssdeep":"1536:8Ym4b6CSc6T9F975RsrPCGHbWhN64NLAkeNT+DS2a1JIOKVpJA1On:Wc65nc7qHVAPNz1JIOE","tlshash":"3d7302a4d7724f294b431c7b90041233fbf8dbd9deb22ba9b2da23506a9b0e45d40f44","first_seen":"2025-10-10T20:35:07.744212Z","last_seen":"2025-12-07T20:02:45.630565Z","times_seen":3,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":86,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/781/89820137/89820137_042_4f21.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.727Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/781/89820137/89820137_042_4f21.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 36638\r\nserver: Angie\r\nlast-modified: Sun, 06 Apr 2025 13:15:36 GMT\r\netag: \"67f27e78-8f1e\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":36638,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"db56725a6e90dbd4764925b782e00aa2","sha1":"b06316b8b739746a6d5ab52057cc030d8b1ebe6d","sha256":"6154f90b9ca2af235377f48a6afc01a405853c95b15f7abf6c2cf19b3dea5dc5","sha512":"32f1ccdc907772e60ff913c71f1c2d9d4a83100342b4a85e0d7cc9bdcc3afd16b85c3512e7a02fcff7a53d8b0b683d5a37237c705946d0c5b1aa581c77408bc0","ssdeep":"768:mKPTLTxEA202GmZDu8JFHuMQ52/m5uRwsPEvXVbmf9XRyaXMiw:mKzrJFKOh2ouRwUEAfZXBw","tlshash":"c5f2f199e0cf9016e82752f4d059220c9fd80d59f3b982aaa09b535963c8fd10ab32dd","first_seen":"2025-10-10T20:35:07.561977Z","last_seen":"2025-12-07T20:02:45.631983Z","times_seen":3,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/145/59567428/59567428_023_8687.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.772Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/145/59567428/59567428_023_8687.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 112382\r\nserver: nginx\r\nlast-modified: Mon, 28 Mar 2022 22:31:31 GMT\r\netag: \"62423743-1b6fe\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":112382,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"7b3662e1f042daeeb1df54bc0ae6c335","sha1":"2574c4ce396b4ac0adcc300c330e51d23ab3cef4","sha256":"c4b23548ccb3ee726ec92c2a6dd7e0c465785d5ecf3bfe3b3326fd02ce04f5af","sha512":"09267c8c2228a0244dfa419dece86ae809b3683d10c3194cb00bbe5325ff3bf6108b6a5333e869c37e81beb07681b5bcb309ac02052c43dd6153679ce588417b","ssdeep":"3072:0s2/BXk3bbgrTH0GYPHNG3PY3EbCE/60GGqwlm:0swBU3bknUG+M3aER/6mY","tlshash":"6db312ecb840a0160d919ff66ec93b29eda7fb313ab9465182c6d35eca8c65f001cdc5","first_seen":"2025-10-10T20:35:07.341052Z","last_seen":"2025-12-07T20:02:45.633426Z","times_seen":3,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/307/89916206/89916206_041_07a3.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.768Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/307/89916206/89916206_041_07a3.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 36676\r\nserver: nginx\r\nlast-modified: Thu, 04 Nov 2021 21:31:34 GMT\r\netag: \"61845136-8f44\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":36676,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"8f805168d3afb9348fd985b67055718d","sha1":"a67172361e4f9272aef9652a92483023c542c2b3","sha256":"08708a06b6bc3fea7941c07e8e91f8b80e928e57c843322e6b39a9342669923e","sha512":"823180832e243d839278b16fde39b13a46fa6e281edb9b212e8e1a4d33f5c28add7ba750053e71e806903d0e3c407ceed236a700c1b8590113ffa984a799ebd4","ssdeep":"768:mXhWIBdMob4I8jx5gzpYe9Kv/lzR2Xz10lmMAEJRWkpiR8GBn4qwQveU8mDGu:mXMMdD4I8j4zd8WiJRFB1eeGDh","tlshash":"96f20283ce23652e2c04747db6411b5e19685a06ec474fe21a1ff2ee9b8d2cd479d25c","first_seen":"2025-10-10T20:35:07.679222Z","last_seen":"2025-12-07T20:02:45.634724Z","times_seen":3,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":83,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/652/69859710/69859710_017_4564.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/652/69859710/69859710_017_4564.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 155158\r\nserver: nginx\r\nlast-modified: Fri, 17 Mar 2023 19:31:11 GMT\r\netag: \"6414bfff-25e16\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":155158,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"64dff19d9e163e7f94fd00e9e60cba5b","sha1":"a84252e54a5d4d785e121d8daac19495486b092a","sha256":"628956137f99de3e6fd3a653878b3ba8704872e94d204865576a370fbbdcf11d","sha512":"7d2300025b7cc3aca1a36c3f75acc1096b3e11d69e0645757f3a9a84059120b9f2596cc8e5b4b223f8ba3029d76052f863837060c58b229b2b52e008e44582ee","ssdeep":"3072:/Kkep5xEPuigx4hZPj08xykjQw/Bz9Tw9ffCbHZbHjqN4kOdeldOVBsTo9:YTxENgxsPj08xykjQw/B29HClbHJk0eg","tlshash":"47e3128de524f3056a71399e979f11ff324562d00bca6dc406abf1a2cb70927c2e7867","first_seen":"2025-10-10T20:35:07.635948Z","last_seen":"2025-12-07T20:02:45.636052Z","times_seen":3,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/304/65151580/65151580_086_90d7.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/304/65151580/65151580_086_90d7.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 71994\r\nserver: nginx\r\nlast-modified: Sat, 30 Apr 2022 04:30:27 GMT\r\netag: \"626cbb63-1193a\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":71994,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"c5f20a9116c58702d26d1c3158c8521c","sha1":"2cf0ac4c408ae1b0e96e65147885c40128fba2a2","sha256":"3d9f0d4b5e5d1553f175944b99e6284b299cda9563fa36f1bde3e3e3c22c44a5","sha512":"8ba597cee3562263cdc6541c764cf2c7b6624dd545f6fbd1bf86da37edae6fef8e8b683709a4f4d87ce62229e3e1de25c835ece7fe5a6f088198e8419df5fae1","ssdeep":"1536:kWdQpV83Ps6AT84hAsQtNXh1x+BrsBx/AqWCAm9MGY4oYz9ct:fQf83Ps634wtNXhrYr7C19rpoc9C","tlshash":"3863024bfc925940a4b1ae3aef30e48a1c1befd5e888208af53f1c759dd95d9c07d906","first_seen":"2025-10-10T20:35:07.505188Z","last_seen":"2025-12-07T20:02:45.63732Z","times_seen":3,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/5/59/59749446/59749446_014_2b24.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.738Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/5/59/59749446/59749446_014_2b24.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 112067\r\nserver: nginx\r\nlast-modified: Sat, 24 Sep 2022 18:31:14 GMT\r\netag: \"632f4cf2-1b5c3\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":112067,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"03b4b961336d1e7a2da87da4180bb64e","sha1":"6f871fc09fce974aa9efb136af63472b59501203","sha256":"5000b27526cb46722fcd4d23394763c6a82ec2d4aa30723789c3a5c574375cb0","sha512":"09908f0dc999fc5e0acb0b37a3ddae71c5f29b9bc7943d028ea912979a4cf8a01197df113a958f1d2ce998c77011592d6a3d86dc58e1f6f64e1d09f5f92f14ea","ssdeep":"3072:/PSPFA56Yti3OtDgNp6i0HLxFL67i204WsXR86K+5SY6U:/PQVDOtDspZEdd204BVhSQ","tlshash":"ecb31279c127d5ba7662e1c6c9d0148c8d078b7ce3da4cb6dcb3be319429cdea4d0a16","first_seen":"2025-10-10T20:35:07.228897Z","last_seen":"2025-12-07T20:02:45.638721Z","times_seen":3,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/5/163/69101008/69101008_009_ca40.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/5/163/69101008/69101008_009_ca40.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 73517\r\nserver: Angie\r\nlast-modified: Tue, 03 May 2022 08:30:13 GMT\r\netag: \"6270e815-11f2d\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":73517,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"297e0a27dc3927b3e92cd0e0d3591cb3","sha1":"572c7b655ed6ea995ba80564344b4518db6d5005","sha256":"cb4a8aebdf6e51cc43b91dea60a0a22843e39f986149e602c00b4e20a52f836a","sha512":"46455d1cac56ce55d3fd21b8091af82086ca98d7e4716012bb3f6f7b8dc8b8da39d2069d2a0300b6b3ebfe5513d66288090af131e74061372649a57d01329b79","ssdeep":"1536:81rqt5YF87QiBgNLcK3hh+dl6N7LvSQ5MIoNB1PsFtbO83ePXhe/RQ:YqwFeTgtVOdl6Jp5MI2BAh6pqQ","tlshash":"c27302dee1105d8a67fe453a3833aecd45cca903e6df968432184f6a126c52d7b4c38e","first_seen":"2025-10-10T20:35:07.291004Z","last_seen":"2025-12-07T20:02:45.640194Z","times_seen":3,"resource_available":false,"data":null}},"time_used":540,"timings":{"blocked":146,"dns":76,"connect":22,"send":0,"wait":58,"receive":183,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/784/55686736/55686736_009_f720.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/784/55686736/55686736_009_f720.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 106072\r\nserver: Angie\r\nlast-modified: Wed, 30 Apr 2025 04:15:20 GMT\r\netag: \"6811a3d8-19e58\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":106072,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"1469fa17d9e2007c1a865dc1b9cab510","sha1":"15004e12e94f3be4aae27d32803f5d578b59c715","sha256":"d99d989a17d43b90ca125ae9d84df9ba92613b9dca42fb81ebb4d69770f24e91","sha512":"7a7a52b5cb72479ecb7bb0e746631d5a47f70773d217ac43195caba1ecf8ca8ec8daf1764344590c2682c332dcea1de59da06726c01db805bbf5c5ee99db825c","ssdeep":"3072:l5i4YKvhQLUNCoN79wPzlUNij4hhMDxEWlinT3:l5i4tQLUNNNEzCEj4XoxFAT3","tlshash":"2ba312ecf3680a3ec7d68f7d291e887b62066206c34d291a5cfb8285d23ff675145978","first_seen":"2025-10-10T20:35:07.498651Z","last_seen":"2025-12-07T20:02:45.641521Z","times_seen":3,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/72/86087371/86087371_058_5582.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/72/86087371/86087371_058_5582.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 79589\r\nserver: nginx\r\nlast-modified: Tue, 07 Dec 2021 13:31:14 GMT\r\netag: \"61af6222-136e5\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":79589,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"d2ec225575029e202a06a659401be2b9","sha1":"562422acc464a3b45e3b8aee337a6d7958a5dc62","sha256":"abead38aeb29eff27a6e35731d6e9998b1aee0e58af4fbe7a499ad11e6fcc9f3","sha512":"4b2df35a13e318ba6b0b6045b818d2da7522de6a008e5ce8dbe1d738da426382b5943c256dd031a4e1b86bdbf7b4df7f7d76edfab1ea6dd142daa28d19abb8c4","ssdeep":"1536:8xp1mi46QO2LQx1+Sk91hpNyNICYLl6KBSYvcmO/VgAnM6WuPJ95nzd:sm7XdsW91hpN9C5Y4/V1Z","tlshash":"71731297f118e6fb1f1b44b0e2adf73e9859d5f4fcf8d82db6ad15548203a9108a0981","first_seen":"2025-10-10T20:35:07.489367Z","last_seen":"2025-12-07T20:02:45.642778Z","times_seen":3,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/509/69558677/69558677_004_0597.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.944Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/509/69558677/69558677_004_0597.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 31073\r\nserver: nginx\r\nlast-modified: Mon, 07 Mar 2022 11:31:43 GMT\r\netag: \"6225ed1f-7961\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31073,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x253, components 3","md5":"ca044874c1f0271bf0ebc24d43bc9099","sha1":"bcb24ccf6e2bc9a1a44b462844d1933532c3711d","sha256":"fee8ff0ae26e427adda589c689aedc70db7ab8fba5cf473fae3fc8916a1f3db0","sha512":"50c141e552253e52d047f2d388e3227b9eb02ee92ea8563d654e96bc06c6cb5eb59854c24bb3082f89bd3a3d920afd1d799ffce4e6490902c802d9c9456bc209","ssdeep":"768:ltyR+OOhkUl7izZFjr4xVEMBYpjYtYHoCWClP:l8oz25ExVEtjYwoCWCV","tlshash":"d2d2f137fc6b20e17276437c440e96629b18e706b7ae66d8c61fbecdc02725d050ae69","first_seen":"2025-10-10T20:35:07.733445Z","last_seen":"2025-12-07T20:02:45.644013Z","times_seen":3,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/789/94209452/94209452_061_c04d.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/789/94209452/94209452_061_c04d.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 106496\r\nserver: Angie\r\nlast-modified: Sun, 11 May 2025 08:45:26 GMT\r\netag: \"682063a6-1a000\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: REVALIDATED\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":106496,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"cbf0fcbcd314874462b206d8d1739663","sha1":"6e482c9c0b6e1042323a112bbeee1b0d09c6ccb4","sha256":"6672326afdefd3c1a998b546c94e131f6e40539469496c10d2e944e19c26244e","sha512":"ac52affbe3b19cfd4ba55307fc62e74feb64fba16018c5378a61e7b2e32195950f9a99ecb37618a0608c7714ed7f1b976278bc741f78886f32f800059f98532f","ssdeep":"1536:k0HpYFEdc/HXbJH+iAxXFAACKsipx2EC3znQpEh02KH8W8LIpzIuRq2wYoiwI4S5:LqFE21sxVCuQ3znQKhnK88pF7h45cJ","tlshash":"26a30295c944a6a193bd90a1fbc119f0c7678032f194271baf3a42671364ff7adc89c8","first_seen":"2025-10-10T20:35:07.653725Z","last_seen":"2025-12-07T20:02:45.645674Z","times_seen":3,"resource_available":false,"data":null}},"time_used":645,"timings":{"blocked":156,"dns":73,"connect":22,"send":0,"wait":166,"receive":175,"ssl":34},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/498/79057435/79057435_011_3eac.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/498/79057435/79057435_011_3eac.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 98255\r\nserver: nginx\r\nlast-modified: Wed, 23 Feb 2022 06:31:15 GMT\r\netag: \"6215d4b3-17fcf\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":98255,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"df7af1dffe61e454d19fe7f0a89b0fbe","sha1":"a729f9d310b9bd0f3505a41cf71469c27ae463e9","sha256":"cbb46b5b95b7439363b5dce2b073703a6a91b3df912d257c69b371f92701c3b6","sha512":"8c204b2369180f224ed2ad7466d8d08ba1fdee2ce08eb25b5b0be120854c238088ed2cac32b13dcb03fd03ac4fa3fcee474b2547fca35cb9e8108595aa92ca8d","ssdeep":"1536:kd1DEF1iQRR7QxxIDHiFBl93KtBxQAX8pwt8aTY4j3X3sqzGsmd2f9LZN/sGQ18F:O1DQ1iI6xIDHy0t3PX8p2LE+3EFeZN0Q","tlshash":"fda302f2f6ee870663153a7086c5eb2352aaf475d10c111d94872a32fbd918796cffa0","first_seen":"2025-10-10T20:35:07.369938Z","last_seen":"2025-12-07T20:02:45.647043Z","times_seen":3,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/717/93139023/93139023_020_f4bc.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/717/93139023/93139023_020_f4bc.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 56679\r\nserver: nginx\r\nlast-modified: Mon, 15 Jul 2024 10:45:38 GMT\r\netag: \"6694fdd2-dd67\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":56679,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x341, components 3","md5":"f90117fd7dc8b077c1055de7ff43bff1","sha1":"a217aa5fb06d1845740c52db04a7a40f9ca11a35","sha256":"16a8305c6a3c898568121b5c79e295a5d3952a019618308ccb396e46f526ec88","sha512":"7f4ecb82206fe0a6e5f2a859b505d71c97efd83a2c59e0dbe719fbd09ca13588d5673e3fe22e08db6490841974ca054ea9c5413d8c552bf1d03684c4752f5193","ssdeep":"1536:+lqE35R9Xygzh6ZDkjekA/SxtLJ66/iQ8wq7RJOJuLXoZQl:2q85R9FzYZDkjeF/yLJ66vWR4JfGl","tlshash":"2b4301e5a702362553966afd038325fc135aa13d9acdb412a032edc5ef629cc999ff01","first_seen":"2025-10-10T20:35:07.748382Z","last_seen":"2025-12-07T20:02:45.648403Z","times_seen":3,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/80/23556473/23556473_062_c252.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/80/23556473/23556473_062_c252.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 91514\r\nserver: nginx\r\nlast-modified: Tue, 28 Dec 2021 08:24:13 GMT\r\netag: \"61cac9ad-1657a\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":91514,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"528ac262487128317f729fc9d2107259","sha1":"bca7d552593e1ced6bdc6f8361396595b2f552c6","sha256":"3098996639e7eb092a420f57311e36c84ba95cec66d0eb6275578d7722b8a40b","sha512":"07de37b4d6c3a13234764850b820d43272db2a2fc49e2d7f400e6d227e8aaca718b062b07a839e48d49dc0fba0a001412f005503cf5909faff7f180289423f43","ssdeep":"1536:k1XEZnuS4NBlkCsrSXs+gryht56S/DkwFqUX9i8LwxlQ9mAJBiclKP6kbaHu:6XDSmOSXWy3MARoUtiq9mEzEJH","tlshash":"829312e8d51d2e28bf6246fb60b4a502596d9118f573253616a00af6fdccf2f22c1a39","first_seen":"2025-10-10T20:35:07.320569Z","last_seen":"2025-12-07T20:02:45.649659Z","times_seen":3,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/230/81692200/81692200_024_fddd.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/230/81692200/81692200_024_fddd.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 58773\r\nserver: Angie\r\nlast-modified: Wed, 30 Mar 2022 09:33:27 GMT\r\netag: \"624423e7-e595\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,ds6620,DS6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}],"data":{"size":58773,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"18dbac186c8de07b37114283c727f475","sha1":"4100e5bf6ea26bb09b856043f85ac47ff64f2fb2","sha256":"147a85e434908edec10de84f33e3675c584b675a9dd02ad0ae232bf3baa00a3c","sha512":"1eb3d14d07a931b4c20b15f36fa4a3f33be90b8a0e1ae1558b6eb472065288086b757a879a9c06dd67ba3d4ba7f870edac85939c5103bfcfccc9d30188ab240d","ssdeep":"768:8WD2ItIY1wlUd91PL4uA/4qkLjw+Jb4lHeg7qof2KgXfCEzRG8GdntJg2:8WD2IqwwedD4VSaT7qof27fE1RPg2","tlshash":"0d43021cdadc29704a61457368bbda7cfca73f42e5be7a02bf0cb1d88414224921d7a9","first_seen":"2025-10-10T20:35:07.398922Z","last_seen":"2025-12-07T20:02:45.650831Z","times_seen":3,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/616/53778529/53778529_066_de17.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/616/53778529/53778529_066_de17.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 96029\r\nserver: nginx\r\nlast-modified: Thu, 01 Dec 2022 05:32:25 GMT\r\netag: \"63883c69-1771d\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":96029,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"73236c5ffa593cf194c379f14b98a068","sha1":"7f141f42b714343e52852e1a66413a26b1c7025f","sha256":"8dc34dc02e4670e7f710cc0f4de11870b9f4c8ccfee7f315c76a28256303c4ba","sha512":"5d3c8ada82e615267aa061b279f735e7060c1a36a935925d79c1eab4309b2421ab3f1e43771be23d1b149f8ea9c5023fcb9691c118f4a1427bdde80aa2ce897e","ssdeep":"1536:kgtOv3EBv9GDKt6stdD7dMWaxD347g1jyKzJuTp3BVR/EUhb7d0tHrTJ44LqLxCe:TtOvQ9XfHdsDMKzJup39/EUhb5wTJ41D","tlshash":"f993029ee78b09be97a27530d20d5cb08c75615ad84726085b4b8e52fc4dbbf80e08df","first_seen":"2025-10-10T20:35:07.625443Z","last_seen":"2025-12-07T20:02:45.652164Z","times_seen":3,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":205,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/231/79202203/79202203_143_71e6.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/231/79202203/79202203_143_71e6.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 133133\r\nserver: nginx\r\nlast-modified: Tue, 04 Jan 2022 10:32:30 GMT\r\netag: \"61d4223e-2080d\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":133133,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"7d5361b0cec28354aa02187f5be91e88","sha1":"9e40ec677a13b6f541001d575a26b72d20ffe131","sha256":"e22caddc3325735cd9735b1eff613d8701a7f0de72a79501692ade5cb6709153","sha512":"516dfffdfb0a1769503d52d8640d2abc504ef2a1de48b34c8ba7a282909b27297c247186f472741a33b047ef1f30b5001c5b3743beade6200896e8c0271e6a5a","ssdeep":"3072:KOLdv6zH1HluPgZufDZtJvBAy1/uevlRDDdnixI6Q:Bpv6zH1g4Z+d/r1/ZdRD7x","tlshash":"65d3124de5c82e865a092358699a03b4fcf181f592c64780c8d47eebe9ddfb364b0e58","first_seen":"2025-10-10T20:35:07.624077Z","last_seen":"2025-12-07T20:02:45.653578Z","times_seen":3,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":274,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/175/18172377/18172377_070_b998.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/175/18172377/18172377_070_b998.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 94565\r\nserver: Angie\r\nlast-modified: Tue, 05 Apr 2022 01:33:01 GMT\r\netag: \"624b9c4d-17165\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,ds6620,DS6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}],"data":{"size":94565,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"7788bd4883c3e47a4d037003983974fc","sha1":"5735390d429ab48a8c25fc9106126689bb2b8fa4","sha256":"b362f9783e05e9cd965a1b698f4f3aef96315de1fef1c0cf56d2cc8b1de0817b","sha512":"3f36e99400a277f2768825dce9f703ae8b549a783c7fc18582d7259b4592836979e6450f344fb3eedf9725d61f117e3d08d2a7f1a7ce518dcf3111781494cf81","ssdeep":"1536:kyt6L4/3dMRXBQD6a3lGYLnqXvn0XVKb7w+72Elx90ju/Lknrl0+fZb4qBso1KU0:PQ4ORgh3lGYuvn0F8vblv3LkntxfNK39","tlshash":"8193124ec37298699c5f26aa04cf689aa4ffd627f6151e4076485c931ec47cd30e27e8","first_seen":"2025-10-10T20:35:07.299067Z","last_seen":"2025-12-07T20:02:45.654704Z","times_seen":3,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/786/97353917/97353917_005_5e14.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/786/97353917/97353917_005_5e14.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 82918\r\nserver: Angie\r\nlast-modified: Wed, 07 May 2025 03:45:22 GMT\r\netag: \"681ad752-143e6\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,ds6620,DS6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":82918,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"37fa9aa96945dae857eb9254d9c51f8d","sha1":"00b62ce5a99e0454cc4decb190092c550aceb352","sha256":"fa213145bd8a035ac8a5a60e5ce931197a9d6fae464a5e8e4b865a8bd5e2a870","sha512":"ba8dd90cc3cf0b239bd95db6bebe7b6f3759c0fd961cd0e53a42ebb33b30ae94baddded13e60c2b10d3f72df65b7f52dd25da421014d6e858a7cfbf81baeb3e0","ssdeep":"1536:kJYknN6HR9z7TQCb9+ydUjxBGWVXahsbsEdASzD6NVuvShRQ9uCr3ZJljT:gbnA9LQO+n9BlVXWWbzeuvShi9Zr3ZJl","tlshash":"b2831225fa374db51c12ebb80daee9dae50b4580f64e6cb0d0fc8669ce42194c5a85ec","first_seen":"2025-10-10T20:35:07.209231Z","last_seen":"2025-12-07T20:02:45.655974Z","times_seen":3,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/311/29249332/29249332_020_0de1.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/311/29249332/29249332_020_0de1.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 107331\r\nserver: nginx\r\nlast-modified: Wed, 07 Apr 2021 17:30:07 GMT\r\netag: \"606dec1f-1a343\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":107331,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"4ec411ba7f90d665ceb0049904a8504c","sha1":"a2fd4cf567746172305a4ba2b97a52299935698b","sha256":"41684c65683c01e553e2c1674d1e565e01acd853423911665ac5927d32833d6d","sha512":"966e95798d352fa322fe0c45c77a9a2fbd351622893fb95cce4f6d5ce0479c63c23da5d77601c58c05f8bca0439c34129d73c7bb0e8add0a8b2d5edcaaede4dd","ssdeep":"3072:6t23BlcDxN7yvPLNfcz+BJr8auD3zZ4B0U2UJbuOLmLi:l3c1a9cIruDt4rb7LmLi","tlshash":"73a313388425924f8a21a7362091d7c36814cbae9ebe92d3191d4f3f570efd9d36b42c","first_seen":"2025-10-10T20:35:07.40922Z","last_seen":"2025-12-07T20:02:45.657286Z","times_seen":3,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sexiframe.com/","fqdn":"sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-07T20:01:35.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sexiframe.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 28 Nov 2025 07:47:30 GMT","end":"Thu, 26 Feb 2026 08:45:16 GMT"},"fingerprint":{"sha1":"DD:85:8C:C7:DA:BE:16:4F:59:E0:67:AF:F8:27:D9:FD:17:BF:18:AC","sha256":"0E:71:22:8F:CC:64:FC:BA:40:EA:C6:F2:DC:D9:7C:B4:F6:27:D9:21:29:6F:56:E2:01:3F:59:78:93:BB:A2:1B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:35 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nx-powered-by: PHP/8.3.8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kfBSRihiiL6Fh2XHJIsgNQlZswMtIqz%2BohxuKGqo%2Fy0mqZ9A%2Bgyr1s%2BNDeVYkq3mMvJVy9rAcxB1T8VW%2BLS15EFnYOulMgudnCsb\"}]}\r\nx-frame-options: SAMEORIGIN\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9aa69da55ee056a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.3.8","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109764,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"536ab92513572e9786d96b65ef2beacd","sha1":"3bcfcf08b1d433a040d7d2a9ecb37e31d8dd2b1d","sha256":"3c53340786e58f0c9d5487421df2d01286310767ab277efd210e9e9b1e3de541","sha512":"d24d00d3843ffa43f5b4a7a7082df4dc14fc674d082397a052a1383d9f99c9492e191191ed648205290d1d79459be00f5b2363b1b4558e3b2f49edacaa9a7823","ssdeep":"768:9YF1zQOaFrV/w3IGz8vLnKUI4x/nPXYpj2oEnlqE/ie4nZy0xcDKqLEaaBnxz3Yk:9M1zQYpFYIv6HjnuG3wuEEk3m8asdh5","tlshash":"e8b39ff744239b7b062662f061632a8ddb972503ed40dda1d2fc56832b75df3a92270e","first_seen":"2025-10-10T20:35:07.618568Z","last_seen":"2025-12-07T20:02:45.658558Z","times_seen":3,"resource_available":false,"data":null}},"time_used":377,"timings":{"blocked":30,"dns":8,"connect":1,"send":0,"wait":317,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/97/69282308/69282308_253_2b55.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/97/69282308/69282308_253_2b55.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 81847\r\nserver: nginx\r\nlast-modified: Mon, 20 Dec 2021 17:30:13 GMT\r\netag: \"61c0bda5-13fb7\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,ds6620,DS6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":81847,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"29b33b513f58b04dc92fca76f9784a37","sha1":"139817de282bce6e55100544e47ca3d829f093b5","sha256":"05587f49b3e91a97301e01c80b845430e3ae21b5373d8d3b780c978c7dad2ee8","sha512":"91e48fe2548254232950c44450631014a44d7029cf6406d33747c9564dfd85ac0171e1fd6ad71eb43cdc3921e767d3088e2c30379ca3c3614da816173f1decd4","ssdeep":"1536:8XPq8UyEw7TGK+hoxeDp546xHSSRQJ2x6QY742n6X23gEw5dzhRESBSK/Xz:K7auTKownc2k6X0gEwPhtBL/Xz","tlshash":"d683123cfa783ce3f21990afd1ba3260e6d5c1ab542fad4121a1b656b137c7342494e9","first_seen":"2025-10-10T20:35:07.740493Z","last_seen":"2025-12-07T20:02:45.659854Z","times_seen":3,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/570/28864594/28864594_006_920f.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/570/28864594/28864594_006_920f.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 88880\r\nserver: nginx\r\nlast-modified: Wed, 08 Jun 2022 13:33:23 GMT\r\netag: \"62a0a523-15b30\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":88880,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"5c3cdf59277828e98f0ffe338d24bc70","sha1":"e3ffc62c4728666eec6a03440543eac049cca826","sha256":"b1a47d0b7c62ec6e66c22e5438aeb38e3c0e218f27ea75914efcddc03a33f463","sha512":"8e32383079623470c234b09703cde7011e5055e025ef804f5f381ff2f3d8774763ad8f05a31b72eb24bd6835d78ad61ef480c1332387e3b4d910172618af0b1f","ssdeep":"1536:8p1BIr+4oHO9cAGInaw91jBJf4gKiv+rDg+tFVlCR6tdcVuwvS03dSLjKRD/mfs:KBimzInaoXf4gKS4HEvVTvS03diKRt","tlshash":"f3931260f263c63befa0bc2c2f8c9170952d7011dab945af46fcfe62d54e9ac4640769","first_seen":"2025-10-10T20:35:07.405803Z","last_seen":"2025-12-07T20:02:45.66116Z","times_seen":3,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/694/48765901/48765901_024_3e1a.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.475Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/694/48765901/48765901_024_3e1a.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 99898\r\nserver: nginx\r\nlast-modified: Sat, 30 Dec 2023 13:30:28 GMT\r\netag: \"65901b74-1863a\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":99898,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"ae358a59731518cccd00eb21876ae345","sha1":"bc6a893d406b5b7a35366ed9e5ac925b0ba5b734","sha256":"d18c59d7a34b79ca60ec7af40764e871940f83fb6de08c864df10728608ccbfa","sha512":"efa48a2758788adba30067f8c4f8583899257ada7b9e3677f1e4625e340d16d6c5d28dd2f9d17327af5413e5f193e6a974b6860ae4aaea905dffef982da3a8a8","ssdeep":"3072:gyEbb1S+x/Pv+8uOzeKv+UOgNg5mp7+Zo:gdlSuGnKNOEg5w+a","tlshash":"4ea31267e483f623cd56ad3b74e2ca9329f03e58061f40b0481149bb4e7f66395d93e8","first_seen":"2025-10-10T20:35:07.525189Z","last_seen":"2025-12-07T20:02:45.662535Z","times_seen":3,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/571/68454210/68454210_048_f2a7.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/571/68454210/68454210_048_f2a7.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 77551\r\nserver: nginx\r\nlast-modified: Mon, 28 Mar 2022 15:32:15 GMT\r\netag: \"6241d4ff-12eef\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77551,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"fc9b5153a98d974953170759ceef9bc5","sha1":"7a3f4e488152e863e657098716eaa7e7766f8f75","sha256":"80246d8f0c6c5d1dc0a559ea0710162935f9ab26c7f70b6bf59a2c951aca480a","sha512":"12b47b20828ee454899cdcfea74970e9f8964145b3bbc59afe9532de1d2db7fe0b52d101ceb25ca14775bdcbd5ed4dddfbadc2e3093eafec13b8402cea046d5f","ssdeep":"1536:k38+xUnfvHZQd6ogwdFo4EcCJN+ag04EfvHwPcQIQ23YaOI/cmEu:VHc6kBakswPwj3Y7pmEu","tlshash":"a973022af4b05a62ed63ab6f8cc80d8813c45710d73e946eab24c241148d76f5ab77df","first_seen":"2025-10-10T20:35:07.262064Z","last_seen":"2025-12-07T20:02:45.663755Z","times_seen":3,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/229/25940723/25940723_006_ea1f.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/229/25940723/25940723_006_ea1f.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 68972\r\nserver: nginx\r\nlast-modified: Mon, 16 Aug 2021 11:30:25 GMT\r\netag: \"611a4c51-10d6c\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":68972,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"d67896604aafc8b98b1a5dbd2c95507f","sha1":"20462068cfab1b86decb183ac446779c59f4c86f","sha256":"8ebc95dbfbd64bed6e30fd56a34e3a7af5efeb3fa037c4a6968069a65d714f8e","sha512":"9e50cff87bca3a351ad733dccc57c804857d89940483ba4b154a2599edd5d5c116e9d554906e80e398a3ba88d9a7b8eff611a94502824acce0ed19d0fd11a594","ssdeep":"1536:kWwzZjanwhwZ/u20rj3cTc2woyklYWN0UJvl81ZDxkp:9wAwOZ/rEIGWN0G817q","tlshash":"c4630226042da7217ade2fb2e6905f7e0898719ec3d8ceecbd681ef5c415ae3094c1d1","first_seen":"2025-10-10T20:35:07.597951Z","last_seen":"2025-12-07T20:02:45.665014Z","times_seen":3,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/5/180/49490611/49490611_012_dfd5.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/5/180/49490611/49490611_012_dfd5.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 74491\r\nserver: nginx\r\nlast-modified: Fri, 08 Apr 2022 07:30:49 GMT\r\netag: \"624fe4a9-122fb\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":74491,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"3519df7b6106f33557bf9e692b24f639","sha1":"c9b61c7db5257f86622f3a5638da3edbb1ec2d4f","sha256":"f1e31c58eee86267df0c784b44828aadcd7107116c20e2c839a42b59bffdb8df","sha512":"73347a6c1150602a9a0c2252e9b3ed0d4b7b920dded5fa4b2f97e33f9cdbf5bd3229845194011e3dc2bb642d767840d6c342e57db36d00f5809561e28989a28b","ssdeep":"1536:8Hx/KfPPk22ScE215YsNLzr/iyUs9Lm0qPjjN8kjOlhBrGpdLH:GxKfPH2l1zNfr/is43N/OlhMLH","tlshash":"f2731287dd8d3ed65a051cf9966ba19a37668f29ff803823243318e6dc19f03e42b611","first_seen":"2025-10-10T20:35:07.500021Z","last_seen":"2025-12-07T20:02:45.666239Z","times_seen":3,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/763/69159409/69159409_110_d8cd.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/763/69159409/69159409_110_d8cd.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 78909\r\nserver: Angie\r\nlast-modified: Sun, 01 Dec 2024 10:15:35 GMT\r\netag: \"674c3747-1343d\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":78909,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"70d8d3eb94ecd231f9d4fa594e6a3b11","sha1":"e4e9d3759073952743ff0e63f8991e63531d7682","sha256":"143ca9b33507d3d99f7c8dfae36631529f2c688078054cc4215daebb77297db1","sha512":"963af2271fbec71493fdbfbfb70c0aa695c69b352ace8bc82e1d63a0dea703e1b239238194aafb4ad5bae874afab3464bfc4b971c91e631e3723aa0d803d4658","ssdeep":"1536:kBeRKKFeApzh5HFt2hBqx3qcw+01YYSn9Hwu9/6jPAHB:4eRKqpN/t2aq1+yYYSn9Hwpj2B","tlshash":"ab731297c0165acb874db33c3378679b677921db8f66c224e609d7f804d0b8ad809459","first_seen":"2025-10-10T20:35:07.487692Z","last_seen":"2025-12-07T20:02:45.667501Z","times_seen":3,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":191,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/439/41526069/41526069_040_de52.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/439/41526069/41526069_040_de52.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 104738\r\nserver: nginx\r\nlast-modified: Thu, 17 Feb 2022 11:31:20 GMT\r\netag: \"620e3208-19922\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":104738,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"0ba0c3974b829df98e5cd609a76f992e","sha1":"0940b9ee8c8cbc0a9de10a1a6bae1a96d3adc586","sha256":"3dbccb628327929f04426f15cfe1f1d8dbc64c5f67b60f2e4568ccf9b56cb32a","sha512":"d5068c6f0ff075d96d0a8aa7d849114bda4ec155259e963552bfe6d9d35a8c66c7384d3e7be77badafb92a2bcfe166af0566dda0875aff135c95e001657f82d7","ssdeep":"3072:rj0V1bYVeIaGEu3oj91G4LrTiEVlfb/keMlWF33b2:MrbYwRGH3qDtHiEVthni","tlshash":"60a312ffeaf643896a3b863240f38f9efdf950543683145df59506b2144b3a0469829a","first_seen":"2025-10-10T20:35:07.683129Z","last_seen":"2025-12-07T20:02:45.674858Z","times_seen":3,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":190,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/767/32811858/32811858_094_1d7d.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.455Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/767/32811858/32811858_094_1d7d.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 87125\r\nserver: Angie\r\nlast-modified: Mon, 30 Dec 2024 10:45:25 GMT\r\netag: \"677279c5-15455\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":87125,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"e8a345b41f44468ad076710503ad1602","sha1":"b3bf9087d0028fac7b3a96357116692ed61ea209","sha256":"94571b2999b5d3e561557ccf00bb9181b552a4daec6b1dbacd3bdba429aad736","sha512":"c9e2ee82df697d65c533099f88ad14ac6f04104893ffac37c401db26c566e99c6f135dfaf47254142ca5c56501bde6f82216d4cbd43e456713b24a8c1aab0410","ssdeep":"1536:kahmmnRDCFt9cUJr/onyPB2w/Nx0OAHvCW7wjZizURa2PSyDK:zhmm8tH9ayPISnytwjlRavoK","tlshash":"188312fef7a547fc9ad204b065cb35e1497a9ca632043cb24086fa64cca3681ca0675f","first_seen":"2025-10-10T20:35:07.671127Z","last_seen":"2025-12-07T20:02:45.681682Z","times_seen":3,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":175,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/743/97411392/97411392_015_a754.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/743/97411392/97411392_015_a754.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 114296\r\nserver: Angie\r\nlast-modified: Mon, 21 Oct 2024 09:45:45 GMT\r\netag: \"671622c9-1be78\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":114296,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"3ec22fd7c2ba992427a37b4feacdfed1","sha1":"2a22b9e4a763486174a885eb06b1970530f69e06","sha256":"6326ceb9c6a7c4b54581b82a5896e6034390943ca10b8fdd6da65707a7af9df7","sha512":"c147af73e35750e9d2fdbc45e33c69cc641298a7f30d0f85b400a7f0136d56a1030b698f887bb84d8215b7f525d23906f1cb368362436d3cbc24e758a413636f","ssdeep":"3072:xKiuQDy14VtNc0LIp3wIDu2S7nFMlDXHSA40A+2BeyJr:x7LU2/L8/S7nwDHtBA+Ses","tlshash":"55b312fdf601e21183239639b947892be1d43f3a6081fbb2a3fd1295b375533ca90559","first_seen":"2025-10-10T20:35:07.702859Z","last_seen":"2025-12-07T20:02:45.688685Z","times_seen":3,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/203/47049535/47049535_007_995b.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/203/47049535/47049535_007_995b.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 97596\r\nserver: nginx\r\nlast-modified: Tue, 20 Apr 2021 23:30:11 GMT\r\netag: \"607f6403-17d3c\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":97596,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"e1b228b82b9b678d1eff94ebb34876a5","sha1":"686dbb4be8c1c4c28d1012ca883886c2d6617e7f","sha256":"dd07ac3f007d2ee32281c287703a1b231bb979c5edd14b05b79c83dbbd050548","sha512":"03ea2e357a31db0afcf119cf9e6ba17b823078e72e35ec7866841d076974c237feb8a113404429c81b88ee8f721bfc9e697bf4ffcecc964f25d2ccac5fa87802","ssdeep":"1536:kwlL0d28qhDaN4b1C9tVzAJrspKeZotOoLI3V/JH6/NUkX4NwzmQGfAIurzMTP:xAd0hWN4hC+spKeZgNqV/k/NJ4qmd4Ib","tlshash":"cd9312c9d425f3138c48c33ec6ff256e0227cb0399017659fea451217bae7f6c259aa5","first_seen":"2025-10-10T20:35:07.560661Z","last_seen":"2025-12-07T20:02:45.690944Z","times_seen":3,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/3/10/15035960/15035960_007_9f15.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/3/10/15035960/15035960_007_9f15.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 101176\r\nserver: Angie\r\nlast-modified: Sat, 24 May 2025 12:15:24 GMT\r\netag: \"6831b85c-18b38\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}],"data":{"size":101176,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x610, components 3","md5":"45f3022ed0fcf45edae230e0d6c39e5c","sha1":"752e8bdcb3e6107164622a307b6cbf08f1116b8f","sha256":"b09704294313e949322502651785c07a3ffce05cd95e782b6fa4f34dbc487e60","sha512":"2791d725433ac2e09af231349e7df241085832b8c16437c8d834e4ca72a87704003dc9c10ba984f32719afc6f6d615833cd8e0a0614c65100e8f06990c0541d3","ssdeep":"3072:zLEsAlBjdbPuqZSXe/XG4c4VGTrY1qpXuCzlc5AzvStAB5wuo:HEs+lJF4qLcNTk1qp+Cz7B5Po","tlshash":"e1a312cad669467789010b7944581a37836b7b0792f31270cbbe5087a49ff1b1c15ebf","first_seen":"2025-10-10T20:35:07.526417Z","last_seen":"2025-12-07T20:02:45.693146Z","times_seen":3,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/455/88810059/88810059_091_5d97.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/455/88810059/88810059_091_5d97.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 93601\r\nserver: nginx\r\nlast-modified: Mon, 10 Jan 2022 13:30:07 GMT\r\netag: \"61dc34df-16da1\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":93601,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"dd77be63bab3f0871e43e14aec94739c","sha1":"e73aa7bdec16e06d7a9a3089f6171ccc4ea54eb8","sha256":"651baa56e6d3192393d3fcc35405d5a8681d2efaad32074d77c2124e05b84807","sha512":"3a1d26e62d3018e190eda8acc4fccf67925e8ddab2fac2436f366dfa69f995a43245d8ed7510f9d82676a6ce3bf886b789a7c01fb2db11b366f35556f3bce581","ssdeep":"1536:kEGLSZ8jbNuOrty+0ryWCwE0latSUTKIAQ9LuvGuEA+nYfQ2rHZxindbzyqxXHhk:ciybNfyFrjCwEmJSAQ9LuOuR+4rHZxii","tlshash":"b6931291d5f32af569024a71ec2c4f1a061d6bb7d7bcb5160ce409e047ca9eae0cf2b4","first_seen":"2025-10-10T20:35:07.194273Z","last_seen":"2025-12-07T20:02:45.695421Z","times_seen":3,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":82,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/1/309/60901339/60901339_014_fd15.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/1/309/60901339/60901339_014_fd15.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 74617\r\nserver: Angie\r\nlast-modified: Fri, 10 Jun 2022 20:34:42 GMT\r\netag: \"62a3aae2-12379\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":74617,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x610, components 3","md5":"ca0e19c9fd12e7366c3f2f4a6b6f8c02","sha1":"07a375586a04e42520741dfa4d167624226228c2","sha256":"5747144e7d9dcb53adc49c85b7ed5d818c7e903ec05bfe49023fc4c921765cf7","sha512":"5e9851b0bb673bb0f04a91d1a437a1516be1ceddd4ef951957ae4078963fa1edbf60f330a76a47f7e6d3716202726d64a2cbe36cbc0b9a604ddf63f4db2f48b4","ssdeep":"1536:UlpGBl606FMNR1aUkvJhNRsXtEvUZchme17fWbjW6Ols:+GujFwR1aUkvJhNRUtoUmhmufOgls","tlshash":"2c730221cad26a20e5c4e6d620dcfb823f273d5edc6cdb46725576249aec7123a7c183","first_seen":"2025-10-10T20:35:07.559396Z","last_seen":"2025-12-07T20:02:45.697458Z","times_seen":3,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/789/73235251/73235251_023_a958.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/789/73235251/73235251_023_a958.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 67176\r\nserver: Angie\r\nlast-modified: Sun, 11 May 2025 04:15:12 GMT\r\netag: \"68202450-10668\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":67176,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x341, components 3","md5":"3a85928ca7d5e6d45932d62721f30d9a","sha1":"3fdf8bd080e20689b9c2fea3d1f8c54d84b29efe","sha256":"4aeac00a056e5b51d9e9fbcda5505b8e3ec2b178527d0c20069f54a9346137e5","sha512":"cf68c34ed348ebd6e4a9070e029f95c9c31c2a12ec34205b5e49ce3e9e6623b8e2ed227604a6de105ab2407c458a6fe1b542c257f8048edb0f13c682c5565a20","ssdeep":"1536:+lKAXPGY1pOaoElWyJfX11JJJmq+O0S6Y9xis:41Fp9Wkff/JNXis","tlshash":"306302748287e62204028ddeb5ac398f0a8de657fe95e0474ce55073e6f9e7ea06017d","first_seen":"2025-10-10T20:35:07.224059Z","last_seen":"2025-12-07T20:02:45.699481Z","times_seen":3,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":75,"dns":0,"connect":0,"send":0,"wait":69,"receive":103,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/787/55833654/55833654_021_c3f8.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.061Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/787/55833654/55833654_021_c3f8.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 124467\r\nserver: Angie\r\nlast-modified: Sat, 03 May 2025 14:45:21 GMT\r\netag: \"68162c01-1e633\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":124467,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x745, components 3","md5":"7f3c3303d0c3e9a32ed8596f73af364c","sha1":"9c24ef2fb8bb330e7999ad70a5d650a7aeb5c6f2","sha256":"dd3e8bcd3ce5d48ea1b67f56a3252b2e926d1459f439e8e186f6db70eb389d27","sha512":"3464a635a0f827773a24cdfe721dc9d20b0d05fec841a4c76e3791204e9dfb8502000203d587c36ded1049bfbc226cef6d46831450ca28993d1ab3ad25193242","ssdeep":"3072:mEbrSxY2WFiEUIYpuqfRf2eD7nF+uW14de:OWHUKqZj/0X4de","tlshash":"aac31220c7f619243944467e0ae74cc521e8e2adf366fc15bf77894c62c8327b9de922","first_seen":"2025-10-10T20:35:07.528912Z","last_seen":"2025-12-07T20:02:45.701167Z","times_seen":3,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":155,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/3/4/60025132/60025132_005_c337.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/3/4/60025132/60025132_005_c337.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 59521\r\nserver: Angie\r\nlast-modified: Tue, 14 Jan 2025 12:15:15 GMT\r\netag: \"67865553-e881\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":59521,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x610, components 3","md5":"ad4934502f96039d7f4041a3721f89a9","sha1":"745d2a78d2ee40018aa40472f41b5d1e929bf393","sha256":"2fa4ce5ce98cdc6e129424d2ca26e4eeb568296b6f2272d042a0148faee5f5fd","sha512":"83a20b82e156298a13d1c86a834e12319c75bb64055c1335ca66b3bbc00ce41e95347dd545503d52048c6d665f10d0dc434c9a937ff301dda6536092e19dd129","ssdeep":"1536:UoMy1i+0lNpKiQGlZPhnUhmJfuSQgFU8GX:TMyvylvfuQTGX","tlshash":"f9430210dced609b9d7822b14bb3c5ba4c770c7efb2637c053a861137bad9906179c51","first_seen":"2025-10-10T20:35:07.360034Z","last_seen":"2025-12-07T20:02:45.703106Z","times_seen":3,"resource_available":false,"data":null}},"time_used":441,"timings":{"blocked":138,"dns":86,"connect":22,"send":0,"wait":58,"receive":82,"ssl":40},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/1/201/77175053/77175053_008_9b2b.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.968Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/1/201/77175053/77175053_008_9b2b.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 115911\r\nserver: nginx\r\nlast-modified: Fri, 03 Dec 2021 17:32:39 GMT\r\netag: \"61aa54b7-1c4c7\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":115911,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"16b6c840b110f25798a854438757ee55","sha1":"f22854fdb04c83b2a84f93d6d551e275303f5440","sha256":"bcbb6d2ff18609a71947c0996b6ab2cd72d7c12bd66c215229f15f78cb940e91","sha512":"06951612b1b588c5f1221d438dd049c13eb58bf2a4600d3eba8a9a0fcb496435572fe877594c0860de028d43d796e0da1addaa7244d7f04ed42cdb6a31e4ce91","ssdeep":"3072:fGmxgoCs2WXnYNF1Zoa/ROgZdIymxJs3h1IH:+mGoCs2uYNfAgZdc0nI","tlshash":"02b313819f83f6a21be4c96b6f734696b05dea24cba953bf0cd0ed091120176ec4497f","first_seen":"2025-10-10T20:35:07.694558Z","last_seen":"2025-12-07T20:02:45.704861Z","times_seen":3,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":133,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/128/85144015/85144015_078_5640.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/128/85144015/85144015_078_5640.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 76412\r\nserver: nginx\r\nlast-modified: Sat, 27 Nov 2021 00:32:28 GMT\r\netag: \"61a17c9c-12a7c\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":76412,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"9173e29e05e0bdde0330cee6306a275a","sha1":"5b8dab7ba7f04908649fe02ae37b1f61bf73f143","sha256":"4686c14b9f83476363732461028ffab4963f8b927767495e03acf0a28d87ce54","sha512":"d4d11e5c9bb97525b01e2f85ccf364a483a64821998df55239350b5de173d07fb4249c67aa3f7b790905a872a098cec27abc42b8a2bdf0771bf434f272c8ee58","ssdeep":"1536:kaqSQ2biuMFH3E476Pa0j485HxOAb9pSNdoyFuwExlU5IB0lU4MiZg141wq:gIqpE4763JOAhprJIIaO4Mgh","tlshash":"8673025cd7d41bbc375dba3402499483b42b96c6e5e8aa261ce3f84089718efd86371b","first_seen":"2025-10-10T20:35:07.252753Z","last_seen":"2025-12-07T20:02:45.706664Z","times_seen":3,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":176,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/489/99532639/99532639_006_8347.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/489/99532639/99532639_006_8347.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 73984\r\nserver: nginx\r\nlast-modified: Wed, 26 Jan 2022 10:34:24 GMT\r\netag: \"61f123b0-12100\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":73984,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"b84cde265ec311d8a7828b0146790d41","sha1":"3952df0f1e04af5b7f8b7db8b9c962d8c152f238","sha256":"0da79646ceb792a601c939a388ba88bc2cbddac73262bcdc4906d51d0fcc42a1","sha512":"d48a845baa02eb2be6636ed520ec06ffd7ff51b9ec9ec7226928e740b79678e5ac2ce9d2ee91b95ab9d5bf93c39d5b21e3315caa910d9e5d25e169e55ea742c4","ssdeep":"1536:mLVRE1zSxV7BEelMKdO1cA0VAfJS/T5UV4IJziYRFrR:IVyhCVNEezdO1HBS/T6JzTRFrR","tlshash":"167302c6eb5c3bceeb7205b0ad462129c570c933a5a86100f71113eedac9f538c95f2a","first_seen":"2025-10-10T20:35:07.614961Z","last_seen":"2025-12-07T20:02:45.708476Z","times_seen":3,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/386/46751467/46751467_099_e5bd.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/386/46751467/46751467_099_e5bd.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 33564\r\nserver: nginx\r\nlast-modified: Mon, 11 Apr 2022 16:31:22 GMT\r\netag: \"625457da-831c\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33564,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"cb39af2814db30d90365ee8d6ccf8c1f","sha1":"5c1d23aa726be0004d1fff051c91dcaea881a93f","sha256":"44c29dd10f0c4c41f2caaca9d272a00a90193b1beee908c69168f060297e5c10","sha512":"2636ce498a752e99ad219905621af35dbd92c0d96eaa7bcabc2392a96ffbe22381d1e089f17c423e0168423f0264aa8aad8058a282bff22c2c933f78be6b8b29","ssdeep":"768:mc22nQaWQKA7CLHQ7Z6QwxZ7Fp5nUy8f9P4bpLJ96/:m/qQaWqCzK6Q0FbnjuP41+/","tlshash":"b2e2f17dd6b48416e1e2a57d6acc81d320f64b8eed740925b0c390a28792a8c7787df6","first_seen":"2025-10-10T20:35:07.358462Z","last_seen":"2025-12-07T20:02:45.711107Z","times_seen":3,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/5/231/35748285/35748285_003_76f9.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/5/231/35748285/35748285_003_76f9.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 60601\r\nserver: Angie\r\nlast-modified: Mon, 14 Mar 2022 08:30:30 GMT\r\netag: \"622efd26-ecb9\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,ds6620,DS6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":60601,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"6f349b8784db554d7cb49513f5247109","sha1":"74d7428b543d35591e641599e70bf07c404f58b4","sha256":"7b5f8717edb960cbd21a6cd7a5dc4aa076f82e8d0e7f1bd5caf887f9a6c5794e","sha512":"eb9c90b11d85cf556830f781f806139efbe75601c13b42591d742363cca0f08143681f185f68f5015f9f039790ab8962294995337f3e0e80eb7b8d13083b740e","ssdeep":"1536:mJxKEtNlFqsgfHPf0LYz5Se2CWvbj4+LcZ0GXCPGTJVCFHhP:+QEHlFqbfHPfRX2bIZDyeTJMFB","tlshash":"36430236f946c6fa281fe532add1acd45321d284f859f81223f523210be9dbb52a05db","first_seen":"2025-10-10T20:35:07.249731Z","last_seen":"2025-12-07T20:02:45.713115Z","times_seen":3,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/623/69722701/69722701_131_fe58.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/623/69722701/69722701_131_fe58.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 154246\r\nserver: Angie\r\nlast-modified: Tue, 03 Jan 2023 10:57:26 GMT\r\netag: \"63b40a16-25a86\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,DS6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":154246,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"a6010ecc3bceb55b568082eea8acc63b","sha1":"053e73c400608522441bc04e1b32e700ee40aca6","sha256":"625a777282de04884bd9bab3fec00a2b320eec3bce3bd1e0e407a09df25635c7","sha512":"9bf2a9c477464e61fb078be7a5c95dc31c084c5c27d28762b51f5c67a67ce16ddefedb11c08188b9d85f339d5633a435fecc844fb6a4bc06be75c8a74d9e4db6","ssdeep":"3072:JjxR06xp+QcMKXGDK/LHe7CPVoSxBrcXICrxjqXSX1RgVTK:JvxYMKWDKDHe7yVoSncX/loQRQK","tlshash":"0de31248e2659eb7db6680a23fe741d378cf6c74644f125233c5fc20dca89a692d0ad7","first_seen":"2025-10-10T20:35:07.407218Z","last_seen":"2025-12-07T20:02:45.715163Z","times_seen":3,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/1/214/67810438/67810438_011_dc99.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/1/214/67810438/67810438_011_dc99.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 79407\r\nserver: Angie\r\nlast-modified: Thu, 01 Dec 2022 16:31:15 GMT\r\netag: \"6388d6d3-1362f\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,ds6620,DS6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79407,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"0889e487dff8448f83bd9332075703f8","sha1":"dba93ab74313d8e989fd1138e426f987ca41b197","sha256":"0c04e2de0a0c70d4fc0627a54dc60becf1387cd3b1bc3ec72f68e9a788ebcf6f","sha512":"87f548740645ea339e7d9bf3391e5a614a22ea980c219db209788b871942b1cbbba892ed0a966f0ff8f13896d9e24fa3538868d5d6e2d6782501ae24185421a4","ssdeep":"1536:8PUR+RMGjzgOqwdmXFC22rm1OLsW0mmGs2UFW46I4uSU1HVDgs9Xy:7R+R55iFC22reO57m1NrzDDgiXy","tlshash":"a173023bdb44e812ea02b59dd15fdc69eb4fa11ecb9045e5c082b24b75faa47312c1e0","first_seen":"2025-10-10T20:35:07.712247Z","last_seen":"2025-12-07T20:02:45.717262Z","times_seen":3,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/557/87529044/87529044_044_807a.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/557/87529044/87529044_044_807a.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 83219\r\nserver: Angie\r\nlast-modified: Sat, 14 May 2022 17:31:46 GMT\r\netag: \"627fe782-14513\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":83219,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"3cc0b6acf8461bed5222cb925e4e9c44","sha1":"20d001f9c75cd787aca5e24ac5c0a2ac82cdd841","sha256":"bb70c13671d0d50a10b4f9438cf9ec0d62cf7d29dfb4b6835111fac6c6a23a40","sha512":"a7ed9694faa36045cae0320b1d75288983f4e837f1366ec00c38854cc34e3b56f521120da3b2f96201fb41764b4d311637c39089fa4857ca9fa8df20660524a2","ssdeep":"1536:kBVTy7fCcU7OK6Mb8QAFe03EqYMeMwpaJnoshHNxYc0r9B4BVQ6:qTy7USK6MbtAFT3/YVtaJo67Yc0L4BN","tlshash":"7e83026af0448037d4dbc8b69f275622d5d77652fc41a3268344d8332bf9bac6bd8836","first_seen":"2025-10-10T20:35:07.197414Z","last_seen":"2025-12-07T20:02:45.719418Z","times_seen":3,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/777/17027999/17027999_002_e2fe.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/777/17027999/17027999_002_e2fe.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 101727\r\nserver: Angie\r\nlast-modified: Mon, 17 Mar 2025 15:45:54 GMT\r\netag: \"67d843b2-18d5f\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":101727,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"38a2f33eeec84d307a1e3a688eee33a3","sha1":"f7d438929c4fb1f28bb86d58d548a3f4ee667bc3","sha256":"d64fd38f3e55a3fb71a6068d31ff38602c0f5229b6ae19c25bf8c2285a4dca61","sha512":"43cccd516ed0d046c7543dc24f1f9322eeebb54c9977787f174e414039d296ed521ddb049ba5dde17287c53f00cd9334c691cab5baa63450aba50bb785d53e7e","ssdeep":"3072:t+S2+P2uIgGPjFVN8Q4IhHYtYO5YgE2N5FaRHNGzlRO:tK+P2uxGZUBtt3Gg7RctG0","tlshash":"25a31278c67881a1413f1e83e45a76efd164e811cec12b42f96e0f867a7c70e830add5","first_seen":"2025-10-10T20:35:07.36147Z","last_seen":"2025-12-07T20:02:45.721581Z","times_seen":3,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":143,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/124/50145756/50145756_011_4a59.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/124/50145756/50145756_011_4a59.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 144009\r\nserver: nginx\r\nlast-modified: Tue, 16 Nov 2021 02:30:49 GMT\r\netag: \"619317d9-23289\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":144009,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"1b6b0b2aa12efb22c2a890e804f49164","sha1":"5a76dedd636152a727027a749275392ed7b68de1","sha256":"98de7f5b86255e9416be9c8e262221345802c721fb3f1203b7f67d91f5ec3653","sha512":"db0f93764a7cb758ea59b308c77be25bd6bb32edb2d090cc9de2a12a84d13507a91a9f72e3a777fe3088b4d8c57db9a1fff222ef86d7af5cffb3f17f3275ad08","ssdeep":"3072:7vhn61eh2toL0/U04AG2M6TFupSJFXpTYmv+ZIIOdb5ivA07:7h6Ane42M6huYpJ4IXbvk","tlshash":"34e312caef7ec74042c4d125996748345931bbc9ea3561f88704b5caceafe692c3a10d","first_seen":"2025-10-10T20:35:07.337512Z","last_seen":"2025-12-07T20:02:45.723675Z","times_seen":3,"resource_available":false,"data":null}},"time_used":314,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":252,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/774/39732655/39732655_007_6487.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.285Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/774/39732655/39732655_007_6487.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 89550\r\nserver: Angie\r\nlast-modified: Thu, 27 Feb 2025 01:15:18 GMT\r\netag: \"67bfbca6-15dce\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}],"data":{"size":89550,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"6b0e20d0a230d9a2dd171a97ca9b6b1f","sha1":"e6ef16cf9e89c354d8cc903122d136152d97e5fa","sha256":"7f3ea8368c5d9cd8f9bc6d890cda5045bbef04bf0916094ff111847ecea62931","sha512":"5103f649185c4655bea1da961862bca63889c08324faeb4f8e8a4bba8c126199901f8a95afd13d8c4c565e37e0bafa948244227508762d295e3dab13c2c71adb","ssdeep":"1536:kANQ1Z40aDC8cOpws2bz1Yk2rzImGf7tu2ItGfbLYf6PGeOdeuT:DNQDxj3dsImethFmmsT","tlshash":"fe9312adca7b8c8d88e7cb32b2ac915034097586f4fce5d14a0765dbc211cf48b99b56","first_seen":"2025-10-10T20:35:07.700785Z","last_seen":"2025-12-07T20:02:45.725791Z","times_seen":3,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":173,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/94/65304405/65304405_047_2150.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/94/65304405/65304405_047_2150.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 71318\r\nserver: nginx\r\nlast-modified: Fri, 10 Dec 2021 15:30:37 GMT\r\netag: \"61b3729d-11696\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":71318,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"82f06522b26bd43ebfb7e9712cf14f47","sha1":"bacd37e8ee8f93a384958961134f4ecfc813cbd5","sha256":"4c7404cad738525b9cd6d40205bea8df063478979db4b33edaf54b25fa65b8af","sha512":"f472468cd1edd061447d9e41fce8eb3d908ffaa52d6df418420b9d6cdb57f4d99ed3f7e6692b7f3e412db21bbf031922c1a883049de0cbc9e4120b2d637fe76f","ssdeep":"1536:kdLA1J2TOi5VRnXGQtCWW7fYslVyz/3PSLvXShDbh3uG:qLe2hDRXxtC9kKuhxD","tlshash":"d663f12388c8480715b17fadfeaa888d0bdbd811dc583baaba25c7157c4439d8d8775f","first_seen":"2025-10-10T20:35:07.145316Z","last_seen":"2025-12-07T20:02:45.727697Z","times_seen":3,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/772/44763153/44763153_174_26cd.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.775Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/772/44763153/44763153_174_26cd.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 83128\r\nserver: Angie\r\nlast-modified: Fri, 31 Jan 2025 01:15:15 GMT\r\netag: \"679c2423-144b8\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":83128,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"e9322c50615018f4692607d923fb53c0","sha1":"3d392dace2e025dc61fdcbb8f3f5efe0124b778b","sha256":"0e5438b2f52cfbd1a00197486c6b189c7d46230430aea270cad610b613f62d15","sha512":"92372d0f2a4ee143444934f9722534fd61581ae8d5526a944ed5fa22ebb755f3fae30d800add8f009156f7ceb6565c27cec31f0e10ccef705b6f80349ca9ba5c","ssdeep":"1536:kvsmZpskcVb6XyiiKVkXSXwCRyJWekQPusoKgV01SF1286y2KZ0aqbQqEc:HkCKV39RyYXQNozVrA8R2IqbPl","tlshash":"1a83122ddb6df8b408b751f46b41cef26600484fadd828e612753ff56ea483b1052486","first_seen":"2025-10-10T20:35:07.689839Z","last_seen":"2025-12-07T20:02:45.730045Z","times_seen":3,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/126/47855477/47855477_017_5db0.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/126/47855477/47855477_017_5db0.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 130237\r\nserver: nginx\r\nlast-modified: Sun, 22 Nov 2020 10:30:23 GMT\r\netag: \"5fba3dbf-1fcbd\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":130237,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"2b6227961c8d93262e32dfcc83b7be64","sha1":"c52fecb3aeef257396a2ab1d3a3801aff727ac58","sha256":"185553c632f169c49b9395139590bde30bd01ecd23558a2dab6f8c0936082cdc","sha512":"2bc6694086e128ee16eae01393f1d54c63b4d2c0a9bdf4bdb87987e6d2ec0cb13b3d1f336b30c434c817786b6685c252eb6f688aa094ee2e51ab1867a85be8db","ssdeep":"3072:3VKrRhytV0YzjYDDA5HwrjvvsNvS5PUvZJQTrYeREnGuA2n:lsgSYoaHwrjvcS5sXiXR2A2n","tlshash":"ddd31295d3b2af90d0305fb2c2f58ea65ad1a8fcd77550d91a4162943c8af1e144cf5c","first_seen":"2025-10-10T20:35:07.327732Z","last_seen":"2025-12-07T20:02:45.732403Z","times_seen":3,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/133/50789180/50789180_103_a455.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/133/50789180/50789180_103_a455.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 75877\r\nserver: nginx\r\nlast-modified: Wed, 16 Dec 2020 17:30:09 GMT\r\netag: \"5fda4421-12865\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":75877,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"c0a1a8332b014dbb0320a48aa90d68cd","sha1":"86cfe47e152877da61d763b49a6a1e7b855812b9","sha256":"0774eea6ccff0651281d53f61bbbaee145af0fbc51eb4393bbb886aed19ff8b1","sha512":"2147ab18a8284be3d8995a60c5706b1aa4627010fddb4ce4c8f68cd5525a3c3bb080750b538e864cac3fec402c9acfeb5a5b2a96c54f08cfd7bf60f2b553bb50","ssdeep":"1536:k32YdsI2QarBXH2m7eJc6r+Cdp34GinWG06tNKPavshEp6:a1dsI2QaNXH2m2+COnWZ6tNKPavs2M","tlshash":"457302fa4a423ddc4327da7f84c02e56f5942e0e9980b625534ec9baf1bf58a50c7482","first_seen":"2025-10-10T20:35:07.660015Z","last_seen":"2025-12-07T20:02:45.734493Z","times_seen":3,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/351/63702146/63702146_053_79a8.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/351/63702146/63702146_053_79a8.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 121122\r\nserver: nginx\r\nlast-modified: Mon, 03 Jan 2022 08:33:26 GMT\r\netag: \"61d2b4d6-1d922\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":121122,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"467e352a91bfaf3d697e75c553598b93","sha1":"5562d878e70d983b2227f1057ecf66f298463d2f","sha256":"b89a367fff8cda69536c617a04a70b5d2083f298824a5fd08e1c0c429052b88d","sha512":"cbd801466f5740421e3662077c00d094968fd8e974efdd4aea332af26c39f0c302b4cdca471951e93303e3f9a93800bf16fd41d50b851048652e2b1ab391e637","ssdeep":"3072:8Yh+PmGbTdBPixlm/EXEOebom1/mZAGqeJpG3:P+PmGb7KxloApesKZGqevG3","tlshash":"77c312be6ce1b8ca3b1f3719506a7c72ae973702be51943a0884c9f742571f3810a774","first_seen":"2025-10-10T20:35:07.23458Z","last_seen":"2025-12-07T20:02:45.736816Z","times_seen":3,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/712/57694027/57694027_018_d2ab.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/712/57694027/57694027_018_d2ab.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 120007\r\nserver: nginx\r\nlast-modified: Tue, 09 Apr 2024 16:30:28 GMT\r\netag: \"66156d24-1d4c7\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":120007,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x729, components 3","md5":"fc8c9e2f4fbdf16b5198725e51712d92","sha1":"a3d4cda6c4a5968d192ea905092b0bba991a3ba2","sha256":"2a9094ae3ae7e112665689a365b63c5e2d74fe67ff158b1143dcfcc0c76658af","sha512":"a2356f64328982d201ce85c5e951d65c89dfebc172137b04ef0e3921773bef737edb9496d7086cc5bdba880ccd2892eb4d3a7433523932860a2bcf50d6a4e02b","ssdeep":"3072:0cjECKr5MeixCX4SQcBZlq0EXYiecD8PvR5QYFs+4B0Z4vC:0cjE1FqxWH3BZlq0EIieg0vRSB0Z4K","tlshash":"04c312aafc5d18933b340931c4cb8820a7935f42aa491552acfa9f4c4dcbde71b6f250","first_seen":"2025-10-10T20:35:07.379291Z","last_seen":"2025-12-07T20:02:45.738816Z","times_seen":3,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/5/193/63381336/63381336_001_9a24.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/5/193/63381336/63381336_001_9a24.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 78889\r\nserver: nginx\r\nlast-modified: Fri, 08 Apr 2022 19:33:16 GMT\r\netag: \"62508dfc-13429\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78889,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"f7c9347ba4773a84d75b03b6fe863396","sha1":"5243fe62f1c305231255e8e6417a2fcee60d32f4","sha256":"76d3662834f32ef55b779d8ef3385a832fb90dd5c3c7d76c35408194993e5eb6","sha512":"8ea4cc571f4129c0554622dc70f523bbedd3edfbfa50a4875bdc0f41c41a37496e1c25f07764f73fea62596772231eddd1fa5ec0aa8470a16e5b8af6ae1e7f45","ssdeep":"1536:8EL46jEuYfGUZ8N1RwLKo2AiJdpU9min+GWHL9jI5rTmT3btG:jfEi9LwmAKpUln+GWr1gn83JG","tlshash":"c5730226e35620003b2b9cfdd242ca3fd3be614af25b171f63d04395aadd127995d91c","first_seen":"2025-10-10T20:35:07.315329Z","last_seen":"2025-12-07T20:02:45.740879Z","times_seen":3,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/431/17056605/17056605_032_b963.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/431/17056605/17056605_032_b963.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 116124\r\nserver: Angie\r\nlast-modified: Tue, 09 Nov 2021 20:30:23 GMT\r\netag: \"618ada5f-1c59c\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,ds6620,DS6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":116124,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"cba72c6fce9d2e9c7fc1e0c681624858","sha1":"88436b245c53f05169591b01d3ea9570e0483366","sha256":"0f043e6d7138afc4423e331aaeb9f7efabdd3866c7622f40af5839bc736fc836","sha512":"9b8dc53a7812556d797d3645fc0f2358060dcd28fe2e6852441c4eca701ad62344380b410dba85466d17b654bb8ba85609d5d084bf2932ae34821414c464ac50","ssdeep":"3072:WmptZOFklI7VaEgwESL10jFaHrGFzIYYo1mA7:WlFklI7VIu0BiJAJ","tlshash":"98b312a9cb590f92a38cbb6d49132074400d9476b427344fefb65c36c2febd6578aa1c","first_seen":"2025-10-10T20:35:07.549511Z","last_seen":"2025-12-07T20:02:45.743159Z","times_seen":3,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/741/33766127/33766127_054_eaa4.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/741/33766127/33766127_054_eaa4.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 99172\r\nserver: Angie\r\nlast-modified: Fri, 25 Oct 2024 01:15:37 GMT\r\netag: \"671af139-18364\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":99172,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"ce40876cffc1039d3073a5f1064a4666","sha1":"a268319fa2fd15c7e83d9c1f76162a8bf3566605","sha256":"64ed153e586369df9e3eee10ea8222242ec113b064f8e660ebe543422c5dd308","sha512":"cbe4f289cbae689b37285090554752ef19e44096a6fb47b155db48c6dcd9c05afc0c27347f94678bba69ad5e2dd660026edea3a5ac045845ef5ee5a84b46f88b","ssdeep":"3072:Xko+sX0igJxExTWTu9TQ1vHl5zKure5Mf:0chMJu9TQ1vHl5OM","tlshash":"e4a302dbcd051a72b40a7a7866f7e359c308ad17a3e8ecd861c56421bf8941377de049","first_seen":"2025-10-10T20:35:07.339311Z","last_seen":"2025-12-07T20:02:45.74517Z","times_seen":3,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/1/57/21842081/21842081_002_8a20.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/1/57/21842081/21842081_002_8a20.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 52639\r\nserver: nginx\r\nlast-modified: Wed, 21 Sep 2022 19:30:52 GMT\r\netag: \"632b666c-cd9f\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":52639,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"6aefab6e13ccdff219d692f0c2efe1ee","sha1":"eeac29989c7aa3ed6c9b4c9ad22bfb2a8417389a","sha256":"f5df91a35853882edc6e211da645fa68fe9b2daf12350708ca21b4f3b0b509d3","sha512":"fc3057715db5d5ea289888d7868a218bf0ac7a8415258c2b5bcab1e237e90619ae171c49e5c044d593b8ceea999be410b5b2f90ba6c0ca2581a87e6a296e30b2","ssdeep":"1536:muoV/pFtw3KJfgXuLRqhE4snbcICMa0B6Z3s2+p:jorFWkgjsnwIddBrp","tlshash":"523302debb161cc2eb0a52aa14b7b4b050bdcd22c654775892ea1308b47d567c6ecb33","first_seen":"2025-10-10T20:35:07.521405Z","last_seen":"2025-12-07T20:02:45.747166Z","times_seen":3,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/779/61110794/61110794_099_b0cf.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/779/61110794/61110794_099_b0cf.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 41492\r\nserver: Angie\r\nlast-modified: Wed, 02 Apr 2025 13:15:28 GMT\r\netag: \"67ed3870-a214\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":41492,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"47040a4458a64e431fd560d62a47aced","sha1":"8c30f3f860b94d9688e5e500424f870966c26996","sha256":"8a8378cd8bb83a46017b629abd43ce634c5269d16c69419987685d636cf8df44","sha512":"fd3a526052bbf4116a0541e195f993d23d6c48a831027ebae87bf1c8974541814906ec17241c69637454922cf40982f26aac46e6e088cd507b2d0019c77cc5b6","ssdeep":"768:mYjm6zKKOFYhO85V8k3CSD/FmOjgB7emVbvCs7P0Q1iuQ1:mYq4tZ3CW9mug0mlCR1","tlshash":"a013f1919e3c179c3c27923185373049837d545af1498faa6f72ad64d643dc3a2c8aef","first_seen":"2025-10-10T20:35:07.722115Z","last_seen":"2025-12-07T20:02:45.74938Z","times_seen":3,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":81,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/689/50695591/50695591_136_cbbf.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/689/50695591/50695591_136_cbbf.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 69324\r\nserver: nginx\r\nlast-modified: Thu, 30 Nov 2023 03:30:36 GMT\r\netag: \"656801dc-10ecc\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":69324,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"1ea5bd8a3826da5929046c2f68861a2a","sha1":"39d747587fbff6f64caa7d14ad38e52675221c12","sha256":"df4f23f59c1bbf53810847c332f1b78914115d59719039ccf9c7e2e24d2f8f8d","sha512":"29085f7f288e961037e099686f9023d650eb5a5bc5ec2199426919f9245bd6a41434ff2110d27c87e1ef835510f211737a7a7cd7a447ae89d0a76db3c9e74a23","ssdeep":"1536:8tsyoWBfuYMzVrll3wB/6+3Qpqq7YLHDiVM9UH6O1i6R:esyFfuYMzVrzwH9LviVM9UaO1","tlshash":"e2630276d56f124ee21ea4b49c587d9238129c9ef6003ff3295e808fc3a79598d0e5d3","first_seen":"2025-10-10T20:35:07.183269Z","last_seen":"2025-12-07T20:02:45.752563Z","times_seen":3,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/112/28743673/28743673_098_f0ce.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.723Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/112/28743673/28743673_098_f0ce.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 83977\r\nserver: nginx\r\nlast-modified: Mon, 03 Jan 2022 04:30:51 GMT\r\netag: \"61d27bfb-14809\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":83977,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"be8330b9b87bd965962dd1a8c715b225","sha1":"155cd5e5e0556a923c94e50a1512a7e5952ba324","sha256":"25aae4ec9c7487dd02b4687beca017fc699d2ef77e38428da6842bd7d0525c8d","sha512":"27e1891741bc245eb72c6a7dfbd5b24e5cae7023bc8481061cd7381f9c6875cbfb20338f7e4c345d346aa90bdba374cc122a6d431e95aa73406179e6bb5195c2","ssdeep":"1536:kVot1LDoD0bClQ0r/RsUJmQvu3aBnhnWo0Hc520wQgYlmuOgsUtrl6yxJ99uV5+:bLw0bCWCpBJv2ahac520zGh+KyxJi5+","tlshash":"218302fdc94a63c7ca39a2be01b32a45f0f3174554cf4f9aef519b21e986a101ec164b","first_seen":"2025-10-10T20:35:07.148325Z","last_seen":"2025-12-07T20:02:45.756346Z","times_seen":3,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/62/56271162/56271162_076_2b58.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/62/56271162/56271162_076_2b58.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 74102\r\nserver: nginx\r\nlast-modified: Sat, 05 Mar 2022 16:32:47 GMT\r\netag: \"622390af-12176\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":74102,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"f8c3f73e326a5750e1fbbf248b277675","sha1":"cf4e405bede7c842ea49109fa984e64661eebb7b","sha256":"46b369b35e71169895203a25a19055123cc582c9cb6039e4ac8bf47c9ee69dbc","sha512":"36e11dc993d74f153e58c1996ab380b17e39970c2355d08720507d5fdb5771273b9907c58e890a2d6e4073c204b3cb6fba28bbb75421be082d33d1689f9a3ccd","ssdeep":"1536:k0lVrFXDRXAXDAB9vlCLnLSyCRxpuN4M2ya/Lx3NGsC4YD:xdV08vvlCD2ycpM41Vzx3An","tlshash":"0b73025ff5ad0614584d30f5b7327607e3d505bab042c32e28f2a5357ad59870adbbc8","first_seen":"2025-10-10T20:35:07.509607Z","last_seen":"2025-12-07T20:02:45.76073Z","times_seen":3,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/252/42499672/42499672_102_e3fc.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/252/42499672/42499672_102_e3fc.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 77031\r\nserver: nginx\r\nlast-modified: Mon, 01 Nov 2021 16:30:11 GMT\r\netag: \"61801613-12ce7\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\ncache-control: max-age=2592000\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":77031,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"3d4e6a2cab71cd2cae62be2040e792c0","sha1":"f8879dacdf8323f5d7d2586d9b06b030280126e5","sha256":"19c1f3452d1895b4baffddaa7846f762f6c324b208763a54511e13dd7fbb7b02","sha512":"7b10e0b8195b51ecce02425fb89beae5a1877e075e5d2f5c0d6a432e0d38814a70310ef1abdc34cddec42bde6fa6ad0dad87dd7d0e38e2b1bc23e8c98ede2fd1","ssdeep":"1536:kHem6VgIItr/dqeheaIXsCa9v3bWayPweUlkAsky4R2E/LBsw38:kzIItBqe4XcjqUlkmy4YE/LBDM","tlshash":"a67312d1e3f9522948df53374225f93e4b17252afaead7ff1a2bc036568c3308666460","first_seen":"2025-10-10T20:35:07.458719Z","last_seen":"2025-12-07T20:02:45.763489Z","times_seen":3,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/444/86738980/86738980_102_3e4e.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/444/86738980/86738980_102_3e4e.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 87884\r\nserver: nginx\r\nlast-modified: Sun, 23 Jan 2022 16:33:06 GMT\r\netag: \"61ed8342-1574c\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":87884,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"daa38b5a0f7fd24f2e6837ad20351666","sha1":"e7024afc853d43dd7f80f0f71a561722da903076","sha256":"6a485cbc9200f2485534ed10afafc0a7be7372403b1c6c082096a8f841a4f033","sha512":"23a508b691dd632d888eb9f983a0645cbb1a52e3c4afd0e446d653f90bb93146edd1801d1b5fa8ea604da986c604c5621e9cd3f6286f86ee4eb11bda0e6740db","ssdeep":"1536:8UYePzWkavwNIJUlITFi0VIBZxuBcAsT9mqdbkMpuwuz+UgRavLzvPjgqGdVjXr8:DYerJC1JUlITFmcCAU9m2pVMIav7gTVk","tlshash":"2b830290816828f5140c19713cca3363d6396c6dde4a60ed06bbcbd9919b97ab0fe7cd","first_seen":"2025-10-10T20:35:07.385459Z","last_seen":"2025-12-07T20:02:45.765818Z","times_seen":3,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sexiframe.com/img/styles-25.css","fqdn":"sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sexiframe.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 28 Nov 2025 07:47:30 GMT","end":"Thu, 26 Feb 2026 08:45:16 GMT"},"fingerprint":{"sha1":"DD:85:8C:C7:DA:BE:16:4F:59:E0:67:AF:F8:27:D9:FD:17:BF:18:AC","sha256":"0E:71:22:8F:CC:64:FC:BA:40:EA:C6:F2:DC:D9:7C:B4:F6:27:D9:21:29:6F:56:E2:01:3F:59:78:93:BB:A2:1B"}}},"request":{"raw":"GET /img/styles-25.css HTTP/1.1\r\nHost: sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 03 Jun 2025 06:27:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"683e95e1-5d0b\"\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gq4MlzP7S00nPb0SjFB6FA2huHCHr8RIkqhf4lKCWdSWodSGkOAO6ygNfIiZ54sicfmrEb9ZrQumAYRgefyrMDgFQjwIvFibv%2FR8\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa69da929f70afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23819,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text, with very long lines (997), with CRLF line terminators","md5":"c7a872390daee9a44e14d6d177936448","sha1":"23d314ee1ba1747c6df9e78352c055b99da806b9","sha256":"056b9edac3d327799f097eb5c2e6d9139c418d312aefe096a4703522cd489539","sha512":"310d38d2b429618ec4ca69f7502ccf20e884191ce4f1ca89c8820c4c2c2bddf3d1aff403b75665685f66cbed521a2278f51056682e8d315821a5d2fd1c5f1614","ssdeep":"192:h7j2lNuJxpBO2BA8O7B6O+/lYaWKBAB/GjpQZ3ZaB4SLQiNM7eKkrZ7Hg7gOg+Wi:hkvMfNMpy1Hg7gZ+WFBujJR7","tlshash":"34b2d967a902338bb537c618b3b251161e7e8043f2074bfeb475b658d38d492a1b17ec","first_seen":"2025-10-10T20:35:07.57949Z","last_seen":"2025-12-07T20:02:45.767773Z","times_seen":3,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":258,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/501/96913864/96913864_028_fee0.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.366Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/501/96913864/96913864_028_fee0.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 82996\r\nserver: nginx\r\nlast-modified: Sat, 25 Dec 2021 21:32:51 GMT\r\netag: \"61c78e03-14434\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":82996,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x777, components 3","md5":"489a247dd0ab298415d3402d818b8b27","sha1":"4fd5982775a952c231546971ddd97c32a0bc072f","sha256":"965aaa828770d02d397bf7b10d86d3a7e80f3971ade28fbe863a83dae42e94dc","sha512":"6467a28a5886ec348d83295afea365f0f12ddd45568d833340ac8a294404c4449219bdc68908c72d28b9722d19d8e8b19c80f88ccbbef97471e32f0f877e2e68","ssdeep":"1536:s8ig4zrzA6kXaJXzkZCgeaXoGj9svT5vhcoNq9ALcXq3KuM/Yi:J1aZzkHeaYGxsbnNqmGq3E/Yi","tlshash":"8a8302a0e93018277722587b64b36b2ac326f383a85eda051ac25ed39a91e4443dd76d","first_seen":"2025-10-10T20:35:07.609908Z","last_seen":"2025-12-07T20:02:45.769663Z","times_seen":3,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/774/38924004/38924004_122_cf7e.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/774/38924004/38924004_122_cf7e.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 74170\r\nserver: Angie\r\nlast-modified: Thu, 27 Feb 2025 00:15:16 GMT\r\netag: \"67bfae94-121ba\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":74170,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"b896a3734c8c41117f658271c9e99312","sha1":"9ed29ba038d8e4f8af03daee0d7e31a53466cd41","sha256":"178df39a80ac68c9b01756f74899fe8b965bd058a5bdf2d004fc559876153516","sha512":"9c6b7492c2afe4d4f22d8d9991253678f7cb143fdee22597639e0ff9c8b1f5d0dbb0b220ec77e8990c067fd906ee140618c673a1556302671d0df4a793c3a1a2","ssdeep":"1536:kiK+qGVioLOez9TIWjJWGrwLdnY7JdB2vsKSLH12XxK54v5Wxgn:vhqLoLHz9vjJiYtlK+AhA4xd","tlshash":"8c7302d1218234176b63f8376490e3869732ebe9bc408f27a16ac5f3dd189d27116bf1","first_seen":"2025-10-10T20:35:07.377578Z","last_seen":"2025-12-07T20:02:45.771608Z","times_seen":3,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/1/155/83546316/83546316_007_3c59.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/1/155/83546316/83546316_007_3c59.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 76566\r\nserver: nginx\r\nlast-modified: Tue, 23 Nov 2021 03:30:25 GMT\r\netag: \"619c6051-12b16\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":76566,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"e715e992edc6162dd9bc79d7684b9c90","sha1":"d5b7ac5fe659ccb0155aadc5f85db881838c7f48","sha256":"da04092a74b0817cf2ebb3249d3e9f623af50f13347a13b139aeb06d106e9744","sha512":"89093aeda39870594ccaaae4bbb812015e92f31a071a88876bd0d379fa5bac37c0dc5f3f53a60f13765e3ac8528438b6199672bcc6dc34ce4c7a7b27932131b1","ssdeep":"1536:kbPxrdyqDz9ca42ItmThl8tX1JIE+zM7WjhAYzM/FVKTZN:09dyqDz9C2IcD8tXzIlzM7PtXKD","tlshash":"f97312b1f6914ae118062fb7227364dcb433ddc7eb8d76c6a36e406b013c8bd0886676","first_seen":"2025-10-10T20:35:07.242221Z","last_seen":"2025-12-07T20:02:45.773433Z","times_seen":3,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/132/73145364/73145364_032_5aea.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.952Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/132/73145364/73145364_032_5aea.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 86693\r\nserver: nginx\r\nlast-modified: Thu, 25 Nov 2021 16:32:10 GMT\r\netag: \"619fba8a-152a5\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,ds6620,DS6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":86693,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"0837694323f059914015f65d271880b5","sha1":"09a06c526d61caf694a509e627f178c08e701d6c","sha256":"f90bf788697ecd6262944c1168c090bfc6bf19a82adf3022ace08708673029d5","sha512":"5ea199eda4c927a0605ee9bba6a83ade22eeb49c5084e7c7a1c7b766915a948a2f9610868ae4865667042e809774e54f4a651ce0f61caf9d1ab5cb6f00fe79e7","ssdeep":"1536:kUzCikjEYiL8VZYwbBrZ9PZN/270FcdIOP+Fr3gGkkUX0gtvcCvQ+YSUrK3v7:9Cik4nsZ1FPZNJYkLaVtvcCvuSU23v7","tlshash":"8a8301f9ed5822ad5c0740b5fdf7701e0086bf66bba70890d5e2fc182e5c5a2dda1326","first_seen":"2025-10-10T20:35:07.308846Z","last_seen":"2025-12-07T20:02:45.774846Z","times_seen":3,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/480/83778882/83778882_071_16b1.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/480/83778882/83778882_071_16b1.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 89606\r\nserver: nginx\r\nlast-modified: Sun, 12 Dec 2021 04:30:10 GMT\r\netag: \"61b57ad2-15e06\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89606,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"57fb0f346f7d84a3a47ef3681c2f0edf","sha1":"0cfb97f0059b424e9fea2d3bee1205eef2a3ade9","sha256":"2722a95fe170a97691dc7dbba5a886903ba8cc4df598be826cc85f1d34f7d7d6","sha512":"c66d6baa4b19e3341fb40218bf047e053bbcfc317b77baac02b8cda7be765ed43ab593c7906be7c326cc30c14ce2d9ded48abe92ae8fc31bcbc96c4b8aaf13e3","ssdeep":"1536:kBdFmU7G2ueQALfJBFEB6Z87Fm8dNWXwjFhi7F8PYkOTyyv17lLPh/QO/5:AdFmULN1D4rddNkwj8a2fQOB","tlshash":"e9931211d4a84f12f86d90322f5f3584882b30e7e28fa54ef1705652ddceaeacee6644","first_seen":"2025-10-10T20:35:07.599336Z","last_seen":"2025-12-07T20:02:45.776355Z","times_seen":3,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":136,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/671/64142802/64142802_007_faa1.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.160Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/671/64142802/64142802_007_faa1.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 99671\r\nserver: Angie\r\nlast-modified: Sat, 05 Aug 2023 13:30:51 GMT\r\netag: \"64ce4f0b-18557\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":99671,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"dc0953de82aa712625fbcd63199615d0","sha1":"6dabacd152d5ea21f05321d8eba89537c6e2980e","sha256":"c6404b37e0c748dd22d32dedf37bf5d21de1d500e16d74977a210d06e453d1a8","sha512":"6c20a997964fb56dc76a6e1bd38b3850b922b6a8ea575523a6bff88235c08e15f4db20b01f6a8697c36a07d574add1a6ba07eca7683eb225db8fddf98f6c75a6","ssdeep":"3072:cKIhG5pJQrRHOhyrv+bJRytZf6VU5LWU5wA+:i8Qdxv+lmAU5H5wA+","tlshash":"efa312069f013e1c8b1936b9883f93695e264f96a735f346b74d6f26e34cbc2481cb54","first_seen":"2025-10-10T20:35:07.273812Z","last_seen":"2025-12-07T20:02:45.77763Z","times_seen":3,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":182,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/778/99925149/99925149_021_167d.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/778/99925149/99925149_021_167d.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 87067\r\nserver: Angie\r\nlast-modified: Mon, 17 Mar 2025 15:15:34 GMT\r\netag: \"67d83c96-1541b\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":87067,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"42d85eea92ffec01651cfa67e438c29f","sha1":"d50fd8ff6da759c6f4091dfaa937954206e29289","sha256":"236ac10fef51d1dfba4a5430cca4f1082ece20167c663e1274b50526d8c7751d","sha512":"912beee35ba6d3578e5bf648d736a268afffe3de452f2c03a6b0db735ee7e341ed8a224782d5a08322b2c6939de46e5d371b3711d6bb7ff5e7505e88ec1af850","ssdeep":"1536:kncioqdjc/ocI0qNfm/It0r5DkMh2478J4Tdj5NV8aE7kLJ1h5lxNtANjSiG/x:W0q4LLqPKVDkMhJKqJJXBnx7ANjhGJ","tlshash":"0e831294cd7800b8c286a1e973bf71fb73ac9e59fcb4458217b2f7646526282b243790","first_seen":"2025-10-10T20:35:07.515234Z","last_seen":"2025-12-07T20:02:45.778755Z","times_seen":3,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":195,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/439/61088292/61088292_002_d4da.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/439/61088292/61088292_002_d4da.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 84503\r\nserver: nginx\r\nlast-modified: Tue, 07 Dec 2021 02:31:28 GMT\r\netag: \"61aec780-14a17\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":84503,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x658, components 3","md5":"651687bc63bfaec74d1d6eb35744ffd7","sha1":"c769a53ff8cb1096fabf29e1659131f3b955ec58","sha256":"f588fe981d3275dfaf145dc1377ec59b8a8d9ac530f2184ac154fb5dc5a62a8f","sha512":"b433e7071bade699126bcdd73662f76fa4477f9046ad6afd062df3598a242774afb02a2474f89892da3a854c268a9739ce1b5743d34cc429ec24bd9818c8a3ff","ssdeep":"1536:EtNcJbloZzjBKaAs87PNgpozcdUcvj6Iy3cXB7ILz0d61PolpmW6VY7:uNc1lYz86ocbvdy47oON2W6W7","tlshash":"fb8312d0da5965e0ac081054b9db9b88d1b7f0f35c8c71ee16d7f2d9a8c89f3462a1a4","first_seen":"2025-10-10T20:35:07.547352Z","last_seen":"2025-12-07T20:02:45.780049Z","times_seen":3,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/112/56767066/56767066_067_e8ff.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/112/56767066/56767066_067_e8ff.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 69701\r\nserver: nginx\r\nlast-modified: Thu, 04 Nov 2021 16:30:42 GMT\r\netag: \"61840ab2-11045\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":69701,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"bffb474dfd4e2fc7a371baec876b7809","sha1":"decb643033cc1497dead4de873777a8dd6b251ed","sha256":"32377c490693cb223310414566282cf1916ed6a0f05a2c4de7df3c36b92c74ca","sha512":"a69b2f7240f5b9b310362583fe90eac5b35d658288e514d89b954150fd5d74e6791c6ae115f4df0a36ad23826cbab4207e57fe3d437b50abde8f953364e18f26","ssdeep":"1536:8Avbrzqldj6wuRPn6m+IYQrrgLcqg1PTGLi0snGrbL:7GlduR6UYorgYquJPGr3","tlshash":"f76302c477735425a52a8abf1f90105c01786136c1a2b4ac8f1dbfb7faced0937269e9","first_seen":"2025-10-10T20:35:07.396616Z","last_seen":"2025-12-07T20:02:45.781527Z","times_seen":3,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":178,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/778/28956126/28956126_086_4b86.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/778/28956126/28956126_086_4b86.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 85776\r\nserver: Angie\r\nlast-modified: Sun, 23 Mar 2025 15:45:07 GMT\r\netag: \"67e02c83-14f10\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":85776,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"63c19e735b122c4b2a1f30aa0bb15407","sha1":"a5d0b7cca518e436986fc8d1d2c54311c2714712","sha256":"17943f06df67587b1c50ff84ad8ba560adc9cd0315cd2330f2df9e179f8c1933","sha512":"d9d93dc6e4956257cd7715f7451f74398f117b8244462f6a207cf79edc6a710b9135ffae0f09069cd279829c94cd05aa7a34dc33e96a9fc597ad02d70201ea02","ssdeep":"1536:8PHo+aLpw6R9dt299vdkYK5Fcy6vjHnjEJVW4sfvpRxWJ1k0H3sjGPtuge:mH7mV8mFcy6vrnAJw4spXI8jGFuge","tlshash":"93830204f81ba363eb32fc7151c579e522c435f6d6de21c8a720e3e015ac06b86e39b4","first_seen":"2025-10-10T20:35:07.362999Z","last_seen":"2025-12-07T20:02:45.783147Z","times_seen":3,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":192,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/3/6/39290124/39290124_012_e162.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/3/6/39290124/39290124_012_e162.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 97270\r\nserver: Angie\r\nlast-modified: Mon, 24 Feb 2025 00:15:08 GMT\r\netag: \"67bbba0c-17bf6\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":97270,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x610, components 3","md5":"157a602f89476fb549bcbe6003f2eaf5","sha1":"d5e750ccd6ea8cc0eaafa5afe6b5d5a130bf7dec","sha256":"ff6320acc4705b1ceae50055f49d49543cf348eceeba1b5a2030708b7849cfcf","sha512":"7fcc8c2ee98c9ba93492a477b1d71f93572f4f4b7632894cb4ebd95032716f180e0917c0b0c4693ace863c53670d9086fe2c67ada20fee9f3436b562a6dcd485","ssdeep":"1536:UPgPlwLIOaomMoOPi8P7iBAZOrZkGcV1AAjZgm4LzEu29ZLUoJ:isl3FMop8iDcUC6fEZA0","tlshash":"ba931226dc696b3198d9ffe6a7be48485cf3e5ecefc900573606826c05781938b42529","first_seen":"2025-10-10T20:35:07.484089Z","last_seen":"2025-12-07T20:02:45.784663Z","times_seen":3,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/656/15130147/15130147_132_a34d.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/656/15130147/15130147_132_a34d.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 84514\r\nserver: nginx\r\nlast-modified: Wed, 03 May 2023 13:30:25 GMT\r\netag: \"645261f1-14a22\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":84514,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"1ff40410a588aec55e205cdde5792c05","sha1":"c5b9f28d405c3f28740ad358a4974b9e941d16f0","sha256":"b117acb1f1fd0180b5dab8bc904bf69e94b6911d7517748e1f07e283f467d78f","sha512":"e435a35e01e578f357a0ba5e20316b20897fc56964f374d678d3c6e9d2b329eef3e7f7330589863201511289880f916a6dfc4321abc9ea9f048616736477f160","ssdeep":"1536:kahQhYePZZ1e9Zmgw0qBwbIxKtfN7UpE0qSVhWQyY5tVN8FFqOELhrkn+HyaEkQt:xK+QZZ1e9Rdq9SN7UplZXyYrVNrOENDa","tlshash":"5383025cc80611b10bb80a39a041fa891a1f894afe747f38b1f527738e5d60ae5d79df","first_seen":"2025-10-10T20:35:07.426713Z","last_seen":"2025-12-07T20:02:45.786171Z","times_seen":3,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/768/85227594/85227594_073_5de8.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/768/85227594/85227594_073_5de8.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 98988\r\nserver: Angie\r\nlast-modified: Sun, 29 Dec 2024 10:45:24 GMT\r\netag: \"67712844-182ac\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":98988,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"8b699fc193b8336b1b157d5ec04d2ce0","sha1":"d43e2746716b0dd5f4e068c6c573a3341f72a3f7","sha256":"e9d827189fc2f52b4c066f7c107d32ab5836e5258dc6c1ae7f852b11effe76c0","sha512":"5e1bba402d4e9cf93080d841d9a93c7a33293d277fd46f2be2029dd64db59129db184edf99f73a8fd15426d3d2797b961e7451523a907ebc2268acd8f02b4b1f","ssdeep":"1536:kryx4b4C375QiQehxTeU1QuaUoTXmt6pWjWIyT4MUlUAPuPAetQgJCIg:aycL5We/qU1QuP4Xmt6UjuTBUlUXPY","tlshash":"a0a3126bfe1d64b30a741f79f61337ffc0110636e2842a982d0066dcdb7484999daa7b","first_seen":"2025-10-10T20:35:07.258536Z","last_seen":"2025-12-07T20:02:45.788573Z","times_seen":3,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":140,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/552/89300046/89300046_045_55c8.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/552/89300046/89300046_045_55c8.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 106094\r\nserver: nginx\r\nlast-modified: Fri, 22 Oct 2021 17:32:17 GMT\r\netag: \"6172f5a1-19e6e\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":106094,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"5c7c12a754616a3a202c42f06fba408a","sha1":"414c02a2e6ae2c623d87f7bb5e6d2e592f00f0f9","sha256":"0cb35ab4acad38fc9cd36f3317f188545d4cf4bc3d46e85352f15d00e011200b","sha512":"a5cdb8dd69e852cac3450faba12461fc06abb0ce7c98f96f945754361ab13d38ca757119a355e694323d2337262f1955e6fa90a4475e48c2774f1bc6e896a5de","ssdeep":"3072:zn6HZtpbrD655Qpl5sNsa5fd2l5JYva+Ku25JDy:r6DpbrDOksNr5fdo8va5U","tlshash":"4da31216dd6207b588f886738e7f4a528e540ef1da429fec5395c873ee59dc048b838b","first_seen":"2025-10-10T20:35:07.630041Z","last_seen":"2025-12-07T20:02:45.790572Z","times_seen":3,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/788/57198571/57198571_049_165c.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/788/57198571/57198571_049_165c.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 42568\r\nserver: Angie\r\nlast-modified: Thu, 08 May 2025 03:15:08 GMT\r\netag: \"681c21bc-a648\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":42568,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x253, components 3","md5":"352807615567d9c0ac605726e108163a","sha1":"5c56ba1878b084377e62419db8f0cab20e343440","sha256":"b50d6cda82cdfd4bb8584e86dc5bb63903e91d1173e0efc59e79fcb60d6c6b5d","sha512":"b1096ab9998d960e98a04f0786cb9f123d267f9e926b3275c8fb56f1d5087f230dbc55f428873d9be22896ca75a2f6a6c0b1746fd926e40b28c457d2b4a5553e","ssdeep":"768:l9daggRDIg23z47le18MRBmGHUl/VxrH4z8bwubmlI1zRJANPRIbiWp:l9QgUIg2E7le1VerwCJ6I1zHliWp","tlshash":"3f13e16dc71190b87b702ea6672a9157c57a2e40fa9672831f3244bbf70d0d4f8265ce","first_seen":"2025-10-10T20:35:07.539536Z","last_seen":"2025-12-07T20:02:45.792067Z","times_seen":3,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":45,"dns":0,"connect":0,"send":0,"wait":70,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/286/40303183/40303183_199_3644.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/286/40303183/40303183_199_3644.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 83566\r\nserver: Angie\r\nlast-modified: Mon, 07 Mar 2022 22:33:57 GMT\r\netag: \"62268855-1466e\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,ds6620,DS6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":83566,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"73170c1153e8b998f27221769d703d4c","sha1":"551f41074fe100edbae572c5c5641a21bdff2ba3","sha256":"26d95358cd4533b2e2ded7363613480e8081dfba3018e791644868378b5c7398","sha512":"61dec9345310777ba50c59e6b049821775ded734b94ef6c29eaf4db359e7cb53b76d6a37360f2a4a727aac3370fe744be554d920aca563e05fc40b1cce3dd9a7","ssdeep":"1536:k0yR8YcwsnFutiiDiPsz1Sg8LRUfO/tSvU9LPmMXnHFImPQ:HyRRcwOZLe1Sg8e8tSvELPb3lImo","tlshash":"498302f49370537cbb176db4f2d4941aaa58d42ce4a1477a33c6d8a1fa5e8be240438f","first_seen":"2025-10-10T20:35:07.243603Z","last_seen":"2025-12-07T20:02:45.793456Z","times_seen":3,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":186,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/95/64057468/64057468_070_b937.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.513Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/95/64057468/64057468_070_b937.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 94812\r\nserver: nginx\r\nlast-modified: Mon, 05 Oct 2020 22:30:35 GMT\r\netag: \"5f7b9e8b-1725c\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":94812,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"f7f9cd76f153a52f52829cb0f7074df6","sha1":"ed85985baab4c5e801e012447811ea78d8bc473b","sha256":"ac88c1d7b033dddbe36a19632c89950bc88f06b6f93c513f4130c2aeda558f5b","sha512":"4c9a945bdefc6fed9494f2a00599640f09ab8b354c1f2653de92d7089b8b3e952616178eb6c8e51262b6075ea924e86474c40bec75abb79f52bb264dfbce60e6","ssdeep":"1536:kSjB8ZnMoZBWQm1AI2OJP+RKWpL0pjlyKLvkyn3Ex+6p3hdvevxIcdIih7lyt:TjaO4/aAj7KuGF3ETjvDOz8","tlshash":"5e93122ed2d6902db47248bb99d025af485a0340f5a6bb3ff79104e77c48fa532693f4","first_seen":"2025-10-10T20:35:07.19249Z","last_seen":"2025-12-07T20:02:45.794745Z","times_seen":3,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/784/66328305/66328305_025_f15b.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/784/66328305/66328305_025_f15b.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 79495\r\nserver: Angie\r\nlast-modified: Wed, 30 Apr 2025 02:15:24 GMT\r\netag: \"681187bc-13687\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79495,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"c0a2ee96fb34fd517dece15fa47621d9","sha1":"959efefd5977134d0afd0452ab6ed26eb6f06c4f","sha256":"5ee438cd25cdbe91617a351e14b3e36f0b993d277222c44966ee0368b105ff65","sha512":"600dfa33b6d73abea63c1b6eb669e34c8db21a92c127535ef96de2efe2a4db6d3e4a0fd6dee8b823af132248503e02d426f04dacc10b35141b7588ccca2bdd33","ssdeep":"1536:kmZKWDn2/qQp/d2b1rBstmf1tzhmqeHK0E1KpPFtg4J2g34C8zVWikIx8OdtmTad:Z32/52vjlwHK0E1KpTg4YJzMTIx3dtmO","tlshash":"c8730201415323d5fa6c31bb23e859f21fe17123c4b9a975932d32595a1f2598f0b8f5","first_seen":"2025-10-10T20:35:07.402072Z","last_seen":"2025-12-07T20:02:45.796115Z","times_seen":3,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/437/35392754/35392754_003_bd76.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/437/35392754/35392754_003_bd76.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 72984\r\nserver: nginx\r\nlast-modified: Sat, 20 Nov 2021 00:30:20 GMT\r\netag: \"6198419c-11d18\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":72984,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"6f61869c52982842d6b300861c494074","sha1":"64cd1bce68ae04030229cd2536e8a761ff44cc6f","sha256":"4f6e651ca891b91670322c0a9057755eefc57d6ad321fac0b894db09aa51827b","sha512":"1d583833683928a76e2fdbcbf60ce768b86928704b35c9cf66e0a3dee8db6d61adad042b9e1504b5f89b12cb63e7151f249af02761e25ed68e6f33c5cc0c8535","ssdeep":"1536:k37y+laVztaUqC2VVbOEs/0GS468/YifUVVtrXNF/5fw:XcLUqrVa//06H8VVtLH5fw","tlshash":"3e631309e3a0c94d6553a9bd91e80bf41ce0025bee914d77e32ac776f783750df14a4a","first_seen":"2025-10-10T20:35:07.501531Z","last_seen":"2025-12-07T20:02:45.797343Z","times_seen":3,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/560/47594149/47594149_076_065d.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/560/47594149/47594149_076_065d.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 102240\r\nserver: nginx\r\nlast-modified: Sat, 30 Apr 2022 15:30:40 GMT\r\netag: \"626d5620-18f60\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":102240,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"4f0ddb467641a37793e0d6a9fb73b7cf","sha1":"c8189d834a2e71f07e9a92ca3a3c9c4e672195ce","sha256":"23a68ce166a1a31dc32f414bded534534983c980d174b8c2e51ad10c4aef808b","sha512":"ba5f2119d1253a028ce2fa6ac50f2974d4fc1f8ed5681f33229f146ec316423da3e5abc44edf5e750c02661fc24660429f8a54a3bc64a186a91e88f344d34fae","ssdeep":"3072:pBJpisclMGeboPJTfOKeqGW6gHkfa5jdJM+F:XJzGesVf/eqWgRd","tlshash":"74a31274c8dca5200788153e3b84f5cb0fd95b63bb919987f4a540b4e8bd07736a2f26","first_seen":"2025-10-10T20:35:07.495478Z","last_seen":"2025-12-07T20:02:45.798646Z","times_seen":3,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/619/44538609/44538609_038_60d4.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/619/44538609/44538609_038_60d4.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 101410\r\nserver: Angie\r\nlast-modified: Mon, 19 Dec 2022 10:32:03 GMT\r\netag: \"63a03da3-18c22\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}],"data":{"size":101410,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"a905a12588c2524ea5d8fd07bf9f5b3a","sha1":"ea6601559cd1becf77fe3c1ef3fa5e694126d25a","sha256":"d77ad1f7725dcc5ec3a486c31de379040d36a934c25e58c82e1c9607e367f43c","sha512":"821b97c8321eb72af6d396743601ece334d5838e93954e032c5ca0bae1ca3547da6012528c2248ad29c607caea182e50a678af8e7780f2d52e9cfcf2be8e253e","ssdeep":"1536:8dLw6ylL47yiZdQpMqK6sQxkt7KemR6PQBBKik3ja19bbEj+wZhdk/p8ApmVim0:0+efdQpMz6siIs+KBy3jY9beze/p8Ydn","tlshash":"33a312bcfa62773f0d8260bf421d51a659b6aeb784b0120b90bb33dedc1d1630725a19","first_seen":"2025-10-10T20:35:07.506432Z","last_seen":"2025-12-07T20:02:45.799829Z","times_seen":3,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/58/50087400/50087400_082_cd95.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/58/50087400/50087400_082_cd95.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 106891\r\nserver: nginx\r\nlast-modified: Sun, 20 Feb 2022 18:32:56 GMT\r\netag: \"62128958-1a18b\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":106891,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"7448aac5111c4440971218bb6eeb00b8","sha1":"60271691bdc9409c841837b810d6432c93d1c35c","sha256":"6d0ad83f2a3b3d65fc43cd8c0a0496518e0f29450006eb465fa474f6e5dc8d90","sha512":"cf68b0f67b3f8129d5ef2616261ff097ecc0221ada30fbdb8364db273da7404502dbf4bde1cb316405f695a3bd34e96f46838b444776ebd9fc601fd0956fcc4f","ssdeep":"1536:8yG165jnFa11VjDPKHwXPENz99TU0iiWYSMWDDJvO6e7QV4U3i:P1tKvCHOPENz99w0iiLynSM53i","tlshash":"b9a312c9a984dd28b1fedd7e005029f5d6cd1b44da5f38b911b50ae8af88a032ddd09e","first_seen":"2025-10-10T20:35:07.632521Z","last_seen":"2025-12-07T20:02:45.801086Z","times_seen":3,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":165,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/13/67776385/67776385_023_f4b5.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/13/67776385/67776385_023_f4b5.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 91561\r\nserver: nginx\r\nlast-modified: Mon, 14 Mar 2022 13:30:49 GMT\r\netag: \"622f4389-165a9\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":91561,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"8783c7c671b292790308f8c7699f67ee","sha1":"ae084d23748bf3ba56ead296c50d3a488bfdc2fd","sha256":"ce7a238e690b6f56d7008abfadef765175c7035c0bd8da24dfbb41604d2736e9","sha512":"09ec8db9780cf1931116212c89b34b155cef23ba02430d41823ffdde710f2e7d7c956d1213cd24a5143927111a856148a2eb5743c2656650c264c5217b1f9955","ssdeep":"1536:kqMQr27Hdm1T0CPOP8OPZ/Zp99J/4qHy2RHgK5ywfjBGiJqrjg1PXZ:XMQMHdm1oCPO0OPZtgqS26K5tfVA/gRZ","tlshash":"6d9302316aa60ea7f4746ff46ed1024dc47a0d718e26eb8e6df8d508dc25dfd884a720","first_seen":"2025-10-10T20:35:07.23571Z","last_seen":"2025-12-07T20:02:45.802247Z","times_seen":3,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":184,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/92/41766343/41766343_020_2bd6.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/92/41766343/41766343_020_2bd6.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 76101\r\nserver: nginx\r\nlast-modified: Sat, 03 Oct 2020 23:30:08 GMT\r\netag: \"5f790980-12945\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":76101,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"f27966170d3b6768f1d47df511fa2a1b","sha1":"aac814810bf243227be7c032a15e53405a7da8e5","sha256":"4b6f7bacb62528448684f3816b68912af5b2d681980de1ef69f0fa71036065c5","sha512":"79d2ba664a5ad4600ea809eef387acf4e69bafcf8aecfa4b93f949fdc1916a12d5e334bab2124557c3d2f370bad706e66aeb004820846f935551b7bbc35f7823","ssdeep":"1536:kyI4376kkESTfHhxLfvxpotzBNAHq9fFO+nHq1vBep:5I7kkJNhHxpAzRfFTnHevBep","tlshash":"bb730267ee11fa52c1ef4cbd795a762bc1ccd722ea289a62053c9d0683d6e1f17404e8","first_seen":"2025-10-10T20:35:07.519049Z","last_seen":"2025-12-07T20:02:45.80332Z","times_seen":3,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/3/3/39251910/39251910_018_92d7.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/3/3/39251910/39251910_018_92d7.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 78637\r\nserver: Angie\r\nlast-modified: Wed, 25 Dec 2024 07:15:05 GMT\r\netag: \"676bb0f9-1332d\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}],"data":{"size":78637,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x745, components 3","md5":"d5400d0130323ba597a63cc04896d627","sha1":"426cedfb614d633c955deb07cdac36c2c5829c39","sha256":"10a70f0edefba256d7b3c87a6620c654871aa7cea670670d7618cca74dcfa982","sha512":"77256bfc1760aa2a5395249ef2e1386c870c0afd7d8b2554279e4fab5f2382160ce94a70d27fe809e7c69706e646c8695f7d12d30387f912804eea115645647c","ssdeep":"1536:7BV6t+72vcRj2qLTOEWPN7GH4xLa17eJ2aMLzZW:fawjpXOE4O1raMvU","tlshash":"a87302f5b180017cf9b382388d5e49c38fa175aaeb8845921d7e165cb7b784c2c483bb","first_seen":"2025-10-10T20:35:07.353909Z","last_seen":"2025-12-07T20:02:45.804528Z","times_seen":3,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/676/84140591/84140591_004_0109.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/676/84140591/84140591_004_0109.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 69201\r\nserver: nginx\r\nlast-modified: Mon, 12 Feb 2024 01:31:38 GMT\r\netag: \"65c974fa-10e51\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,ds6620,DS6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":69201,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"6900b928480f1591fe6ba57fdafcd93e","sha1":"c0180d69087dd4ca57a401be9b0c147708f9677b","sha256":"63ce2454e5f6ce72102cd321cadb211a0a4fb4fd09b2f02fbc9504598b0082cc","sha512":"e3c16ac522a09c397e7142743b16d149aa401ade6cdafd695da23d4af0407922d6f177044a1ed119a555fa8a90cf9fc562158f5f8faad0246ac8e99e4ee0c91e","ssdeep":"1536:kPXAGVzjEWz5KboeYYhWC4s4v4hSeCMML+mI:KXAGhjEWz5KceYYhg4yMMm","tlshash":"de6302bf8a8168948faa747384dc078dfc1335add5176c66d6e00e06a3d3467caca9cd","first_seen":"2025-10-10T20:35:07.663212Z","last_seen":"2025-12-07T20:02:45.805607Z","times_seen":3,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/127/61335450/61335450_003_f08c.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/127/61335450/61335450_003_f08c.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 44505\r\nserver: nginx\r\nlast-modified: Fri, 19 Nov 2021 07:30:48 GMT\r\netag: \"619752a8-add9\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,ds6620,DS6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44505,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"cf581101ee81ab816ea7c4d1b5f336e3","sha1":"043097c0bea5e4f42099397cb2e3fb54a5a8b7a5","sha256":"c1c810004778e26842a009361912796149fa552dc62ba20e7152b93ff6dd1e86","sha512":"0b273ef7bcca670b1732f3c61124bbe7ce97ea1a9a1db5716f094318fe4247268a787a6ae8b0598e3a78b9b9d7d9194eb6310e8d68340d6290ad9de4e5890c15","ssdeep":"768:m2iC/IOu6gDqMT4/H9htK1HdbLb3fHjWbIvpKqjHOGkqn:m2wOu/qqCHfY/bLD/jWbAp5jHYqn","tlshash":"ee13f19bf5d51031d46dd6f4b3e66e220389ef17c1fbb0d1efc90079594232ba89825a","first_seen":"2025-10-10T20:35:07.300695Z","last_seen":"2025-12-07T20:02:45.806651Z","times_seen":3,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/1/174/41714967/41714967_001_0ad4.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.902Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/1/174/41714967/41714967_001_0ad4.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 97629\r\nserver: nginx\r\nlast-modified: Mon, 01 Nov 2021 11:30:30 GMT\r\netag: \"617fcfd6-17d5d\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\ncache-control: max-age=2592000\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":97629,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"4da09e246a0ab51dd913ea8ff2774216","sha1":"1c903513468c05f515fe7a8592cd3cadac157be2","sha256":"54e52c85384fb31cbadd2bc7646193f5d6937ff3228acc7f7afd9019390ebb9d","sha512":"fbeeaba3ccf6e1c4d69968fdb24fb6f82de9a64c7752491e7ec21dd7e40afc424c611ba2f86b730062427300bbada1c7411b7974816f0007bf2bf30fcc5994ad","ssdeep":"1536:8KJy8CkYw/h1Qx7nolnNr6EpDtljqhidruIY6+AmZtvugdc0SL:JJ+5w/h1QloltDFtl+iTYtvtddSL","tlshash":"b9931277e4c4e25ca3269ab017b6ae441cf11ed376550ada0de393cab8350bfb45db08","first_seen":"2025-10-10T20:35:07.42444Z","last_seen":"2025-12-07T20:02:45.807828Z","times_seen":3,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":59,"dns":0,"connect":0,"send":0,"wait":69,"receive":113,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/779/77907079/77907079_005_dece.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.011Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/779/77907079/77907079_005_dece.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 150249\r\nserver: Angie\r\nlast-modified: Fri, 28 Mar 2025 13:15:21 GMT\r\netag: \"67e6a0e9-24ae9\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":150249,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"26c6fe55d0138ea74e7fcb7f8b9adaa1","sha1":"986f2f20f36548e68ab56e07a1bd9e6aee3f684d","sha256":"ab1eae613331ed47d596e02be9460d4c0011a177114274c1c101c943a27f034b","sha512":"ac21f1296a0b293af7b126864c95a6936eb2f8da2d0d04ad158bcce94b8480bacf1e1ae216936f2a91562773317b041746497bf78e03e60e6896b42f59ee8147","ssdeep":"3072:ZxbVvk0V7+ogEQ72EFwxnAngL9DM4ou+W7Wx1zhIYzA+OkJ:Z/R7g/f9gL9DFOWSxkQ","tlshash":"75e3131242b1ee590a4bc43de4fa091f0bfa9c31b45462db38adca33075c39bee5166d","first_seen":"2025-10-10T20:35:07.127537Z","last_seen":"2025-12-07T20:02:45.809036Z","times_seen":3,"resource_available":false,"data":null}},"time_used":308,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":236,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/47/83970002/83970002_064_8ddd.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/47/83970002/83970002_064_8ddd.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 86875\r\nserver: nginx\r\nlast-modified: Fri, 24 Jul 2020 19:31:09 GMT\r\netag: \"5f1b36fd-1535b\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":86875,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x694, components 3","md5":"e27d00eb2bda6a56962956d16233c0e1","sha1":"5ad636d7c3c2c8698b2bd338e9e4937bf56ed7d3","sha256":"93406553938712d5fdbf348c347819bff47af49caae2e0dfdec90a56a7e3b7d6","sha512":"eaaae8d8ebcebd47c4bfddbd28c75f9317a3573e20537d06f2309e3718db2e9e76a8a3de5067a13e73d3eb242e56f8b40798368b1c534d678fefb231e1c4b262","ssdeep":"1536:KcnI+Csjfs6L17EhFmdUY0J5j8dVGBaFYkxu0nyyoS40VOD1lqQiKKaetA:pIwI61EhXxJZ8dEHkxHf4jDIAetA","tlshash":"8783023ae69fed94b0f67dd72101c4954b006e222a6d3c95c777872ebe14253dc142bd","first_seen":"2025-10-10T20:35:07.285953Z","last_seen":"2025-12-07T20:02:45.810472Z","times_seen":3,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":167,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/768/71846894/71846894_021_c143.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/768/71846894/71846894_021_c143.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 38618\r\nserver: Angie\r\nlast-modified: Wed, 01 Jan 2025 05:15:11 GMT\r\netag: \"6774cf5f-96da\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":38618,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"3b7fe9837e3350388e0fc2521b2e34a6","sha1":"2fb22f715a7643b22f113cd2bf0ca7b74d0856b2","sha256":"e371b7c3a18850fed7a1bff635073c77393ea504440f27a1cd8c0d4fe6439d75","sha512":"4efff4177624184433b421c5ea13a766bfc856fbe91c8c307f80a1edb1244bb654e0310dd5aeeae174205364dce37423e20ee6019686f744190e104955d3449e","ssdeep":"768:mtgjNBd49FF1Tatx+iyS8UMfPffttPcuR+HAtILc6yeXNJ7j4Fwse:m8gf6x+RS/MflGK+keXX/kwB","tlshash":"c103f10ae3554ef83ae2d23231227e5edfc82c3a55519f262a9274641fdc231e197f4d","first_seen":"2025-10-10T20:35:07.443905Z","last_seen":"2025-12-07T20:02:45.811689Z","times_seen":3,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/470/61059854/61059854_029_7ca4.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/470/61059854/61059854_029_7ca4.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 104748\r\nserver: nginx\r\nlast-modified: Sun, 26 Dec 2021 08:31:06 GMT\r\netag: \"61c8284a-1992c\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":104748,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"c858c1f8413568aa500f4336e1af031b","sha1":"95ba527d4abc3762496a903e62493c4acb5657e6","sha256":"70d585ad1a5f2c1651309ebc602fd93e5fa62f87a8a75956c8a900b5652a7420","sha512":"eecf238d6dc7f979cd623a49e4d2c666a195d0ee72faa03a14b4765e70fa8e205ecfe3ea30e29106f250c69494d8744791b9216da21f287b06532439a415f058","ssdeep":"3072:ZxUD4TKfjyC6yI5jxXXiBDfXuzBQj3GCHWw2U:0UF9Bxnw/yBQjWC2wB","tlshash":"34a312e6c208560b2621b23bf27c5b2a6f79fb2594dc319006cf7662f0d8c671b091ed","first_seen":"2025-10-10T20:35:07.382039Z","last_seen":"2025-12-07T20:02:45.81295Z","times_seen":3,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/300/46572135/46572135_003_e4f5.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/300/46572135/46572135_003_e4f5.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 94789\r\nserver: Angie\r\nlast-modified: Tue, 03 May 2022 06:32:42 GMT\r\netag: \"6270cc8a-17245\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,ds6620,DS6320,DS5059\r\nx-proxy-cache: MISS\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":94789,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x658, components 3","md5":"046d49253b6fcc09351b11d60c3f799e","sha1":"6467c957b16166cf03538982ab84118ffe56dde3","sha256":"7a8b1eb87ecfcfd0f1bb79a00c17a56ef146296b5779a7ab9a702b1ca7aa9130","sha512":"f8e17180ba99166dff2f6248a3e67a26034633dce62a5b300a394122ac2d7471004c99376b773bc26d9f790f2eb199105212382317113d18c9bd4861959e7ae4","ssdeep":"1536:ERrhY94FkAiA5ZZj9ALMvmxzhvd5gOrkcJkYzcsgBVi4/TAcS1SuqJJih:MrhLFt1SLFd5gOQGjGVi4UdcVJih","tlshash":"72930215d7b976f57b710139a028603321e4bb7dbaac14c08a4cefc4afdd71716aa2b4","first_seen":"2025-10-10T20:35:07.57198Z","last_seen":"2025-12-07T20:02:45.814191Z","times_seen":3,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/3/2/37452403/37452403_012_d6de.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/3/2/37452403/37452403_012_d6de.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 91821\r\nserver: Angie\r\nlast-modified: Tue, 12 Nov 2024 05:15:23 GMT\r\netag: \"6732e46b-166ad\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}],"data":{"size":91821,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x571, components 3","md5":"fc742f57bde211d9d7af63bf557d28cb","sha1":"bf45032b34e5c777d33704debddf7c59837df7ca","sha256":"e65ee3a7087f1a7973e5a7641a38a2775aca69eda1ed220f793c4ddee6e238f9","sha512":"7d4a501e1c605a58d22301aa994909838dcc9de13992bfbd27e2e5ca92696c65f5b53b02020cc24172618b5d4b8c058e13352a16089c3a8d4dc9ca0bb69d8dca","ssdeep":"1536:9frrV/97LpzRe7aID5/Xi8dPnNjxK4HsPPxDvNKIRfLAGsgnqv94l0dz:tr1dDeN/rjxJMPZlzds0GHt","tlshash":"f8931286f90d5b6b5783e2e704d88d87adb268c07c9d047a06275d4e6f80ce175874bf","first_seen":"2025-10-10T20:35:07.497203Z","last_seen":"2025-12-07T20:02:45.815454Z","times_seen":3,"resource_available":false,"data":null}},"time_used":374,"timings":{"blocked":138,"dns":96,"connect":19,"send":0,"wait":37,"receive":50,"ssl":29},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/682/68382767/68382767_020_3683.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/682/68382767/68382767_020_3683.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 100884\r\nserver: Angie\r\nlast-modified: Sun, 25 Feb 2024 04:30:24 GMT\r\netag: \"65dac260-18a14\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":100884,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"577fadb75bf308726099e67c790e4d15","sha1":"d960ea089d7e500616de5588946dafa86e32aab4","sha256":"d0679074efe7f7510a1b50e10b82bb83e7f6e0357e93d66112487d8ccbaa0fb9","sha512":"9caa979ab963444a312ef561be6479218d20023a1d45824ff64406d8df63e9a92974d86ffb15d512f02837fd78c111f305224ef63187e2505d981aa7eb0f05df","ssdeep":"3072:84zrDZzRuDbHzFeOA/VNv7HLCgDgn/PI+Y:84zrtzAHzcRH7Dg/dY","tlshash":"c0a31244ae79db12e632a2715c640f4ddb7f4e38cbde1f25e4ac0935a3849036b2858a","first_seen":"2025-10-10T20:35:07.483055Z","last_seen":"2025-12-07T20:02:45.817373Z","times_seen":3,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":158,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/1/385/89033812/89033812_007_b4d1.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/1/385/89033812/89033812_007_b4d1.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 87405\r\nserver: Angie\r\nlast-modified: Sat, 31 Aug 2024 16:45:30 GMT\r\netag: \"66d348aa-1556d\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":87405,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"cd1551bb242de1c11bed5b6c2d77fdf9","sha1":"df349d76b6e2f265602298ac517b3e7a0c36a70f","sha256":"1e098d09d6e7a9f9babbd2e3e550d24886140cdbe0a3e82170225f12785a5f32","sha512":"53496751b47a27edf4ea8de67339d9737d6a08268c2c6f586a8dae8c02c34710afaf8a004db1b384d8768946c080c5eb77535d02d0815c6d5fb1177300e89a9d","ssdeep":"1536:kwl29KrnLQ8dYAFmY+dY5LC7wJxbJk1z6xkf99X0XAunCd+LRvM6l96Kl9:qIrM8dEpGOmxFkh6xa9xA5CgR0o6A9","tlshash":"d78312185c5a2adb479e1efe24ac3d93cab6d2354320f5158e345a62c543eee31cd293","first_seen":"2025-10-10T20:35:07.199213Z","last_seen":"2025-12-07T20:02:45.818954Z","times_seen":3,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":181,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/445/69944008/69944008_028_1fc1.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.584Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/445/69944008/69944008_028_1fc1.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 93602\r\nserver: nginx\r\nlast-modified: Sun, 19 Dec 2021 12:30:47 GMT\r\netag: \"61bf25f7-16da2\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":93602,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"0921261cc456b0fe5839ccebb00b2384","sha1":"32994966d72af42dbb2605727356b3ce99aa474d","sha256":"153580c59ad791f160e337f873ce101b8730defc982396402f86c8eaf934f872","sha512":"ef6e874c53097ecd0b1853d9410ac251b5178f33111ee25db84730cc314ba28c0a843fff5d7debbbf89e7436c38aede4a2c7ee725844e3ffd1e9991614a23ad8","ssdeep":"1536:8ram+zwRntLxP3yyxp5z+x7wncnhxam0W6NCbNN37YcN1zrdYj8QXahHLiGkE:AdBt1DTQ7wncOm0kt791dpHkE","tlshash":"b1931214d3a908d4f82c76d4b9c32eb502f6b973c1c914a4b2d2603613e96d6e4779f7","first_seen":"2025-10-10T20:35:07.417302Z","last_seen":"2025-12-07T20:02:45.821527Z","times_seen":3,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":179,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/789/42109627/42109627_009_3447.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/789/42109627/42109627_009_3447.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 99486\r\nserver: Angie\r\nlast-modified: Thu, 08 May 2025 18:15:22 GMT\r\netag: \"681cf4ba-1849e\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":99486,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"091c4e73bd4822768e2dfdf8d2e3a531","sha1":"b23140ba7eab17dedfb94072374422e33d1fab32","sha256":"d8a285ea9a908cf04e1ececb01117578eacf6254a28094672490927e0825302f","sha512":"185187ae73f741b9b31f7dec62b44cc11c6d611d678324203cd5a4d7480be48146fe94ca779ad8e295d143cdcd8844ec133a4ca45b0c62900ef7620d5fcd27e5","ssdeep":"1536:8gs3UnpQEj/JLB5nLl4Z6jsvWNu5G/3KW/oGMhLwpgsYSz7Q8pBWO6etbuV:h3np9N5nLqZV43KW/Pkl+7DBK1V","tlshash":"45a3029094fa21f85b1f50b668181bb1cba5c79dee15f9c8011bbfe83de68c590a01de","first_seen":"2025-10-10T20:35:07.439901Z","last_seen":"2025-12-07T20:02:45.824468Z","times_seen":3,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/5/76/30768371/30768371_001_9c9c.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/5/76/30768371/30768371_001_9c9c.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 135233\r\nserver: nginx\r\nlast-modified: Fri, 25 Feb 2022 19:33:17 GMT\r\netag: \"62192efd-21041\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":135233,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"91035f6bcf2202491d2bcd4d2e8b500e","sha1":"7a52c38015d85d3246572e7a72b03ef447af59cf","sha256":"6e30998173f45adb78e94b050383b8f53fad9458aa8d54424b0df4bcc03f9c33","sha512":"5000175ecc295ce512cc39e0d0281448b86770fe56c88b1f99c564139d61aeb50ff22ae885f391ccb85ddd76750401be78c3d1ed9287d6cb9d6e30300ecb2756","ssdeep":"3072:Z/FYSvCpmJ1N2Xey9THn2yMGA73Zoq5F7:dFYSFSX99TH2uQpF7","tlshash":"15d3135787203b9540a9dffc14b583cfad050a82f800eceb4a7c4b90e966d4b6d9a7dd","first_seen":"2025-10-10T20:35:07.538181Z","last_seen":"2025-12-07T20:02:45.826637Z","times_seen":3,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/778/78884293/78884293_064_3861.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/778/78884293/78884293_064_3861.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 87429\r\nserver: Angie\r\nlast-modified: Mon, 17 Mar 2025 12:15:21 GMT\r\netag: \"67d81259-15585\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":87429,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"67bd5169afe64cbfb52768d8114af239","sha1":"acc0ce43450cb1646176d3027b08bc9158072dc3","sha256":"2fc8cacd6ece689b50a3793802af95487b3b3ba8ec667600d577393fa6fdd961","sha512":"f973decbea3236bea847c2485ae559683b2063068b3ffb7868d4aa3c56f5fd21ab4e2e245b7b1796412fbd73e02ffde394718518ccd5943becabdbabc1946c00","ssdeep":"1536:kKb+F95DFR2ioBcSLiOW0CmEQ14WYZb2Xb4bWhsIDauwIeEchNAgIvfWmcWTeccU:WDL2B1JEQ2WYl8b4ahIalgirv+micc8x","tlshash":"648302db910945bfe26acef10ce85ec6883045d377167dba1f80a7d9a510cca2a52b3d","first_seen":"2025-10-10T20:35:07.348028Z","last_seen":"2025-12-07T20:02:45.828557Z","times_seen":3,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":141,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/5/174/38303531/38303531_009_41fb.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/5/174/38303531/38303531_009_41fb.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 104706\r\nserver: nginx\r\nlast-modified: Mon, 18 Oct 2021 09:32:27 GMT\r\netag: \"616d3f2b-19902\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":104706,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"7917cd8841176c1864d991bb6e59652b","sha1":"a5791614ce50a7fb7181900223388ce9a95b55c6","sha256":"dc7b30aed28551ee326f2d5f94c7db594bd854137437e5213e96b4075dfc95fc","sha512":"70b0d0d8a0fcb19484fee2c638009342e11c1ed7d73f3457cd34c059e834010d7ae20ebe7c129f6e658fec3bc4af308b34da0b2918b4cfcb3c18e7df9ceeac6d","ssdeep":"3072:C+2uYeXym3QxRQOLm3JM8bgC77mzGtobeaKNnY3QVR:C+KeCm3p1iZC77oGYfKtF","tlshash":"19a3120bdc790254cc8640bd73e50bf9a3b64e19ba18a589820af27c9d4fd13479a7de","first_seen":"2025-10-10T20:35:07.335348Z","last_seen":"2025-12-07T20:02:45.83085Z","times_seen":3,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":159,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/454/84435819/84435819_093_e8fa.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/454/84435819/84435819_093_e8fa.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 99723\r\nserver: nginx\r\nlast-modified: Fri, 05 Nov 2021 10:33:03 GMT\r\netag: \"6185085f-1858b\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":99723,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"c559120b1a3c8ff3b05bd2fa2d4bae5e","sha1":"7c414b0f7b5a13bafb776055b329ccae6e7b32ab","sha256":"11302d1b850421ec091647a2e096fb73ff4512c5ec75b89b19e320807ed88f97","sha512":"a8dd86a0d781694fa81a6aad1179569790719eb9346a48e5506797b0c7ffc436ec28f9d647c41fbdaca36e966729fd88cf924b30ab935fb611f499be48115ceb","ssdeep":"1536:8f/+G8hErC2qJtW7SUmJCHkFmZggPO+2oMz42xWTCq0drPggWz0/PeHN97SjQceH:C/du2p4JCHk8PWoME280drogWzhH+J1Y","tlshash":"cba312e0ef8172f1dfc311b6761ea026791fce85a4f466e276753e8408b404a78dbc19","first_seen":"2025-10-10T20:35:07.231628Z","last_seen":"2025-12-07T20:02:45.834878Z","times_seen":3,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/787/56615817/56615817_035_0e0c.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/787/56615817/56615817_035_0e0c.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 68412\r\nserver: Angie\r\nlast-modified: Sat, 03 May 2025 13:15:25 GMT\r\netag: \"681616ed-10b3c\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":68412,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"f3bd23879ffe76afc08b7d6473cf06c5","sha1":"0afb1012676feec73633a5bc605f9e9739903dcf","sha256":"35d02fa060751be4582a3a8b08adbeb3d190085ade28b4645708f70670de087b","sha512":"2ba9adff8725214d956e66765edfbe1278830c777e9b6855e29fbfecbef2cb551eba9212bf60db328ed3be8cbc0cfaf4f2b4b2eacebd82f13a8abc61d888f813","ssdeep":"1536:k+C6EHkDXKVhzJCAbziO/BFibU33k3GCm1YRSDhht7:Z+4XYhz0AbzN/eI33mx5Ruhh5","tlshash":"d66301b3e66945ba882f9a7d69106220d0f1d4eff133439c2426ad94c6b2725e11398f","first_seen":"2025-10-10T20:35:07.38091Z","last_seen":"2025-12-07T20:02:45.843236Z","times_seen":3,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":130,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/779/26709025/26709025_024_bb20.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/779/26709025/26709025_024_bb20.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 67090\r\nserver: Angie\r\nlast-modified: Mon, 31 Mar 2025 11:45:14 GMT\r\netag: \"67ea804a-10612\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":67090,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"0a1227db4165fc3ff791aaa63dff51e5","sha1":"f3597382c757bccdf26b49719c96821e2a8cea88","sha256":"ebc5d3e5d5137b278fed15ab74b634bbb52c1da84f77fb8368b3fbb865ca4b67","sha512":"6d21831e3eb73523d68747deba1dbfc8a6ab626e58c448c2391aff7b6f7b20780454f264e85073dbf0a653a3900004ad976eded950dfe770fc5aee0605c46f28","ssdeep":"1536:klh/Gm/JNjaWq3l0/0Eh2o6zJATMtkCvNX6EEZA:kGmBN2WqV0/KrHCCv6i","tlshash":"606302fddb6290d7cf6efa19078e081888116757fb747347fba4d2616307a8ea434860","first_seen":"2025-10-10T20:35:07.256342Z","last_seen":"2025-12-07T20:02:45.845334Z","times_seen":3,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/101/95677442/95677442_031_d471.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/101/95677442/95677442_031_d471.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 120119\r\nserver: nginx\r\nlast-modified: Tue, 09 Nov 2021 03:31:54 GMT\r\netag: \"6189ebaa-1d537\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":120119,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"1bc8758c6e76e33c325f81d42997e0c6","sha1":"8d9320e1cb55d26a18ef5f3c209e0a15b94eda2d","sha256":"6e08792e971fad139bbb5146e8b83d0d6de268a0aaccc61f00568380decf3d72","sha512":"e6955bc75888239a6db433e0be5f7d28d4555c63384885a4a30029be75e5063bdb8ab322c14b24e6c92321df409a48942e36676caeb682d0ae629e5ae22a77a6","ssdeep":"3072:gqHVgLk28ZTeKHhW2b8cAs22PRPv0FI59i0fR:gsVYceKXlvqKR","tlshash":"2ac312b9c63b8e6aa92582bca9d17c434b29cbe3756753803c3b553ce6fe01815d34d8","first_seen":"2025-10-10T20:35:07.269956Z","last_seen":"2025-12-07T20:02:45.84782Z","times_seen":3,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/351/59166854/59166854_130_be94.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/351/59166854/59166854_130_be94.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 110277\r\nserver: nginx\r\nlast-modified: Sun, 01 May 2022 14:32:57 GMT\r\netag: \"626e9a19-1aec5\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,ds6620,DS6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":110277,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"584eda7552c34f1f758049adef75ee8f","sha1":"0a5ac096f0076ddc62219788c4a71c2128ca0138","sha256":"35edd25418f36fe99e6e98b571bc26e9f888e71d44a730b69d64c1595c5afc73","sha512":"4ba395a30edb86bba179c4fb249b6bfd6f71e60d25815325a0b00039a08bc73d9f88b47c21c9463f82470688ff158a7a333462e12f1ca8e2376f84666382e06b","ssdeep":"3072:hEvD8EYT3A8rn1ImS6KEit6cipFm+o7iqEC:hEvD8DIT6KDgY+o7fEC","tlshash":"9eb31261fcbae0a1bd9e343a27de8a519791e6367354300642f94032f52acc57ff9b12","first_seen":"2025-10-10T20:35:07.420225Z","last_seen":"2025-12-07T20:02:45.850174Z","times_seen":3,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sexiframe.com/img/logo-header.png","fqdn":"sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sexiframe.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 28 Nov 2025 07:47:30 GMT","end":"Thu, 26 Feb 2026 08:45:16 GMT"},"fingerprint":{"sha1":"DD:85:8C:C7:DA:BE:16:4F:59:E0:67:AF:F8:27:D9:FD:17:BF:18:AC","sha256":"0E:71:22:8F:CC:64:FC:BA:40:EA:C6:F2:DC:D9:7C:B4:F6:27:D9:21:29:6F:56:E2:01:3F:59:78:93:BB:A2:1B"}}},"request":{"raw":"GET /img/logo-header.png HTTP/1.1\r\nHost: sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/png\r\ncontent-length: 8836\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 02 Jun 2025 09:48:59 GMT\r\netag: \"683d738b-2284\"\r\naccept-ranges: bytes\r\nx-frame-options: SAMEORIGIN\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q8ot7fR22yPH1qJOrk9eXCl7pQII4uqMhg3ubuVThE24NtHGGasvQOwu%2FpKUM%2FBDw4iVYG6TFwkpHVEB4oWgki6JVHjyIK4PfTtF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa69da92a000afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8836,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 278 x 100, 8-bit/color RGBA, non-interlaced","md5":"616716fcfab952d639b12d9be336f1b3","sha1":"2e50822f8e5bc57e88b278f34ea912a3603b1a9f","sha256":"6cd4b7860d856f2ea6e8bc01d512657ea93a29fd4ccd56360febd5ef9f32fa8e","sha512":"2d6ac6dfea522ebf7853cd9839af9dcbce81c78f4b9ce1be98d512e3f08e360130dcc4aef640225498bf9455fb4b0be0568073444b846e9c59b47f9c341bb39f","ssdeep":"192:sqevzkM0R5D2qfFCPymoJpjB72aE3BGFkbDQhLUw6teCs:20R5DfFuoJpjB783MFDFl6t3s","tlshash":"6502ae0797884661f92adc7a32dc15c810636f4cac80b64d24347f84567b0fa7aa9ffe","first_seen":"2025-10-21T19:23:03.577717Z","last_seen":"2025-12-07T20:02:45.852791Z","times_seen":2,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/3/3/56642328/56642328_007_c984.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.598Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/3/3/56642328/56642328_007_c984.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 102046\r\nserver: Angie\r\nlast-modified: Wed, 25 Dec 2024 08:15:18 GMT\r\netag: \"676bbf16-18e9e\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}],"data":{"size":102046,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"c6ddb3ef6576298b192023b8b9a40090","sha1":"574f366df9b4237888dbe707fb790f8b885990a1","sha256":"c0a8d0bacc63e161e1f214c2f1ba98e05b8097920e7c1e364ed22ec1ce146702","sha512":"37e6baa7d51fc65408ac4ad5d41e65fef2c10be21b46c0f618836f3f575b38c30d605e028832d4a98fa5019ba21ddd4be0f97f5593428ec25c1790ded2bc3e04","ssdeep":"3072:gyEV9LYH0d/OpFtfXjygY9yi0s8k9HCHI:gZrsTpFBUyiz84","tlshash":"d9a31219fc90a363ccba95b24a935022cc3035623ebe9fde8421786fdd60115ef658de","first_seen":"2025-10-10T20:35:07.247083Z","last_seen":"2025-12-07T20:02:45.855469Z","times_seen":3,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/783/29210493/29210493_199_c924.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/783/29210493/29210493_199_c924.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 102650\r\nserver: Angie\r\nlast-modified: Thu, 24 Apr 2025 02:45:30 GMT\r\netag: \"6809a5ca-190fa\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102650,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"f8b386bdbb49bd7ef49f5c6cd9508e90","sha1":"a6c4737b02d784347763311ae10cbbbad400e777","sha256":"a371dbce95bb1623c2d0bde6d9f2d544659bd32142f60b0b73d480ae84783d37","sha512":"b65f6b9052a553454742776f39b7d4cbeac59d17c6eae827ef51c4f4ec547ff02002f9953f4fa07f80ea400dc056495e713f55697830ac5e66996136f21f4b53","ssdeep":"1536:kQlK6NRKFMn+cvW3oJfvRBupeakGM6VN/SSv4tapTZJsyvUWVi7GjabivnJqrYU8:jNRKaneO5BRakG3J8gTZJsCi7Eyihqc1","tlshash":"07a31252528e56f163ac5e769ca4e70033fe04192170e74c6b09c9be8e9ac51f19e7fc","first_seen":"2025-10-10T20:35:07.20488Z","last_seen":"2025-12-07T20:02:45.85964Z","times_seen":3,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/443/94220010/94220010_087_222c.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.377Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/443/94220010/94220010_087_222c.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 84142\r\nserver: Angie\r\nlast-modified: Wed, 22 Dec 2021 00:32:40 GMT\r\netag: \"61c27228-148ae\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":84142,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"f350688327f0d875c60a53febd5f3067","sha1":"389fff100c31fcd7dd176fd1b85db7f17e0124a5","sha256":"4386fa433c68624c13a4fa2e6a25716d8817c4ad9fb5ccebcbc6adc8af944096","sha512":"3bb4520c375d107686072e0516243da0b05f5d7a5edb526350ba1b2181991437af977683fd95ef4e658bb6cd60ccea1db29c4fc2f5dda11790e98ef8d82c5580","ssdeep":"1536:8CFjMfP6OyipkhNu5KRYFo5TB2EtN4nbeDIt7LoAAic1K1:bFj3ViiGKRYy2E4qItfdAN1K1","tlshash":"118312fecba0f8bb50d35c3ad798ceb49d161b2790a19708f520475267b146c948ea2c","first_seen":"2025-10-10T20:35:07.418784Z","last_seen":"2025-12-07T20:02:45.862281Z","times_seen":3,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/767/37089322/37089322_039_6699.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/767/37089322/37089322_039_6699.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 120369\r\nserver: Angie\r\nlast-modified: Thu, 26 Dec 2024 15:15:10 GMT\r\netag: \"676d72fe-1d631\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}],"data":{"size":120369,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"57d3de6c81671e5f890d3dec0404da19","sha1":"fd6a5bd04a0f7695e56dd2894fefc667c9bad066","sha256":"21293ee3f32398e6f34c1abddcdad5282ffd9bf9ecee3a1002abeb163b25ada8","sha512":"0d9c64ba4be4a194680a9f28eb2393534b3c0874977eb9a09b56bf122dcf572154943bcf11d64ea73665fa03f2876621ac4bcc8beee40bcbf6b6d743509f8c23","ssdeep":"3072:nROlLfiPdnJP3qXIl8hJxX5oywE0G7NJz3nBAPj7GrSTIf:wV6FyzxX5ElGZ5BqnGkIf","tlshash":"adc30269e00c5154a8670e3060113ba80dfd84e667cd76f8c8b9923ff6adb0a7479e9d","first_seen":"2025-10-10T20:35:07.294234Z","last_seen":"2025-12-07T20:02:45.865728Z","times_seen":3,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":189,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/5/75197735/75197735_134_115e.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.514Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/5/75197735/75197735_134_115e.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 76467\r\nserver: nginx\r\nlast-modified: Thu, 03 Feb 2022 03:32:12 GMT\r\netag: \"61fb4cbc-12ab3\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":76467,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"7c2320ca233002639c66af649da37812","sha1":"ac729fa4a5fa6d4798def0099ae6cdeea22493fc","sha256":"b088e5b86d26b1bbcbe26d8dafcd5be17c9c1952b04a72e688cdbbe4980f8e37","sha512":"4c3df3e6a52e13a20e6d43b817fd454552535193983eddffb2bba04775f4d0d8ba788409d34a4645653faecc817e0b81120399c14d2641fb9900782df6757bd9","ssdeep":"1536:kkXcOdMYhI7E4DPJ5dKmXx9GoBAN1FrRAbUq2tKtr4qsWuldcCA4akSt6nAlarJ3:nXc8MYMjRSezGoBCvObhmKdLu+4o6nAw","tlshash":"39730261e004c1552ac601b9a5322d9d8fa9cbf7f78f07d604b04fb9ba3b61a40895ef","first_seen":"2025-10-10T20:35:07.462193Z","last_seen":"2025-12-07T20:02:45.868085Z","times_seen":3,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/48/89256279/89256279_007_fe39.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/48/89256279/89256279_007_fe39.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 66205\r\nserver: nginx\r\nlast-modified: Tue, 30 Nov 2021 17:31:12 GMT\r\netag: \"61a65fe0-1029d\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":66205,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"1e2567e3113b86717a831bd5c05b33c7","sha1":"4dad30b96b44c3ddc4df31d3c250d5e005a1d122","sha256":"b546ce6be61d1754e5afb1fc1639ead6183f56705afec0b75296238c17ea19b5","sha512":"39a4635ec097bfaf58d365150a8180303bc3eb6e7679ecfc17dcc216805ef72bccc89c7d676be0e341dfcdc438d95c9c7875138d1c1d4efbfffa7a8811595fa6","ssdeep":"1536:8/fqD3vg6usSPuwtvG7FBwTdNIUnqg+CF6WcLVf:AfB6wPu/DwT7nqgjF61B","tlshash":"d653f11b4cc88b17922e42547d531d4d3f0baa7dc8ea20fd029a5dd7bda23676c9c86c","first_seen":"2025-10-10T20:35:07.640431Z","last_seen":"2025-12-07T20:02:45.869842Z","times_seen":3,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/382/84549079/84549079_049_7112.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.809Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/382/84549079/84549079_049_7112.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 83840\r\nserver: nginx\r\nlast-modified: Thu, 21 Apr 2022 00:34:04 GMT\r\netag: \"6260a67c-14780\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":83840,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"258d16017f687a256ac4c362ad12e140","sha1":"edc207ca66b03bcc348bee096875991efa3e437f","sha256":"8817a048db9da428d41cc9192e2a38e20404f505af2346eabe678afcb4a297ff","sha512":"b3cbe5d41fdd11696d7e78443dece82124ea515e5cfc10c3a7498bfa52f96ae909099a58517b5de527910abab6a3b26b6927f4211fd4743f9893357f6ac65ede","ssdeep":"1536:kenf1AJDwxt/JwpS81TI9d7Pk1kt4CgP4I/y++pobFOA1Jzke8/o57p0:Rf1ApM/CpPpI37Pk1kCC3I/dIoBHfXV0","tlshash":"e383027b89567241c65042b2e152690b87a1583cd9ee47bc8b40b7cf0fe928cded53be","first_seen":"2025-10-10T20:35:07.403335Z","last_seen":"2025-12-07T20:02:45.871943Z","times_seen":3,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/1/239/92321825/92321825_003_1090.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/1/239/92321825/92321825_003_1090.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 88776\r\nserver: Angie\r\nlast-modified: Tue, 03 May 2022 05:31:06 GMT\r\netag: \"6270be1a-15ac8\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,DS6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":88776,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"12714bd72cc57ca0d14bca8557bc4b22","sha1":"6f7a058f4aab867be832b687f83cc9d2ded91c7c","sha256":"fd0d514fe4d5ec1504c2d8e88869fed8bf3a906cd47dcc48d85fc2f5dafeaec7","sha512":"3596bba97d84b4a1a9c007511488345b38f1b499f9ef60b49f97a6fd104b0ff612028af8f7641d73828bcb96cbff2733e99655ba52225293e44b268334cd0d79","ssdeep":"1536:ki1TVCKrhUzojt6IbCLbs+GVU714j9Taa4zL7u3MyhubShNPKRP1:qKrhU+Q8CLbj7SjjuL0Hubegb","tlshash":"cc8302bcf359b9943034e23e8281906f5279cde9e058e9b5b2307879af6d397005d2b3","first_seen":"2025-10-10T20:35:07.710431Z","last_seen":"2025-12-07T20:02:45.873995Z","times_seen":3,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/275/21235181/21235181_045_5173.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/275/21235181/21235181_045_5173.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 84749\r\nserver: nginx\r\nlast-modified: Wed, 16 Jun 2021 07:30:06 GMT\r\netag: \"60c9a87e-14b0d\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":84749,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"64c246a8792c4b690bd78b51a0369121","sha1":"7bf39b490bcdbbd664ec62cbd0cdba2cf7c095b4","sha256":"a0d86a51ba065573367efca95a60167996d47665a63c5979a7b3f4a24c380ab8","sha512":"f456d1fce1cf2ac2431cb057d5c2cbfc74b2ac4bbf93aea111d7959fc95ffef11d01bf2da56cdd822315427371d5d3de632236821e250a5784ffc07597a04767","ssdeep":"1536:kwHV+QjX78zgPo0ibw0mJznH2chys5/binyb8a/dyPrlbxwvWBkWskwSsOf4HAQf:z1+Q/8zTbQznHks5/baU8+OlJBGkwMfO","tlshash":"498302bc85f08eca85e827e79ec51d7ff0a97f4e879b6104ace287404305a456f35a9c","first_seen":"2025-10-10T20:35:07.210797Z","last_seen":"2025-12-07T20:02:45.877424Z","times_seen":3,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/784/97942880/97942880_011_1cf1.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/784/97942880/97942880_011_1cf1.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 76995\r\nserver: Angie\r\nlast-modified: Wed, 30 Apr 2025 06:45:24 GMT\r\netag: \"6811c704-12cc3\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":76995,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"e520ec5d6a52f892febd5be1835b4d49","sha1":"a9a1baf18855293da4826d4262857abd75b0f11b","sha256":"ce44374dc041ca628f5db9a56d6bb9f55b2fa61b576d415429ea81e6c632a0bc","sha512":"35bc1ba4667906f45637b28ef1652ee3eb87929e373cd8c2e2a1cf0139c06b09a2bd6bddda749dd58e24f38789aeb85d553bf30566e7db13a7c1d014bf49c225","ssdeep":"1536:8xA4u61q7YJNS8P0dqZcy5xifwZFBl7qBjG3+zH4123GWmkUjtcQoaDrFaj2ql:f4l1q0JNBS0x9ZFBdqBiuMpWmkUj60h8","tlshash":"8b7302472430e6c1da382b3e247c1369827c7703f55ef859b160d405f2daadb579a4da","first_seen":"2025-10-10T20:35:07.386782Z","last_seen":"2025-12-07T20:02:45.882674Z","times_seen":3,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":169,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/390/86097387/86097387_096_a882.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/390/86097387/86097387_096_a882.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 65318\r\nserver: nginx\r\nlast-modified: Thu, 11 Nov 2021 19:31:56 GMT\r\netag: \"618d6fac-ff26\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65318,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"b8c51db1438185d35636fde0a32b55bc","sha1":"eef36017242491119ea38c233aab882cef769122","sha256":"135b10fabf573f8f8ecb844610934b6ae4e0603046f3402837c84f20c203082a","sha512":"79a4a968fb6a4852ec3c15a208584b3221884406b9cddd14ea46e324cc17a56700a22a9d388f0e277640355d024202d8a0ba5932fd67272cb9ed8cc0ad8c3aa3","ssdeep":"1536:kE1Z/HUgmg/gteheDfkf3dT+ZbN/lUeaCe8+3hVpb9:N1Z/0XUgt2kGTw/m3Ckxr9","tlshash":"7753121bfb73c9aadf2d2bb0eff9207729712843c064534bf886885a7c4a5f51149729","first_seen":"2025-10-10T20:35:07.23774Z","last_seen":"2025-12-07T20:02:45.887957Z","times_seen":3,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":77,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/369/49661751/49661751_154_d839.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/369/49661751/49661751_154_d839.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 68257\r\nserver: nginx\r\nlast-modified: Sat, 26 Jun 2021 23:30:08 GMT\r\netag: \"60d7b880-10aa1\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":68257,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"09c9be748a8c71d10fa4a393dcbf86e1","sha1":"26ce128621694ea2533c56dc9eef5005887ac5c3","sha256":"8dcd347d8df4c563575b7f500f35f5d0149876067cbd64db65b15349fedf69f5","sha512":"85c2a22d43a649a49cb683afd8a1366f5ced3cd1d6c1268f51bee049e76bbcf5fddb781b83f0b7acfc1a6d5e418fee62e237e19f9ced5b95b955bed96319fdef","ssdeep":"1536:8PxYXUzTbFs8E0uGT/a5b14vHNO+LNI9ZKJWltP9rPX:KvzT+8E03iQ9LNdkLv","tlshash":"6f63f11bd90c9dcae655cbf97f020abd4b002d9ce45a76ef805189c4bf2a210e54e68f","first_seen":"2025-10-10T20:35:07.544438Z","last_seen":"2025-12-07T20:02:45.894183Z","times_seen":3,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/372/24350573/24350573_057_ce91.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/372/24350573/24350573_057_ce91.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 82327\r\nserver: nginx\r\nlast-modified: Fri, 04 Feb 2022 10:34:45 GMT\r\netag: \"61fd0145-14197\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":82327,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"b0e9f0b8ec1ff50bdf52c4f9ac2d3709","sha1":"777b9ab335c344819f218f5e5e9c02b135b572a5","sha256":"3d14f5436b92be8ce8707a55b90bd8e1731ee231246c8debac0204b882294ba6","sha512":"7afde7e01215413ea7545253757f92b5c0fb302615e26a9f96265360d98be4c80a3f90e5fe5f53bb604ba6fc243fe2537a84540c6c056efcd3970dc0200774b2","ssdeep":"1536:80mdgLVmxSVu8XZIVTu+JWUPY+rJHDCT2EU/CjQcYX7FxnSwK/0FDQIqTH/7PWfq:G6pyWu8Xou+jPzeSEU/Cjq7FxSoFDfW3","tlshash":"eb831260cc9249928e83a53439036b3705fc9b1017c6f56e473483b1ea9d88e9bdd369","first_seen":"2025-10-10T20:35:07.705353Z","last_seen":"2025-12-07T20:02:45.899188Z","times_seen":3,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/648/63345597/63345597_087_db66.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/648/63345597/63345597_087_db66.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 98755\r\nserver: nginx\r\nlast-modified: Wed, 31 Jan 2024 12:32:14 GMT\r\netag: \"65ba3dce-181c3\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":98755,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"6ec059f9b7dd2e0f9a444ee01a1bca63","sha1":"557e9df853cd241cffc829626ec77d626a8e2afc","sha256":"28551e53dc8fcd422d022b577973a4a9a475effd414070a2db70c9662f067c76","sha512":"794ee4e1154739a7ed680bf48cfaf1f7676b671e8f0b13ee7603a9e7280ea64f3bb1fe1825555eaebe6bf3a18537f840ecdd6f824812a8aa001f1843794ccd7e","ssdeep":"1536:8Kb8GNYaAHZpfbpaY5gkvrgsfSB9G6V8jFISrBZ3mFEx2BVQuhOpdDJJ7HhugcvZ:Jbr0bEmgkTgQuVE98FI2BWpVZu78FQHh","tlshash":"bea312c8e785c96cdc762db763c40b569342bdb8a354b2b2e3f9a540d32ac63096481f","first_seen":"2025-10-10T20:35:07.485656Z","last_seen":"2025-12-07T20:02:45.901432Z","times_seen":3,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/672/10929380/10929380_146_2bad.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/672/10929380/10929380_146_2bad.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 96323\r\nserver: nginx\r\nlast-modified: Thu, 25 Jan 2024 20:30:48 GMT\r\netag: \"65b2c4f8-17843\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":96323,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"02b214e0304ea6892febf0ee73e27d3c","sha1":"ef79d0bd7cd8367e23267ea28eefca9ebc2c1945","sha256":"b0601290b68ef18ddbaf3149328327e968b4812396693131db8aafaab1d70c28","sha512":"c0ed52e4cf0d4be900c8edd20e14da4f9d7bb676a5ec7885945c7f88023c60f42567b6a09d829a687e28c8cd15053cb91ce858a932301f4e8519ec1e7117a652","ssdeep":"1536:8vHJ8YW1nwH2oez+Ln7T2Thry9+rA6iRfQG7GS9JZRL/vIjBk/fgjnimjxBdJvXD:mpe07T2t29vVNG6Z5/vO/DvXAFPH9W","tlshash":"de93121de6d1b7e2d505c6a10f08cd205bcef431e8af2addee174bb291205298e644f6","first_seen":"2025-10-10T20:35:07.177681Z","last_seen":"2025-12-07T20:02:45.905789Z","times_seen":3,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":180,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/371/97901845/97901845_033_bd72.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/371/97901845/97901845_033_bd72.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 46036\r\nserver: nginx\r\nlast-modified: Fri, 25 Jun 2021 02:30:20 GMT\r\netag: \"60d53fbc-b3d4\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46036,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"d13c2dfadfce9936d565499c11d13ff3","sha1":"8c8420593a342df4a45484f54a1e6747bd02c172","sha256":"86cc9ba1e0db177b8921645f87a527a76d73763dca89552bb0700ecbdc5adca6","sha512":"83feeb88a8dba81d652b54a11bf27feae3db6ce3ad99049a2fd0e2c9d075887ea0e2848e2a615192673213d9b07a7a06e5f88c03f0c3c1963b15f8d075e7210f","ssdeep":"768:mA+d33YN3DfYHPmUxRkysgL6GdJ9d/xg4Wa+PnJ6aWOY8V9mrkI8Iel28L:mAsgfmPHxRRL6O9txgZaWIDM+X8I8L","tlshash":"5423f166cb0cc228811387f03dea115a266d1dbc52b67f8f8bc3a650ebdb0976d61385","first_seen":"2025-10-10T20:35:07.180105Z","last_seen":"2025-12-07T20:02:45.9122Z","times_seen":3,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":78,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/777/33426536/33426536_110_c003.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/777/33426536/33426536_110_c003.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 109165\r\nserver: Angie\r\nlast-modified: Fri, 14 Mar 2025 15:15:15 GMT\r\netag: \"67d44803-1aa6d\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}],"data":{"size":109165,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"be894b6cb04fc3845a938f5e6c9e02b2","sha1":"3d03265f3bbec4a54fa26457301964ad42816caa","sha256":"12a8bf78ab955a2d75e860a9344af256afd8b89cfbeabc7deffe50153c990933","sha512":"d9b28a194f2c331d6c1800c1fb52d104ed5580a7658e1c41d4c4d60bc71129ccc02f01069d6b079fecc63e4d56b138bea126be97f8353f95146cc3dd4f74bc74","ssdeep":"1536:8MxDXOqyISBlSgJzTucCMzKBQ902H2I5x992dzCkvKqk8QpTf1lOtJMzsDSfwix7:HUBlruczK+tHV6CAKqk756fZDryxJ","tlshash":"b4b3122b9b840397b3ac5d7b44ad62f4c7bc222546f88a6014f3176fd0663c90999b73","first_seen":"2025-10-10T20:35:07.656782Z","last_seen":"2025-12-07T20:02:45.915125Z","times_seen":3,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/779/24941243/24941243_077_8612.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/779/24941243/24941243_077_8612.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 84381\r\nserver: Angie\r\nlast-modified: Tue, 01 Apr 2025 02:15:25 GMT\r\netag: \"67eb4c3d-1499d\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":84381,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"30e62a0824ba2de37ee77ba208af4099","sha1":"07a81079443ec6b87eb9296ae06174333b26463a","sha256":"45613f37a63821938d45e14065e86e90b2005535cd869d32855ce25d847c70b8","sha512":"16fd73e7defe1b021c3ba6e39d17d15a79f19b338da81c852067ed816bf5e8830b1da2351a39d3e78f7f0c36fa7bce90fb87040e46b8d2feb6ec3a87579f69f9","ssdeep":"1536:kurf+z/ZTcalouUtg2fMbLZ0MWxePHfc3IEunnO2Qs6qanI5VYUz:n+/lcY2fMv28PVE4O2QlSL","tlshash":"29830217e3d3aa05e3e5c5568ec38c9174026c14cbc18e85a7e19a1fa2346e77ea983d","first_seen":"2025-10-10T20:35:07.464821Z","last_seen":"2025-12-07T20:02:45.91775Z","times_seen":3,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/1/326/24852027/24852027_018_0d59.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/1/326/24852027/24852027_018_0d59.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 42238\r\nserver: nginx\r\nlast-modified: Mon, 03 Jan 2022 08:30:25 GMT\r\netag: \"61d2b421-a4fe\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":42238,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x341, components 3","md5":"a1cd110ef4dff36971c37fea04335819","sha1":"3471d54605535433085651295c5cc0f471918e44","sha256":"33120170c60cc7f0510951759e9bc2bfbf5b388a9c8feed772d57a1d8a4d7cf5","sha512":"3dd49717feb70380683ea95e311c1d5c01395b9610eaa7c7650e0eff04392543533d16b32337a8292f7f1e95573428df5dded89f653c3afb3ec546ebf7565a2b","ssdeep":"768:+Cod9+Lfrr1m1Eh4cxvK9Va4yO+CfFnhhTxyf/4JuMhU5pwX:+CFDr1muG0vK9E4yYfFHdI4LOCX","tlshash":"ca13f159ef9c61e95e87d2331ab370ff25350a73bfa2ba0d18050406fa958f11f54b8a","first_seen":"2025-10-10T20:35:07.165751Z","last_seen":"2025-12-07T20:02:45.919975Z","times_seen":3,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/615/57037278/57037278_183_8d72.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/615/57037278/57037278_183_8d72.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 78208\r\nserver: Angie\r\nlast-modified: Thu, 08 Dec 2022 08:30:44 GMT\r\netag: \"6391a0b4-13180\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}],"data":{"size":78208,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"b1decd580ea525b41e185f02d39451e4","sha1":"3fae3f0e4272d4be13d18670eeea2d6466404cb5","sha256":"8b10cf4a4efcaa2e8494b17df77532bf5a1da8ae6d4f4bbab7bb23f3989642d8","sha512":"639f8d5f673a28098eff3abcfe44a577172a37daaef619df3919d8853806ddc2b43deddc8dafad96eef8c12217a4bd2a6058cd2eafe08f93f945a00fe4bab2b8","ssdeep":"1536:k3BerN9RAGS8BK4BHE7w/q+LNq1M46MzKwFy61JAgAxGLm8I7:3DMZl+g1JzKcbAgAoLmh","tlshash":"f8730272e1f1075dc23fd6b0e2855a268e3aed06fc212ab8f19591200ffae14197d75d","first_seen":"2025-10-10T20:35:07.626735Z","last_seen":"2025-12-07T20:02:45.922031Z","times_seen":3,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":205,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sexiframe.com/scripts/main.min.js","fqdn":"sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sexiframe.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 28 Nov 2025 07:47:30 GMT","end":"Thu, 26 Feb 2026 08:45:16 GMT"},"fingerprint":{"sha1":"DD:85:8C:C7:DA:BE:16:4F:59:E0:67:AF:F8:27:D9:FD:17:BF:18:AC","sha256":"0E:71:22:8F:CC:64:FC:BA:40:EA:C6:F2:DC:D9:7C:B4:F6:27:D9:21:29:6F:56:E2:01:3F:59:78:93:BB:A2:1B"}}},"request":{"raw":"GET /scripts/main.min.js HTTP/1.1\r\nHost: sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nlast-modified: Wed, 24 Apr 2024 09:50:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6628d5c9-1edc5\"\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=73cI5qtPQG8bJ7Ucu95g3ajMomLtiGS0m2SSoeBlMS9yt0LXScYE%2B3G5XryzzCIqei%2FhDqDFG0%2FdRpT%2BNF%2FLPkztNv%2FcQ0SgwrQa\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa69da92a040afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":126405,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"acd41824e014f19045acab1cff8a76cb","sha1":"7df2efc7ba6bdac8c6d35b6bfbfb3b29dbca1148","sha256":"4a52fadac291ce063deb0e1a6baedf50b73f49154404bc99e868fa9a1453aa7e","sha512":"65f432c188a3019d6a1de6d0ac871f17d8587f312ef6b46d9903a209a6e7122fcad227c95a4b250ea1847b20323ca12061978441f33c83b892edf0286e979bae","ssdeep":"1536:Rca9ycSvyUZWQk1dEbI+TAa3wKX8hKRwFSxdHcUVg2o1mfZ3EKB/ib1JCTBAhsI1:R79y1QpeB8ZhUQaCEu7","tlshash":"24c30a4d7254b97602eb61b6903f460bb237689a540b801cb629d9ed2d7cd8e3237f3d","first_seen":"2024-08-19T13:19:50.368917Z","last_seen":"2026-05-15T10:57:15.106118Z","times_seen":9,"resource_available":true,"data":null}},"time_used":413,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":126,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/787/54593218/54593218_035_367f.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/787/54593218/54593218_035_367f.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 81857\r\nserver: Angie\r\nlast-modified: Sun, 04 May 2025 11:15:41 GMT\r\netag: \"68174c5d-13fc1\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":81857,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"fe8906f76e9aba418c7977442e41687d","sha1":"c3f8ae615e3ea25b59732f81f3234e26d4071c2c","sha256":"78fc8b3d615d8045afce060b9eaa5f4d11b1b63a396d5648f607008d56cedf8e","sha512":"2085ae386c1a4d3d075e6345c3cf479ad857e6bef92f818a7e2a7739e1f8a9e79312e369d7db87da19720ecfd80992794261c3991d091b71f4127e95e7fabc3c","ssdeep":"1536:kegAMPz9/6faskopGud6V8IXu3YY3YIvazQf3RFDvbcO3/0TQXNvr28GCc:kAMJz1MIBeIYoIvaz+FDvbcU/0EXNvrM","tlshash":"37831232ea0499e61dfc0835d93a298be1bf0574c6b17777cb99dde02c7e4821659ca0","first_seen":"2025-10-10T20:35:07.15845Z","last_seen":"2025-12-07T20:02:45.926316Z","times_seen":3,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":194,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/302/33259321/33259321_038_6a9d.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.727Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/302/33259321/33259321_038_6a9d.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 72430\r\nserver: nginx\r\nlast-modified: Sat, 14 Nov 2020 15:30:31 GMT\r\netag: \"5faff817-11aee\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":72430,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"80bb5c0a10f2ab5f7bbc2dea656f3f9c","sha1":"dc0bc88bb55102c3a2cd01f07dc8b8188b8f66b5","sha256":"bc7c8df3997c24c3f68f777b506fdeb0a168de633475e365010565eb94e9f1bf","sha512":"e3088378d87a312a64a11f3f799abdb7796b8a020fad31891e89e183c3fab455d2fc5f5a192c9fa3854bac24707554c8ecf3a2f321e71b514243791c0c7b89eb","ssdeep":"1536:8BRJ9QeQf/OuBM7oSk+5xKXwmcvdT1cdoHWu4Essu19KBBkd:KRJ9QeQfm+Sk+5xmcTcdo74EssK9yBm","tlshash":"96631212efa2b56fc6772ef45064a05ccdffe593b36442331992f0ad604fb41a2491ad","first_seen":"2025-10-10T20:35:07.438374Z","last_seen":"2025-12-07T20:02:45.927751Z","times_seen":3,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/257/26836380/26836380_028_ac06.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.386Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/257/26836380/26836380_028_ac06.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 102031\r\nserver: nginx\r\nlast-modified: Thu, 25 Nov 2021 19:32:44 GMT\r\netag: \"619fe4dc-18e8f\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102031,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"d9903a3e7c97f45c1c91184ade98dbcd","sha1":"dbfb202c6c58c21517779349869a80da08a9f63b","sha256":"836e793cd7d45a5064d0b0b3ac95739622a8c64a8d07867d131270209eb81f65","sha512":"0829427191637a6c0430323b646c58ab5f63089cea82e1a54705810b8f5d1c82b684c5b3d6eabb4ea901ea6c01411d045fdd6b54aa51815b6ae387a2be36e9d3","ssdeep":"3072:NuYw4dH9EfmivXttEfMEB7eDKtgHTAVy/M9NMVdEVQT8s:NuYDZ96KfMOeD1HTAVyEDmdE6","tlshash":"aba312f62156d2f0095d5373313ab495d0f80b12a731f86027a7a66e09afdd4b8c9e2b","first_seen":"2025-10-10T20:35:07.207887Z","last_seen":"2025-12-07T20:02:45.929374Z","times_seen":3,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/1/182/19793673/19793673_003_4c3f.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/1/182/19793673/19793673_003_4c3f.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 119405\r\nserver: nginx\r\nlast-modified: Mon, 30 May 2022 06:33:57 GMT\r\netag: \"62946555-1d26d\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":119405,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"44b07420237cb00d2ec669067c49883c","sha1":"8b487c4b71d7cc95e80f72dae8b21c6aa30dfd66","sha256":"a83e6528eb1442e4c4486f39dd647638795a6d2b55d2ae28aff47dcf4aa22213","sha512":"92090bbd37f4cffa49721c8eae2c840a0458ffd5a322dc46b2bfe6e9f8c2cb00ae906adcd7c02e9c383ebdbad2dde7e4b9c18b02e200bc56c9c757cd893b9228","ssdeep":"3072:UrWyiPQ572XG9Brl5J2JH2MKwl6xRCDP0YfPqNj:UrWy/1kKevKwgxRCDLgj","tlshash":"cdc31263d2bcb93a801a8d7c1f53016e333d976344ae944bd7e90591a378cf78a99239","first_seen":"2025-10-10T20:35:07.617061Z","last_seen":"2025-12-07T20:02:45.930716Z","times_seen":3,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/207/73293268/73293268_015_4f00.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/207/73293268/73293268_015_4f00.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 96604\r\nserver: nginx\r\nlast-modified: Sat, 06 Nov 2021 17:32:12 GMT\r\netag: \"6186bc1c-1795c\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":96604,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"fc552b248e4e040f40c91fa848ac235f","sha1":"6b93064f64662b636fe6dad3914b7fe7d6988012","sha256":"6c743f109633a943fbc386f134020dedff2b0ba0162c1c3f5db1ba78650487b1","sha512":"7d79a451df9c2155b0bbb4659a486c2518f3fb0b4a6617c889d76beab7604fe19f7461f4b5b8f3fc0906e7043267daf87cbd2b6b7d00b1a897b1741b0fe9cb55","ssdeep":"1536:kJinpvI+3OQ9rZHT0Ysz49zPxmUhg5I2/XB7xLC1ZiUUEPr+iHpvFKjw/ASfbUCv:8inpQ++QPwT495fUB1LC1ZfP51shSfbN","tlshash":"bb93127af17802676d521bf2c0b9aacee4a95375fc95c1797360328281b344e3c6e72c","first_seen":"2025-10-10T20:35:07.392323Z","last_seen":"2025-12-07T20:02:45.932047Z","times_seen":3,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/775/61092593/61092593_059_c77a.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/775/61092593/61092593_059_c77a.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 105825\r\nserver: Angie\r\nlast-modified: Fri, 28 Feb 2025 09:15:08 GMT\r\netag: \"67c17e9c-19d61\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":105825,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"faf7878495debe5a45785ccd6b7a0aa1","sha1":"40164e59c2a75fd8a2e5548228686696d1b4d0aa","sha256":"1559a32c883ebe3ea1f2c682b901c73fbc6471bb06cee5c74a6fa7a601e697a4","sha512":"1d01b542f38b88c8d4d8d4c14207974d4126909fd446ba1eb5d284a4370456b438079ff9c20f51089132aaa6664f58e3168c4b9b6a3beabb9d6e16e5f69cb910","ssdeep":"1536:kPPAHWymSJyATg3bygk4lXpCZ73rq8G6OWx5BeZIHTrX+FmvuHHTl7r9IJ7:gPA2yhTebyf2CZ73eN656ZYz6mveH47","tlshash":"37a30268e78297e1886b003dffc78a95371946bce7950981139e039423de844d6dfaef","first_seen":"2025-10-10T20:35:07.742203Z","last_seen":"2025-12-07T20:02:45.933294Z","times_seen":3,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":197,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/13/99047726/99047726_080_a8ea.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/13/99047726/99047726_080_a8ea.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 76764\r\nserver: nginx\r\nlast-modified: Wed, 26 Jan 2022 11:33:51 GMT\r\netag: \"61f1319f-12bdc\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":76764,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"e1b5987da4fffd1376d23bbd065d6c68","sha1":"372a7074f6206b8c2b6ad44fbb79e98aa85334db","sha256":"a0ddf26902b44ea6a18562f9d65cc88bb9aa1634ff95524262acbbee4a506c7c","sha512":"a475c5209b90917bfc99ec1e88f19bb1d34310d0dae01907b4852cd7b11f4ee6570e0dc66d30a833dd51500c6cb58c68c1e7593d3f9f44693fad3dce4218ce92","ssdeep":"1536:kfvKphnigl+/sC+6hOC5qmgnoGc8/HnaCDU0eD1SCjbedWpfE7Waq/:tniA+/sCxOCIfc8/HaCgqdGfal8","tlshash":"f97302a58b05a5465b0f5d3790db23a4fe996433aee7393105b11d421088be3b73a7dc","first_seen":"2025-10-10T20:35:07.558253Z","last_seen":"2025-12-07T20:02:45.935045Z","times_seen":3,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/138/25086816/25086816_008_7541.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/138/25086816/25086816_008_7541.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 81982\r\nserver: nginx\r\nlast-modified: Tue, 01 Sep 2020 09:30:59 GMT\r\netag: \"5f4e14d3-1403e\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":81982,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"56ddf2a79c03b74e7945b352bfbdd945","sha1":"05ef99a3346d618b7af50dff80de45c5aad30cea","sha256":"aa7cafe8d71954ecf3b47ae43749c2f17b7b712142f7b8cc3c08ab7411ce29c5","sha512":"fba52d430639c45cc11dc204b682fc1917ebd477c76c9ac4b22645128a74dbb2947223da0256ac7a4ee064dbc81aa084d389df6801559007a1a8faa3d0810c73","ssdeep":"1536:mpKbEiv2aAKmUwEoY71tu8VfRdg5S+BwaO7Oy7NYNomFQs9oSrdG:0Kzv2aLmO5qSyXOx7NKOY5I","tlshash":"8c830150c2dc4d7860c7a8fd4050a9d79a2c66f0d2cb4b28e9a634f430b3789d8d7e9b","first_seen":"2025-10-10T20:35:07.171374Z","last_seen":"2025-12-07T20:02:45.936609Z","times_seen":3,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/760/92305756/92305756_114_7bc0.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/760/92305756/92305756_114_7bc0.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 145084\r\nserver: Angie\r\nlast-modified: Thu, 05 Dec 2024 07:15:36 GMT\r\netag: \"67515318-236bc\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":145084,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"5f30acfcaf359fb066f83488e04af0d8","sha1":"e932cad0ed43e59880bbc527ca3bc4b2e9af2427","sha256":"b572fa160053520de4eb2b4e067b78585cb3b442dd2ddec6857cad9d166fc5ea","sha512":"89d06393fcbffe25e66d346649146ec00f4dfaf063e263c4d7512148341f71a5726f6a6013e6e42f3d995b4af8681ad8500a4f1d867c0c59f19e427b295ac7ce","ssdeep":"3072:6c6Xw5EKlzz09wvOm+oGYhi5Hmt+D6y262urbdaJnZHegQiSx:N6gGSzz09nm+8qb2yd2urbdIn5eln","tlshash":"97e31354c76bbbbd7c4865c7b7ace01b698f8d3633ec42be71344c8ba48e940a12d548","first_seen":"2025-10-10T20:35:07.244989Z","last_seen":"2025-12-07T20:02:45.938201Z","times_seen":3,"resource_available":false,"data":null}},"time_used":278,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":231,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/3/1/30478892/30478892_009_231e.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/3/1/30478892/30478892_009_231e.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 48996\r\nserver: nginx\r\nlast-modified: Wed, 12 Jun 2024 07:45:21 GMT\r\netag: \"66695211-bf64\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":48996,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x341, components 3","md5":"1ec1cba2bfed37483e2d162bf4b29d3b","sha1":"6194fd10274628ff66d86524b5bb9482fea462b1","sha256":"33a3c4a0fe4cd24172707005d01ad0f436cedf224ef1eccefe58f97f58b2e4af","sha512":"829152fb57cd93bd905c0ecec2e941ca3190dc6e1a0e9816d75a02eca6e413ffd1f9f762127e49c7c3095c0080a0e4195a5527038aba0930e0c07183388a8e19","ssdeep":"768:+RqAe3awZYupPnMJJoJuolbtboi7AtouqEYT6j+8zIqynBI/8czfpHhu+kcwTm3:+RLjXRaJpzl0SwYTl8zB8I/8Mfqm3","tlshash":"cd2301afe667bf0bf1685cfc6133032741ce6276e1f859caac4c732491866469b6b434","first_seen":"2025-10-10T20:35:07.728506Z","last_seen":"2025-12-07T20:02:45.939768Z","times_seen":3,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/783/60193279/60193279_037_febd.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/783/60193279/60193279_037_febd.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 76458\r\nserver: Angie\r\nlast-modified: Tue, 15 Apr 2025 13:15:18 GMT\r\netag: \"67fe5be6-12aaa\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":76458,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"c0c3d19acce3355ed485ebd6d6985455","sha1":"773e3338b4d93901324b1ee7cd738da854566147","sha256":"a4d0ff355694280c5cc9de24b75a5dda536bc69e1eaf24b29e54d2ff23a26246","sha512":"a65ff1bcbd7ad7cee6d002c641243fafb811cb28499308b80add9425282c9edfc2de2c182cc47813b11476e9b086e57d90b9e4f7395aa4c4576d09f5669be2ba","ssdeep":"1536:kXYt0qsQExj53BbZ6OGb/CjJ47s03eUZto00+jY9xqqN5EoT7zSBQE/DKqD:b/sQSBbcOGb/G47seeUZmp94qN5D7zzM","tlshash":"f173013ad198b3c6176135359cd35048882ac20cca2ef6baa5c19f8bedd575cc2de6dc","first_seen":"2025-10-10T20:35:07.227424Z","last_seen":"2025-12-07T20:02:45.941607Z","times_seen":3,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/98/24248361/24248361_156_e664.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/98/24248361/24248361_156_e664.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 46004\r\nserver: nginx\r\nlast-modified: Thu, 15 Oct 2020 09:30:20 GMT\r\netag: \"5f8816ac-b3b4\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46004,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"29af44c75b072340971b4b3ce9d812bb","sha1":"e58915f53da103bac0e3bf29afd0b4e4e7b76c84","sha256":"fd2f69f5feda3ea16edbe479f09c683876c3b55e1ca026fd3ffd338feb12f19f","sha512":"374a294683414cea7b8ba17da5702178d0534c312372d3cb8528bc6488df810c9609f11cb9f7be1bc3547daf3ad1280a9c48360fd628e4b130e8417e5135ab37","ssdeep":"768:mK0sMFCdT0mXqp3p9j0MLOFhoJpNOBhdDWU6/sInJNuwxa9YkydfqCY1Dgcr0E:mKlMFCdT0m6p3ph0MCcpOpzusj2L9fYb","tlshash":"8523f2b1c97029f5bae03c237a650058d9dc4ab8fd681fd885386a0225cedff0b4687d","first_seen":"2025-10-10T20:35:07.153138Z","last_seen":"2025-12-07T20:02:45.943694Z","times_seen":3,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/783/11818472/11818472_003_1a9b.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/783/11818472/11818472_003_1a9b.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 39793\r\nserver: Angie\r\nlast-modified: Tue, 15 Apr 2025 11:15:03 GMT\r\netag: \"67fe3fb7-9b71\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":39793,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x253, components 3","md5":"23ba497d6b672e9b45eb8dc646f3f19c","sha1":"f8b7359c6ac328bf40a2c8cab27d19254cbb77b3","sha256":"5d17d17390906ed336f244eaa228d0ad4a7b033b6b23cb459d888dd4a04316d2","sha512":"412846c19016c8adac4a3a72575dff49acfe9c5963f6206145e696352f08af30a19f8817e54e6f9f7cdba35be17517188a5a68e7496640a051a3277c805f4b77","ssdeep":"768:lnW/4Xhvlzven8ddQenl+urVgiNDj1ST+n72yTWx8DLDlLlM9/jc61ksYKi:lwAplzG8a2VgiNDhSi22Wx8Dfp29/jc5","tlshash":"1303f264eaf35f3fc30a09d92262d3b5c55345269041fd37a2a7e182b3ce560ae8178e","first_seen":"2025-10-10T20:35:07.271186Z","last_seen":"2025-12-07T20:02:45.94571Z","times_seen":3,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/349/68935848/68935848_007_e650.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/349/68935848/68935848_007_e650.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 99205\r\nserver: nginx\r\nlast-modified: Wed, 22 Dec 2021 12:33:08 GMT\r\netag: \"61c31b04-18385\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":99205,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"ed9c634dbd523fdaa38d4995a1c4de5f","sha1":"48e8a34af59cad7a171f35de6092941e5a641066","sha256":"98913fa7513b37404e63aa0130fd106aa518f3925c780bc05d98137811f30837","sha512":"a342521e431db391208bed881f69e9a2cd4ca4c76ffd9ecf299b54abba0dfaf70b8f90fcf54b895eaf3a5e2977f7145b28be7ae9c7670c828588f313f3411d43","ssdeep":"1536:kN2FhSmXRp6/6sWwkPa0Hw+Ce1oKxkuYaD5TWOKMVZgPyvFYLFQLuXhCae49nW3L:DRpI6sDkyohxk41VK6vQ1CarJW3L","tlshash":"a5a312c3c69a4f2ab8e48bf48a9f2933887b03d43dcc69b1550d2179497ca5212ddeb1","first_seen":"2025-10-10T20:35:07.25145Z","last_seen":"2025-12-07T20:02:45.948255Z","times_seen":3,"resource_available":false,"data":null}},"time_used":223,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":151,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/123/63238120/63238120_113_e215.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/123/63238120/63238120_113_e215.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 38140\r\nserver: Angie\r\nlast-modified: Mon, 15 Nov 2021 06:31:50 GMT\r\netag: \"6191fed6-94fc\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":38140,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"183906f40a186eab0e7a805400521869","sha1":"0f5f01b06b71eec8b86afd9b8e8c5f11632feb98","sha256":"e3717d08487919fb0d7138bbc174bfb1383aa100cdbf9a328231b2b066e68a7f","sha512":"a8343a1ea85407352df205ac3e3da31fbbe9cf51d330094c24fe9fd65bcff9767e4a0c43c1bf0a20e84dc19430d96f95e3d172d5aca6285e3b866e5ed1d421c9","ssdeep":"768:miC7AT3Fr/4tX++AKk0QeFCzXaq4ERn8V3bdM2k2ZbPeRVh8/GwyacWp:miFB+AKk0QgCTaREuVLdM2hZzeRVm3v","tlshash":"7203011ff5488a89a9104ab5bc30583bad4bc996fc57642c7fb180fb4d44d311b8575f","first_seen":"2025-10-10T20:35:07.133023Z","last_seen":"2025-12-07T20:02:45.950447Z","times_seen":3,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":86,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/789/41864760/41864760_003_0c19.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/789/41864760/41864760_003_0c19.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 36968\r\nserver: Angie\r\nlast-modified: Sun, 11 May 2025 13:15:24 GMT\r\netag: \"6820a2ec-9068\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":36968,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"966c3a49920d292a097e57005c4d7b3f","sha1":"5c6e536c6062ca1fdad1b540e135ffe50d8d2512","sha256":"949378c29d6d9c7fc9985d3de94a6d76d369acfd9cf89d305018724721782deb","sha512":"b89cb85275104ea7dfb1209f6daeae18f2c91b8d8e9ed2a96d5ca316d7e4204db2c4d2070af836f4edf8912ce595311be83a12f196c27077f3a3655556e6a890","ssdeep":"768:mDyX/xUZftMnpuIekur0NqL0m5qHFPgYCbZwf7skKUrreN7Mt8Jz:m6JqSO504QfJCtwjskpreNw+z","tlshash":"fcf2f1b3ecd724b8d65a50754cba2880b66c1d31af87987e25307958bf1ec599f003ee","first_seen":"2025-10-10T20:35:07.460406Z","last_seen":"2025-12-07T20:02:45.952528Z","times_seen":3,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":61,"receive":84,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/191/63478523/63478523_011_76b9.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/191/63478523/63478523_011_76b9.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 113296\r\nserver: Angie\r\nlast-modified: Tue, 26 Oct 2021 06:31:18 GMT\r\netag: \"6177a0b6-1ba90\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,ds6620,DS6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":113296,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"e61dd1699c1c9f5076524658970323a7","sha1":"ffe5f51c152c78fcb686d8a45a03191042bd7828","sha256":"60b1fe337d3f419840486efa7fafac43eecdd56a781a560a1a2644c4b37d9e0d","sha512":"b2f5f10bf6fa2568699b1c73d4d38d065e058d0f97996f8f493e7e2c80daae7667e7c83b5168e31a3315b693c4b041dc3c821adb52b4f28433d7a9c2e8ea2bad","ssdeep":"3072:CfQc89ppjLgO0uS8ubJDMJvmf5Rh1i9o26MPidmLvJT9dA:0yZXgmS8asef526MqmJTvA","tlshash":"d9b312ff9898df8032b143b3c4d4986c5a165b8232e0dbf63ba5a3b534dd65b8b10e45","first_seen":"2025-10-10T20:35:07.342707Z","last_seen":"2025-12-07T20:02:45.954436Z","times_seen":3,"resource_available":false,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/1/297/14285021/14285021_004_e414.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/1/297/14285021/14285021_004_e414.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 81274\r\nserver: nginx\r\nlast-modified: Wed, 31 Aug 2022 03:34:04 GMT\r\netag: \"630ed6ac-13d7a\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":81274,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"93df2e77529d6ce80299aad5ce930c15","sha1":"f9ae15a17fa086445af3953b2970f562e7e75197","sha256":"6980f14be532db81140a9a03c7945c09de8b9cc2f699577210d31715823f8998","sha512":"25227b8e4b0d7745d17c9fb2ff68baee5f3879dddfc4e3229a49b5e24cd055c3c451bba53117cffb3f49d3953592c1d68390565f061e56a198090eeb3f2f0b0b","ssdeep":"1536:k8kL5cBQYiI+4132VkKxOrKEZVFSe36Xjj33f28U+6vWyqu92HqAVcLI:pk9ZYLNqkZVsTj3vJ6vWrU2HP9","tlshash":"db8312c3df3082f708d2e0faa5e3efb1b2ac56d1bc8a83536925a53093652655f0075d","first_seen":"2025-10-10T20:35:07.512679Z","last_seen":"2025-12-07T20:02:45.956661Z","times_seen":3,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/788/31514756/31514756_096_c003.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/788/31514756/31514756_096_c003.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 67643\r\nserver: Angie\r\nlast-modified: Sat, 03 May 2025 15:15:15 GMT\r\netag: \"68163303-1083b\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":67643,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"6100d3c830022218850d0fe187287da6","sha1":"79387fd3273e03e3295ff3cd2a6517eb6472bd38","sha256":"6436c5343dafdc18053da80b00e5170f87694c3e12bead048ab875d9e35054be","sha512":"1d4113ee1a92d1096ac5185fb8f34fd136e4943f88c1b0564ab512e052480a95342e4b2a74bf5fdeef2b2771f2bc7dc1a865faf821446d7777e75b5ac2e98b0e","ssdeep":"1536:k3vndlhCxgYA1YFXugl4kudIKbctUw+LMXiV3xnDlt0kpZg5VI2:ovndlhCxgYAgegmLzctmLTVBjfg5VI2","tlshash":"18630220ec8373aaefe0359cc61d19a5d97a5a4ac0ea56d8e0c8134b8c573d72e6d13d","first_seen":"2025-10-10T20:35:07.469963Z","last_seen":"2025-12-07T20:02:45.958511Z","times_seen":3,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":153,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/729/80291246/80291246_005_dbe0.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/729/80291246/80291246_005_dbe0.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 83343\r\nserver: Angie\r\nlast-modified: Sat, 14 Dec 2024 04:45:36 GMT\r\netag: \"675d0d70-1458f\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":83343,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"c952c1aede741da1dfa4d351af7616c4","sha1":"d200af42ed157bd00bda7dc04cae018b12cb5127","sha256":"ca363dcf385b7a83382157e23c70f9f70e6b189b3e6d314f6ca89bd576a6ed30","sha512":"1bb73c5a6327a860d6dfaaa89735d294fd95d69c80f134a48ea868dfe5dab7648094d68e7f8b802a85145c9ebb5ea2baee02f9eadaea8bb3eb4e0cc740a24be6","ssdeep":"1536:8Pm2QqqABgbIe6soyKjl6/FXQ4JM5kzWaYBOATwZxbJiwu3WUhG2YcHbhSumZv1A:Ym2QaBw64/dMWbYWjiwuGbp2071A","tlshash":"ce83026da76e1713505c38f7784d0c62a7536e71ea90a02dc5fb7d34cc4d1aca99cb84","first_seen":"2025-10-10T20:35:07.410608Z","last_seen":"2025-12-07T20:02:45.963286Z","times_seen":3,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":193,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/779/46543865/46543865_099_68a4.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/779/46543865/46543865_099_68a4.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 106435\r\nserver: Angie\r\nlast-modified: Fri, 28 Mar 2025 16:15:04 GMT\r\netag: \"67e6cb08-19fc3\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,ds6620,DS6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":106435,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"8005c050a76204cd9512cb9de0ecd491","sha1":"62a3d93871dfd9f9e8433d45b52680b9a594186a","sha256":"3c99037a2dd887fb55ab05f5ebba9d0d1f2b80dc0f826e7db18f37f6edb0a67d","sha512":"fa57389a9dfa2768a54cc9f39224bc687558d642211f44bbe1abe9aa1a2c254c2ec6ae66bdab3d039b68b3266057cea3628a4ce10230464341b3a4baded6113d","ssdeep":"3072:6Xg103liRhWCOyanTzbPgMwCgAZEkhQIFTa:6Q103liRhWC2Tz0RCjSIFTa","tlshash":"18a3122dade7fa116fad5234a8c51d525010b4b1f8e33ced76fe82ad12b3a99914cdc0","first_seen":"2025-10-10T20:35:07.225892Z","last_seen":"2025-12-07T20:02:45.965699Z","times_seen":3,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/509/40741244/40741244_010_ab66.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/509/40741244/40741244_010_ab66.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 89518\r\nserver: nginx\r\nlast-modified: Thu, 02 Dec 2021 12:32:51 GMT\r\netag: \"61a8bcf3-15dae\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":89518,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"aca471bbe7b721b87623167fa59ee6e3","sha1":"788db343105d7a1c115c488723d39f5fe3d8bc0f","sha256":"a500060f38be6f064b6c22e0436980a4924a336e7cc84a588735505036d54ac9","sha512":"c9f54bb984e969fd5b3bc3098bf7b91730d1f1f3ac9155cd9f6afb921f44df7d03c6cb3c0db363f42aa808f0bb840cd7d3b33140e8dbb809ebb3a1e9d237d552","ssdeep":"1536:k6yp8g3P8UHcjurjwLvY08yOUvw6WbSYTmsA895WegM7I+N352Ih9w1AjWb8d6Ev:i8g3P8U8juXUYXy5Y6WOYZpoUI0pJjwQ","tlshash":"8a930235e96a4b119c21943e72105a434ffcc6e2cc5857a17a408ad78bcba6df43eb0c","first_seen":"2025-10-10T20:35:07.641948Z","last_seen":"2025-12-07T20:02:45.968061Z","times_seen":3,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/5/145/87631273/87631273_004_fa95.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/5/145/87631273/87631273_004_fa95.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 81296\r\nserver: nginx\r\nlast-modified: Thu, 30 Dec 2021 13:30:29 GMT\r\netag: \"61cdb475-13d90\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,ds6620,DS6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":81296,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"1378b5339a8fe5ece08d20c5dd64275b","sha1":"4249b26d305522b74ae768395175ea2cb225b397","sha256":"b0bae3cb28680f316fbcdfe4715dae685def6c6b13341f02c04ae90aef56fc71","sha512":"0bf1453b0160d8bbd51da16c7f72f8e3ce8f2ab066bd6d68c3b0926ed68e4a57e20e02e83a6b4e05ff0c876742c6ba679c3c76e3976a730603e3fd5810c7ad72","ssdeep":"1536:kH7hf7VxWM67qTIh/XzNv1VU2v3zSRDCrMKz/FucXKyK/F4F8rwqnCvLkysSmN:E7XWM6lVZ1Vj3GYacJK/Fy8cG+LjsSmN","tlshash":"938302cfcf893b96c2160777efef1d455b4ae900e640749b26b35cef87d00189a0968a","first_seen":"2025-10-10T20:35:07.220259Z","last_seen":"2025-12-07T20:02:45.97015Z","times_seen":3,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/5/78/44637599/44637599_003_9956.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/5/78/44637599/44637599_003_9956.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 95945\r\nserver: nginx\r\nlast-modified: Sun, 14 Nov 2021 02:32:03 GMT\r\netag: \"61907523-176c9\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":95945,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"ab172082eb807097e2ac5843770cceb9","sha1":"9546afc1549ab975f931cc2e203d31839aa5b8b9","sha256":"680b2cc00cd51cd260b370bd68be73da7bd4d1a8caf9709751dba5cf2eeb5150","sha512":"2c8cc743f8acbf9a8751c05bedfadbdf094e0b8f3d05c285fdff0198bdde940418d53812d5c03eb45b0efd005ffedcffd04fde14a886d9399f9745aca29c1dcf","ssdeep":"1536:kZv1CyQBRlR56WMLebkRRapL8wfezhbndCrYiJ9OKPMRx2AeC/UL8d:Ev18jg1LebkRRapL8wfezBckU9OKkPpZ","tlshash":"9293128f755e907bb7f676796e4492fece5048e25f031118e018eab40b6ec806592f8f","first_seen":"2025-10-10T20:35:07.201105Z","last_seen":"2025-12-07T20:02:45.972273Z","times_seen":3,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":178,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/68/84343352/84343352_067_560d.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/68/84343352/84343352_067_560d.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 67285\r\nserver: nginx\r\nlast-modified: Wed, 19 Aug 2020 22:30:12 GMT\r\netag: \"5f3da7f4-106d5\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":67285,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"a56d3fd45a1f1f5784443dca9bd3d743","sha1":"1cc0b94bdaac1f9851bb7f52ece591ae6dc00b3f","sha256":"b4abf8088e5003cb4ff48a3108580b15193c3e4634a970f120d7764b3b865d8d","sha512":"2d62b452604211fc272af2973b9abcfc79cb5bec7ee630e2863c4b1054890a02ad7efe6fbc00c3ee84d398bdb658ecc4ed3f070f789edeef9a23dbba9ee57ba5","ssdeep":"1536:8E6jP+C4ADo6iMbHv1t2VmB/CyBoSmdBLr4n+UFGLZ:aPDo6lHGgCyBHmXv4naZ","tlshash":"ca630243efd03f82eccedbbe13cddd7fda0e6644f9142a1ae34850a11a94986936c516","first_seen":"2025-10-10T20:35:07.297422Z","last_seen":"2025-12-07T20:02:45.974918Z","times_seen":3,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":224,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/619/60158717/60158717_046_b804.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.387Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/619/60158717/60158717_046_b804.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 96827\r\nserver: Angie\r\nlast-modified: Sat, 24 Dec 2022 15:31:20 GMT\r\netag: \"63a71b48-17a3b\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,ds6620,DS6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":96827,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"cbadb437994e4f6ff20586f76baebe02","sha1":"f5b663e1f5a787b50c9f420b4f5c7c88375df648","sha256":"c4d57817700357891858e53f09c0435fd5c7c2f22934e0149c42730fb27c7f0b","sha512":"2b2509021c978f80c826a6351c8fc2789887cd005d24258942ba527df8a30fe84193689e8f56c5c884ba07ae42591a479de9000c8e0d4e32ee63ae6405564e0d","ssdeep":"1536:kNSYRV4b/zl3rMXqFSYek0KF4HmanWPViCR4f4QMsbcQmRvF38M1ob1QdU:KSC4b/zlbFS1ZmM94QXbcQUdJQZ","tlshash":"6893127aac74b891ec8101289e1651f461ccf64b8b761a4d16341fbdebea8a2d508ccf","first_seen":"2025-10-10T20:35:07.535198Z","last_seen":"2025-12-07T20:02:45.977436Z","times_seen":3,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/778/17216602/17216602_022_7420.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.232Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/778/17216602/17216602_022_7420.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 44202\r\nserver: Angie\r\nlast-modified: Thu, 20 Mar 2025 11:45:13 GMT\r\netag: \"67dbffc9-acaa\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":44202,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"81e39f9dc313a31a9078dbcc4b81667a","sha1":"1fb89bd2045f0e4bece0b04c358a08d4656037ca","sha256":"5f771e5915ae85ad9383ce909e61b317961ed375570fefc59f4975a8dbe5b1d1","sha512":"6de4ae20fb4746065f634070eba00ddd4c2950f100d8d18163f08c4f40a28f9e8562aff60e99adeed270e4de04bb28a68d4ed02d8617fad98a2c111733279021","ssdeep":"768:mn6BAwx5AgO+eKyUpHvWFwVzX4uLjudmP+D5EmjzEKDJI0rpVhmhIr:mnSeg/iUpH+iVzXBUmMbjweJI0ThmWr","tlshash":"cf13f243fda9b172e994833f85ba9cd781071b64e3abe1020a351e74cd1a5546ef2fc1","first_seen":"2025-10-10T20:35:07.136599Z","last_seen":"2025-12-07T20:02:45.980787Z","times_seen":3,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":86,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/1/148/48637106/48637106_015_ee5c.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/1/148/48637106/48637106_015_ee5c.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 81671\r\nserver: nginx\r\nlast-modified: Mon, 01 Nov 2021 12:32:53 GMT\r\netag: \"617fde75-13f07\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":81671,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"327a9f1fe33f7d7664b3d12111f65331","sha1":"783fc824c174f8e2adcd0a678e53e94f4dfb3ac1","sha256":"b7a8f827a1edc45c0ddf23b62759befabf92cfe70f962abddedfbd926e4d216d","sha512":"dfb7612aed6a17faa7ca8bb8f854400486ec6f2192e89d6c90cbc71b93aefbe5fee3c2ef5fb45ecaa3a3421b81b1b3ec3a9d901c66ad8f254f73a0a19f98468a","ssdeep":"1536:8VD82Egrcw//FJ/ZcCtA68sXdtxbMlwJeekkO+ZEo/je73l9Z3bFsOo5:U8Eow//jll8WqlwJerUZEVjl9bsOo5","tlshash":"8f83029acfd2ce7ddf201527a4bd2df91ac7c800e90900ec31a265884d973959cbaf4e","first_seen":"2025-10-10T20:35:07.522945Z","last_seen":"2025-12-07T20:02:45.983064Z","times_seen":3,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/140/62877392/62877392_063_3d3d.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/140/62877392/62877392_063_3d3d.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 79439\r\nserver: nginx\r\nlast-modified: Sat, 04 Dec 2021 00:32:56 GMT\r\netag: \"61aab738-1364f\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79439,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"460c40451f09d5b7bb334a1c694d3374","sha1":"7e068b7dea0bd1ae9bcfeabb7b5f3411c20346c5","sha256":"b82fb9a44115fae0f8c9048aaee0061d0ae82271b595206abb2dab4b4797cd2f","sha512":"2202d2934a18383186764cf140751120b93addb3cb6f2b2eeb2d148fec1ba09a2e89d1f997f38ac5af4a52ef30a637d071f9f36181250e30b186c1ba6cef421f","ssdeep":"1536:k7fpAyo+3UuRYxoTtsd5uej8nGuOEF2IqlEiu1V0M5mRdx6h5ocoTDoZK:fyohqdeBuOEzqlEd1noRdx6scoTD4K","tlshash":"cf73020fd545a0deadea57b4058545a0793bfe0ebe11f86e93b4125cb7724e804ceacc","first_seen":"2025-10-10T20:35:07.371427Z","last_seen":"2025-12-07T20:02:45.985274Z","times_seen":3,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/140/14447924/14447924_065_646b.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/140/14447924/14447924_065_646b.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 101280\r\nserver: nginx\r\nlast-modified: Fri, 04 Feb 2022 19:30:39 GMT\r\netag: \"61fd7edf-18ba0\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":101280,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"e360232a181c5203e7280fc21e83bd53","sha1":"556589e6f4b9126db32fdf36e07664334e4c26f6","sha256":"0f3fb121840a0db0fbc06d4fb21231f82e768288c774d994dc66d4c04494af37","sha512":"e388049ca418f1dcc0fd01fd81b214db4074b89adfba612f2ae976bfda37b3c9b77bf611e7f0d8236dfef9a8b274afaaa1ab89c5ea53c7898fed7c2bd911db1a","ssdeep":"1536:kXNuV1F+f9HR3raa7do06wqEByueTfavsDgRPw9xVyDehYOXj8tqM0T76WvGrJ3C:MLR3Wa7do0dqEefav3SVytOg031vGtny","tlshash":"d1a3125ffd1c04994bfe1fbd82df2e3ba694737195cd28802025872efe62146434a5ad","first_seen":"2025-10-10T20:35:07.356787Z","last_seen":"2025-12-07T20:02:45.987484Z","times_seen":3,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/347/50458791/50458791_011_0511.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/347/50458791/50458791_011_0511.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 91083\r\nserver: nginx\r\nlast-modified: Thu, 29 Sep 2022 08:31:19 GMT\r\netag: \"633557d7-163cb\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":91083,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"2b467dfdfe734db2dac6e1d19540ab86","sha1":"ce2722c6bb5a4003a61a7ace151081e2871b0aa2","sha256":"a5b16b1ffb25a269bacf1e784b2051a2d7634d6e5e0a60ad3b8e25fef4960d55","sha512":"e8a2a8abab69b1c88f4c7a41cf894f6e8dd3c636de40daec7311392c156c1aa12a5343b13d18a11cfc11e919f3b8eefd51e56a1e6ffa7da84a44ed023c0a16a0","ssdeep":"1536:kgi7oh7cvnFcyV0OSO2hsyP6+M/HAxOPH+2dnwBxAcXobahrjkXqQDBA9nwEyLnv:H7caiSpi+M/HAAW2dAxAcXvQO9nwEwQq","tlshash":"0c9312828207d874dbb055b11a0c95fdb67cf703de46c90fa69b258a95fd89ec0e07b8","first_seen":"2025-10-10T20:35:07.365845Z","last_seen":"2025-12-07T20:02:45.989543Z","times_seen":3,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/1/223/46789744/46789744_004_a9bc.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/1/223/46789744/46789744_004_a9bc.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 76388\r\nserver: nginx\r\nlast-modified: Sat, 27 Nov 2021 23:31:03 GMT\r\netag: \"61a2bfb7-12a64\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":76388,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"da6baecc2b99b03cd42ced81792e417f","sha1":"c00c548cb71d24d1691c4598ad4eaa88013bbf64","sha256":"a5848ebef056d048ee94796f6826850d200178e168f1866a8b4e54f201ba792c","sha512":"424b81dc58741d4e068d7e4a5d7634254199ca4260ee89b82af8aa7e80c19a2ca5e5fc36ff9318a3d34aeda36d239c6f6293b0cdcb53721f9d173999457df161","ssdeep":"1536:kWnDJ4EPU6crI1D6OhvB0okfEbgQRRW+Gfmn3jl/qGHJU1:9nVtsPAtSVWvvB/rHJQ","tlshash":"08730267ed04b03966bf65fdd5a223c5929603a186650223b70f9e1ae038fcc5c68ddf","first_seen":"2025-10-10T20:35:07.468566Z","last_seen":"2025-12-07T20:02:45.99165Z","times_seen":3,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/1/132/29990938/29990938_011_49db.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.558Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/1/132/29990938/29990938_011_49db.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 39729\r\nserver: nginx\r\nlast-modified: Wed, 31 Aug 2022 21:33:59 GMT\r\netag: \"630fd3c7-9b31\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":39729,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"d67975f1159b1d7fb2ac40f3c8d35433","sha1":"fee1181ddd22cd7ebddda1083189ea8e1fe47621","sha256":"8ab68522b3d6a02611976de33a925996e17462d1ca56fc8bb6c23541d22b0b1f","sha512":"fd6ce9cf5092b6a6bd89327fcf504f8e08910f0b800b351a49104d2090ed2bca3a51131f061825c708fd9da594edd5663c72fb564533b9f75f2ad5a4bfeb8bf3","ssdeep":"768:m5/KgzhctpOvPopBSzanVfq7hWdJuHtkBIjjXi8CSIN8FGmUW7P9CyUzK0xR93NK:m5/SSvPqMzanVfqtWd8i8IN8FGM7P9P5","tlshash":"4603017bdd4935e420463b36e68f10cb7577780be8cc563209503b48ada653afc539b8","first_seen":"2025-10-10T20:35:07.6279Z","last_seen":"2025-12-07T20:02:45.993414Z","times_seen":3,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/386/48419559/48419559_130_2e24.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/386/48419559/48419559_130_2e24.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 65890\r\nserver: nginx\r\nlast-modified: Sun, 06 Feb 2022 05:30:28 GMT\r\netag: \"61ff5cf4-10162\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,ds6620,DS6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65890,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"44722627fdd578c5496b6083313ec8ba","sha1":"c9dba9dad1917be4ddd01d8374b9ff95569d3d5b","sha256":"16b096816a232fc0b7b2abe228fe384db170b2e4d890a02859d92c3a100fb397","sha512":"49aa9a1aaf96398fd25365b60f33a478105e603785dc315f0d6a18db68f325097839ba33812bb009ec2478fd487e54e2da3bc78150fd0f7676046a61fadab83d","ssdeep":"1536:kCm+ArmAMjqeUfrl4QiRM3XPLPS13qUWyRrsQ9qyxJ8o1bEz:m+AxMj1Uf54QR3frS1akRgQUOJh1bEz","tlshash":"6553f119c624ff1179c447e506e36b19e6bb255af3d8218cb6058bb3b26351ba89fc0c","first_seen":"2025-10-10T20:35:07.719716Z","last_seen":"2025-12-07T20:02:45.9953Z","times_seen":3,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sexiframe.com/favicon.svg","fqdn":"sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.937Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sexiframe.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 28 Nov 2025 07:47:30 GMT","end":"Thu, 26 Feb 2026 08:45:16 GMT"},"fingerprint":{"sha1":"DD:85:8C:C7:DA:BE:16:4F:59:E0:67:AF:F8:27:D9:FD:17:BF:18:AC","sha256":"0E:71:22:8F:CC:64:FC:BA:40:EA:C6:F2:DC:D9:7C:B4:F6:27:D9:21:29:6F:56:E2:01:3F:59:78:93:BB:A2:1B"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:42 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\nlast-modified: Mon, 02 Jun 2025 06:50:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"683d49c8-1c96\"\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c3Qt0lnO6KkLZ1tOGPgn6XCclVyQ7rYgxjX4%2BPMzu72W2s7uYO3Xj0OTyEeAoATzW6Bv0%2FM3XPATyQwsnKCPJhUG04BahOGQUdaU\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa69dcd09e70afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7318,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b3e574ca584f1acc65ac3db901db7633","sha1":"5f71d39695f558a189f2cd58dc980d46594e042f","sha256":"32f739dd7e8dbff7da08fdf74b3f290ce21c101185ed330ae816532bf9b0012d","sha512":"0629f5e2636f441b63ccd82b8b8b3f1d9560b248fc1703874c75321c3d000f123421aebb4349e91daaf91b930b6473e1ddd3433c1824a38f1c4e09574995d546","ssdeep":"192:jkCWDlzuaMF1qttzPKxjxubcKY20bhnB5CEtf:2lzM16TKdxupY2aB8If","tlshash":"a0e18ecc5d5b002c0426f3b423aecb759957f25652e826abaed4783994482633c11ec7","first_seen":"2025-10-10T20:35:07.330474Z","last_seen":"2025-12-07T20:02:45.997295Z","times_seen":3,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/1/241/94777019/94777019_006_19fe.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/1/241/94777019/94777019_006_19fe.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 47984\r\nserver: nginx\r\nlast-modified: Fri, 13 May 2022 05:34:27 GMT\r\netag: \"627dede3-bb70\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47984,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"84b5fab79c77b28c02171818e0d507dc","sha1":"5a60368fae0adaeada63cbd0ee17a66bb2ad3719","sha256":"e73391b4203b7cc6467c79a83577006e466f91d8ef94d5f2ab02e5258524900c","sha512":"66268a3a8d06a793718cb7a62e9e2501ebf9618b79187a7b7a4cdd8bc32bead4755469c2a1f71acd3627aed885fe3319696e5755c8283cdb6a9dfa86a62abd3c","ssdeep":"768:m3PEqJOcrcLidvItBTtrrmeRWIqXtkRofpc6tufI8j9uZTjF5lBKKu6PvRegqyQs:m/ZJ9AOvStrnAyX4ufI8RGTjFFzlnogV","tlshash":"972302bfcc066d7c1815fb3d8f6be6727a854546c36fe78cb21694248c9e501f942852","first_seen":"2025-10-10T20:35:07.633522Z","last_seen":"2025-12-07T20:02:45.999875Z","times_seen":3,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/726/73599632/73599632_124_39c5.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/726/73599632/73599632_124_39c5.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 78591\r\nserver: nginx\r\nlast-modified: Mon, 22 Jul 2024 08:15:03 GMT\r\netag: \"669e1507-132ff\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78591,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"f85b66d80c3291d611837c0080b8c213","sha1":"1e91373f8b94cd095f016cad1b93f57cc520414b","sha256":"75cb5e7000a3d6e3f7a879715e6c143a510f007dca0788140d4887e2f18b4a34","sha512":"4e0e3cf0c72c0f5443f3c528e6fc723c5ead580c1e86740e2e3451b4c89f39f6cd2e94419d384313490afefb9d82b831c2c835575279500ff0b3ee799c99706f","ssdeep":"1536:kfFnhBKIpJ4ZFvrs/cfeWGimTQyf1MTDvfsMvGC6d/SlzyO91xshIJdRSpxdhOuQ:yFnHOJmWG/Qy9MfvjLKqlmyWxSuw1","tlshash":"9973129cc8900b7b8017acf6a16dba97f8d98e91bdd786858c2054dc93754ff28cd52c","first_seen":"2025-10-10T20:35:07.1852Z","last_seen":"2025-12-07T20:02:46.002212Z","times_seen":3,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":55,"dns":0,"connect":0,"send":0,"wait":70,"receive":117,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/242/73889459/73889459_137_5bd8.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/242/73889459/73889459_137_5bd8.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 123419\r\nserver: Angie\r\nlast-modified: Tue, 03 May 2022 18:32:12 GMT\r\netag: \"6271752c-1e21b\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":123419,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"aad01fcaeb898445bbea68816c3684fc","sha1":"d96e89c0f817cb52fc3b5ead6599a52d5bf2f196","sha256":"2f9291b27faa757931523298657bc58413f51ba298b46606fe4713ddd21f274e","sha512":"deff43a5fb0859bea8d39fb18bc6c4994bb18e072b6bbfd0bdbb68dfb4deb0da139346c4afed91b011a48b4d6703a3384649f2303b54c42f0346e011d775c289","ssdeep":"3072:Ll6sTMEDmqf2bSNlGvwzhDzGnWAZO6knz1bN:hUyL2b2Ow1HyNZobN","tlshash":"22c312c985cba8b9dca760b5bff279c2e46987f5f4e004bc96846f8050c78964927f34","first_seen":"2025-10-10T20:35:07.41198Z","last_seen":"2025-12-07T20:02:46.004609Z","times_seen":3,"resource_available":false,"data":null}},"time_used":224,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":176,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/169/99199926/99199926_166_3991.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/169/99199926/99199926_166_3991.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 78564\r\nserver: nginx\r\nlast-modified: Mon, 29 Nov 2021 19:32:58 GMT\r\netag: \"61a52aea-132e4\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":78564,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"d28f1b6948a9656b103c3e2f08e75c33","sha1":"8894b089c43db33b075f3c739a8b42d8b21d318c","sha256":"84a7e4040725f4b17edee07e1d62d961512afab3cd50845773a87dfafef96c49","sha512":"ac7e3ac2d53374889c04661e05e0424b6fa6c33c7587312bd20941b3c796a0b8a6aab691ca16f854fad9ba02a3c001b205651ea61af07d4a0875e8b4de324b09","ssdeep":"1536:8ySrdAmuuW0TD1jkCGFwwIS2T2O3z/0HcB49lL7FTu64PhOiY5ICDwCa:CSR4TD1jkCwwwQSO3z/CcBSTu645nCa","tlshash":"b87312cee0c227334f7f1779022fd044175632c8e998e072a6625eab51daaa740f49ad","first_seen":"2025-10-10T20:35:07.187126Z","last_seen":"2025-12-07T20:02:46.006696Z","times_seen":3,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":172,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/783/19700308/19700308_075_0af6.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/783/19700308/19700308_075_0af6.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 121917\r\nserver: Angie\r\nlast-modified: Sun, 13 Apr 2025 14:15:06 GMT\r\netag: \"67fbc6ea-1dc3d\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}],"data":{"size":121917,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"f556f684f1973f872fb9bca07f3d2167","sha1":"fb70f1d8a3e2c06215821fcd669f219e4eb1a709","sha256":"fd8564bda486ff772dceabcd417b3faa858a0e54a44fe70d52f65426d8bdc4c2","sha512":"37283abd5798d44838e28129e26f36cf8ff853e69a0b061750b6394105416c625ae0ea3ca1a8772bca2ec5e7370f75ac4686392013a05da1ff9bffc3acba360b","ssdeep":"1536:8UaYB53kfjxcwbt+0nGblsxveXrl5SX2hMY8vvZQpXs/T+ZnDuGGULrv45+9TE8o:Qk9oVDCaxveVl8v5T+JECrJsMjrMD9X","tlshash":"edc31346f4d0636588386bfb3cb639e333e1c13ad23696417ce9ada1d2952321de9d34","first_seen":"2025-10-10T20:35:07.240962Z","last_seen":"2025-12-07T20:02:46.008951Z","times_seen":3,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/98/87371720/87371720_069_222c.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/98/87371720/87371720_069_222c.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 101345\r\nserver: nginx\r\nlast-modified: Sat, 26 Feb 2022 09:31:14 GMT\r\netag: \"6219f362-18be1\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":101345,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"7d456d2b791642647ce4e77b3eb8f71b","sha1":"573b703fb2a1fcf106b1dadf8a9c26dd6671dbca","sha256":"8b5702b462ce0a64ce9bc12e7eabd8ea45d88a7d756b5b49a5e43ad90b9dd655","sha512":"ca3632a03de01c6cd7e73a03227db966b37b65fd051c42c3440ee91e93b5bfd89fa38ee375b703f9120dffb194a5e5d0dab0d57e322af0f0400d2f058447252a","ssdeep":"1536:8Npo75TK0ji0KFPaggPALuNdxcbOWVuf93P+pai/AZVOxOkUEp1gdvj5SFMgy:qy75m7P5gPALu9CWJ5ZVPkUEp1da","tlshash":"dea3121ad3f824344252affe53fe0ad852688b44fa55d5c5ec207acb9ffc5a0b44a613","first_seen":"2025-10-10T20:35:07.302432Z","last_seen":"2025-12-07T20:02:46.011099Z","times_seen":3,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/474/77764901/77764901_010_6976.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/474/77764901/77764901_010_6976.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 66588\r\nserver: nginx\r\nlast-modified: Sat, 23 Oct 2021 21:32:09 GMT\r\netag: \"61747f59-1041c\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":66588,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"ddc89e8c967139fb2f4eaf596fb88500","sha1":"99eb97273454447b93dfdcce430db5d7cfb7811c","sha256":"03f61073b3cd00b2edd1806479b4b9d784ea82ea508ef0ae53424a17e5de23f1","sha512":"6a3dc416b6ae19f02d63c4bd369d7c7d90bb7b116d8464c0dacc36ab9104244b0bdabeca259a29ae7b889683a5e70c4c47ff328b19474f70738f03c483110629","ssdeep":"1536:kp/7Zr8CeupCHhIGLCJP4Jjiw1dsVZOCIEueSDG7YMJ/0M:gFr3EH36P4JX8rIEuexcC","tlshash":"63530269d86840f87ceab0b2dd1e264ef0c4f374db214246a791c91267bc5f257e42af","first_seen":"2025-10-10T20:35:07.414112Z","last_seen":"2025-12-07T20:02:46.013228Z","times_seen":3,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":224,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/525/70874077/70874077_028_4288.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/525/70874077/70874077_028_4288.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 99067\r\nserver: nginx\r\nlast-modified: Wed, 15 Dec 2021 10:31:46 GMT\r\netag: \"61b9c412-182fb\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":99067,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"76ad348842d044ad27377599d8261644","sha1":"1961adbdf0dcf8d1189638adf2bc09d3cb0ee505","sha256":"af6de753296640bbafbc72a9ef0ed32b0cc20265a6695151f7357964ca157fdf","sha512":"4f33bd5e4a4730902daffb8fea5b6cb3165ebb581503ca89faa45189bcfc08bd38e04541c7d4377c161420b4a789efc15c56cf779157da76759ba58c9305206f","ssdeep":"1536:kAl6NT+045fxpf8mwb2MSCZqJTMYr11Jzqa+h0/Ze10F0qXG1M7p6RHAZPN8:X3045fx2mq2MP2MunJRnE1fqXKupuQPu","tlshash":"22a31244fb5590750d9653b821d303abb803cb34eafa6464307edbaa974215ca83ed7f","first_seen":"2025-10-10T20:35:07.160621Z","last_seen":"2025-12-07T20:02:46.015642Z","times_seen":3,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/673/97653699/97653699_070_d520.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.724Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/673/97653699/97653699_070_d520.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 64126\r\nserver: nginx\r\nlast-modified: Mon, 12 Feb 2024 14:31:31 GMT\r\netag: \"65ca2bc3-fa7e\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":64126,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"1fa142aedf859427efd81e5e06e9abf8","sha1":"609771418cdd713ca3a704adf7b0736ce3c1edea","sha256":"47918a9506435745f3890d244a57c694253f5cca962cd567911aea8ae57567f8","sha512":"5b00632eabe42410773fec95d4ac73e501de07049d4bf49fd65dc69636d5bcacf0ed276ddc5d21a4f776452bd4c25c4b760fcb9b256e26eb305cb964be7f21d2","ssdeep":"1536:kwoylcw1pmt+gB6o2U/RPK5LhwDtlYfYnErNLtMeynM6:PcvtP9/6CDtKfVdtMRM6","tlshash":"9553023bec8563916ea7ddb565d940c533afa3483230669c16c5189abc43f0cab5bcec","first_seen":"2025-10-10T20:35:07.746095Z","last_seen":"2025-12-07T20:02:46.017712Z","times_seen":3,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/783/48282631/48282631_014_d133.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.254Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/783/48282631/48282631_014_d133.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 86026\r\nserver: Angie\r\nlast-modified: Sun, 13 Apr 2025 12:15:09 GMT\r\netag: \"67fbaacd-1500a\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}],"data":{"size":86026,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"a76d09a6c7e7d1f8775139999d51207e","sha1":"05b756919ed5b0a99e8547c3e82d2d03e74b98da","sha256":"0cd4251e369889272e5edd8bbccc4692fd6d8b34b866e69bc39a572283e3d88d","sha512":"3f7e9a12c2f530a262f6af1c13e4af4db08cbaf5a60742e28dbabfbfb97824190790563360bcd6dad1ef7ded52adc272815f0a412d8c83179cbcf8e9e925c63a","ssdeep":"1536:kDtUegtkfH6LOJxguBqobhNHb7e7roTg2FnN7YoAf55+83wl9ig1IV2qlYc5vwu3:6tUpifH6qjvhdjg2FN7YfT+83wl9iwIH","tlshash":"80831229d5b247108c72097decf1129b51a680abf353e7c2de8f466b2c090f0d5f2676","first_seen":"2025-10-10T20:35:07.206466Z","last_seen":"2025-12-07T20:02:46.019718Z","times_seen":3,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/332/93643643/93643643_197_7c4a.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/332/93643643/93643643_197_7c4a.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 106924\r\nserver: nginx\r\nlast-modified: Sun, 23 Jan 2022 06:31:39 GMT\r\netag: \"61ecf64b-1a1ac\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":106924,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"d229f2cf32b25b29e760b14b29451085","sha1":"8d73315ba33d3e9c32814c75a71d259c4a45c5c5","sha256":"efec94d09d8e2345e814ebd13574eedefb13547d1901d044e49e0329eec2c8eb","sha512":"c0f4b6325b83f1c4a5f17bc56816429f7d6bfd5350e4b98305cc5f552e366121196edf971152c30c7f78b4aa7ec857334172cc7d780a86c5d04fcccdfaf6d982","ssdeep":"3072:7AfWFwJyzd9qc6P/wrJal5rktgDfPr+WQJN:kUimd8DP49P82JN","tlshash":"eea3122ac7f205969f71e2bd5f261101f7c64b8530951384e599d423ec5efb0ce4ea9c","first_seen":"2025-10-10T20:35:07.32236Z","last_seen":"2025-12-07T20:02:46.021617Z","times_seen":3,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/290/80137002/80137002_089_7913.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/290/80137002/80137002_089_7913.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 73270\r\nserver: Angie\r\nlast-modified: Tue, 14 Jun 2022 22:32:32 GMT\r\netag: \"62a90c80-11e36\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":73270,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"c02ba9355355ddfa9ca9163dd62db770","sha1":"3f29f36d3c84bacad7e89d077d4be99c44c423fb","sha256":"6a99307905af875aaad35345c40a8d7e118bbc4ebc9157e52f5b41004d07cd3c","sha512":"cb944642659ddde4cc7597264ce28f76af9beeebb086e1067652699125935d58385e5b65f7f9fcad38e61ea07cf16ff1c7f1f374ddfff6c3b40fa3c9f55d2cfc","ssdeep":"1536:keH43trKhSBYMz41Soy8aGcBUnZZkGxdZx13u0mYdqqrkraxlg4GOr2:otrKhvMySoylGAmkGfk0WrOYp","tlshash":"916312d8d3649b1823baf536ff6325ccb1162740d4566e5a8f207783d253be228d3b48","first_seen":"2025-10-10T20:35:07.594702Z","last_seen":"2025-12-07T20:02:46.023423Z","times_seen":3,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/789/34352989/34352989_096_c5f4.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/789/34352989/34352989_096_c5f4.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 89005\r\nserver: Angie\r\nlast-modified: Fri, 09 May 2025 01:45:03 GMT\r\netag: \"681d5e1f-15bad\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":89005,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"c0d8390b0f6ae832bdd3ed900a476269","sha1":"b6462586778bd7c317d1fc5c8d7533cec118f185","sha256":"b33b10206b2ecb2784ff1022aab3a59a0e729066ed607b7404bb4dae3e4de631","sha512":"3f92afa4808e412fe4599448cccd21cd8f2d21991813de9b7e0fdecc365deda5e21978e82e5408d1e21e643f8374a2a475a79cbda3164834d7410d0eacf0f836","ssdeep":"1536:kf6FFl1PZZtoJRNKldddjx4jlO344Ic7L/AqsGhRLff9/+wZYAY7v4KbIAlEkLIO:k6d1XtSfKzPyjlO34nc3/AqjhBNTYvvh","tlshash":"3c931268e2b1c400a74e7b3cc2d593415fa197afa5f71ad6bbce5ec791090e98c0c4da","first_seen":"2025-10-10T20:35:07.724912Z","last_seen":"2025-12-07T20:02:46.025187Z","times_seen":3,"resource_available":false,"data":null}},"time_used":224,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/571/26187561/26187561_008_cc4c.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/571/26187561/26187561_008_cc4c.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 94720\r\nserver: nginx\r\nlast-modified: Sat, 23 Apr 2022 20:31:47 GMT\r\netag: \"62646233-17200\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":94720,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"a628c68f5a838b443137cad15eb86cc2","sha1":"34048f29c705a310cf43987ccc9c6a04c71a2cc6","sha256":"68e04b3712a367a9631ac37dc1cb63175455d515ea0de43c81c8c136c2c25314","sha512":"a16ad6893420d4bb102cf650a3a3923d33c871cbad48e45674b5e3386b56ada4515bdf9e9d1efe82c637c15b60d1eeda8eec3453e7391ceb0d26ebc7e259fe74","ssdeep":"1536:k8C7X2j4/fuPdNoGyEn+pMKc7j425KPZb2tT5gYTC9/8UAaJSyTG60ON5wRt:yj2j4/fudBzj425KPZb2VvetjAaJMy5w","tlshash":"6e9302b205f050513eb118b1cdded5dbc3e8540fb9c594d86ab3ea98c38e695e8326f8","first_seen":"2025-10-10T20:35:07.364363Z","last_seen":"2025-12-07T20:02:46.026924Z","times_seen":3,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/628/24508452/24508452_156_b604.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/628/24508452/24508452_156_b604.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 126911\r\nserver: nginx\r\nlast-modified: Thu, 05 Jan 2023 14:33:27 GMT\r\netag: \"63b6dfb7-1efbf\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":126911,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"a9dd54ac4bb8fe832ac1910c30267b85","sha1":"69920524f1525f418eec8045e15da89eb4958ce8","sha256":"9d178fddbd5bb7b1e4dfe6cbc7f3f143401e7dd36f3b95fb474c88520cf7e3c4","sha512":"a7eb2c1a55d4b6d71f385d58b88ecce65da5660fd2b39a566253e889e455709566ab9d4982142a24a199d3999b30b58b8624b41eb1180d87bc3cb4523c0cf263","ssdeep":"3072:O6mcZrJZFeXb2bnh8H4OHtCedhWN3yt/JTsesmF:OwJF8aF8HzthdhoyXseL","tlshash":"9ec3134ce16a578cce404c34789b1dc150bc17e9b38c95bde05ba66e014ef6d8cb54ee","first_seen":"2025-10-10T20:35:07.279481Z","last_seen":"2025-12-07T20:02:46.028904Z","times_seen":3,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/788/13802359/13802359_071_0e2c.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/788/13802359/13802359_071_0e2c.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 57111\r\nserver: Angie\r\nlast-modified: Tue, 06 May 2025 12:15:20 GMT\r\netag: \"6819fd58-df17\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":57111,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x325, components 3","md5":"2cea4ce428325e3b5c6ac41e9399b24d","sha1":"8f17d045f0e1ce24785493c974250f8812fe83fa","sha256":"5ed18cdad35907ef2c95b117725ae79d47bfa88b5cc22cfe805b29087531488a","sha512":"2863ba13ff8426f1827e672c3c321137e19e4d95d1e27bd3dc984f1c7a1944ef92456361ebbcf34c8aeb608eb63e9ac3523bb209a1f39ec8fa4ee8916cee7e25","ssdeep":"768:uA3npvdrDTjkq6oMgYKiJ9opvbz31Gg+kFAvl3XYmlvPy3zffNxu4PVlLZvJUYR9:uuDToXVcu8AqIl3XtxPU7z/LntD/bwM","tlshash":"a0430225e632ce3073bff7e1e2e6448144ac2965cb5a10bcbe169fdae00074b959e735","first_seen":"2025-10-10T20:35:07.581624Z","last_seen":"2025-12-07T20:02:46.030636Z","times_seen":3,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/218/29228305/29228305_034_a6ff.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/218/29228305/29228305_034_a6ff.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 80925\r\nserver: nginx\r\nlast-modified: Thu, 17 Feb 2022 01:32:02 GMT\r\netag: \"620da592-13c1d\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,ds6620,DS6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":80925,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"96a749f185af177dc43f3d6602618a54","sha1":"44d3d1dbafae8fd273d7fa79babfa7fd2113faa5","sha256":"4c4e772a79ba6cd4f75c2e31a28572c5c2055a36d4bb4056f4309abc9c52ef3b","sha512":"1c8edb2421b5d7713cd98650da34168c3a5a47010c95de350352b501b27f64c2866b471233107ef4ff9be790971adb8c2d805a87092b20a3d35ccfdf7d787b3f","ssdeep":"1536:kE0uSRPVVaEO0lZ4wLR6GOfJpSDrCYV7eXO3MSiEXk5oQsCGEcteFgu:/40EplZ4wLRx0pOV6OcSPXk5u9Yuu","tlshash":"b983022ae2d52f8cc604f0e6c41538e0ac7a5e62f5847612a2311cc3fde5696ed586bf","first_seen":"2025-10-10T20:35:07.62897Z","last_seen":"2025-12-07T20:02:46.032773Z","times_seen":3,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/95/64763715/64763715_069_d949.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/95/64763715/64763715_069_d949.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 110756\r\nserver: nginx\r\nlast-modified: Thu, 10 Dec 2020 10:30:30 GMT\r\netag: \"5fd1f8c6-1b0a4\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":110756,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"70040f7ff2661175343235e3b00af73b","sha1":"7a8918d7b6a226a23f608c12fa3a34f0f61be7ed","sha256":"3cc55772cc44d65dc76a9b89ef319d727cfb6a8e510a1113177ed3200f65732b","sha512":"a1c9da815bac1d605efd3050e22253f2d7433d0fcf12e77428de759b68c77c12ddda7442cd340d8954a63ec561724acf061827066c83648f577f819af0d74653","ssdeep":"3072:TX+40FR9cSADkz9JUhnk0Za355x/KAnSqoNUxJdC9:q40FZskxMnk0Za/p4UxO","tlshash":"cbb302831d9d834ada811db9ff17cd4e99ae6212d44532748c217edf8885903bf9a2fc","first_seen":"2025-10-10T20:35:07.648099Z","last_seen":"2025-12-07T20:02:46.034415Z","times_seen":3,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sexiframe.com/scripts/jquery-3.5.1.min.js","fqdn":"sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sexiframe.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 28 Nov 2025 07:47:30 GMT","end":"Thu, 26 Feb 2026 08:45:16 GMT"},"fingerprint":{"sha1":"DD:85:8C:C7:DA:BE:16:4F:59:E0:67:AF:F8:27:D9:FD:17:BF:18:AC","sha256":"0E:71:22:8F:CC:64:FC:BA:40:EA:C6:F2:DC:D9:7C:B4:F6:27:D9:21:29:6F:56:E2:01:3F:59:78:93:BB:A2:1B"}}},"request":{"raw":"GET /scripts/jquery-3.5.1.min.js HTTP/1.1\r\nHost: sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nlast-modified: Wed, 24 Apr 2024 09:58:15 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6628d7b7-15d84\"\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QHJww9%2F6GpaPX4HibjPUU1Js3HYJo%2FJto21ulWZnTwK7CiNpgyCesfI7vT8ac1bxluEXZCepxeN8KxaGzRS6bxTZMX%2BrOIak%2BUrJ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa69da929fd0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T11:15:02.142843Z","times_seen":15329183,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/302/64318498/64318498_012_78cf.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/302/64318498/64318498_012_78cf.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 73300\r\nserver: nginx\r\nlast-modified: Sun, 19 Dec 2021 11:33:03 GMT\r\netag: \"61bf186f-11e54\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":73300,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"c67c55a62e38c9909765864a2cd8905c","sha1":"604ac237661a603e1d791e711605a23e95e4134a","sha256":"1059bc0e2ccc5ce354a5113a3e897db8e5ef5300d1309cc2a4ff6d7ccd8eb379","sha512":"325b78d09dffd17367ab7efb43709f211a440026547d1e55bdd77146ead4ccd8de88c468d8dfa471926391ffbb6bcb073396c35c5153da0be444c831e1b6aeff","ssdeep":"1536:khoxAo9nVbV9yCFz4I43wS6j03gzS4C+YK1IvYi8zbsxCbCLc73A+jy:EoOo9RjN4I4gS6j03gSRKqx8GC+Lc7tW","tlshash":"59630216d5c0611bac2256bf2da389fb17dcb0eafdb32453f0b05f9b1208d014598b9d","first_seen":"2025-10-10T20:35:07.608194Z","last_seen":"2025-12-07T20:02:46.036919Z","times_seen":3,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":98,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/15/67879276/67879276_016_c544.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/15/67879276/67879276_016_c544.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 86493\r\nserver: nginx\r\nlast-modified: Sat, 27 Nov 2021 08:31:20 GMT\r\netag: \"61a1ecd8-151dd\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":86493,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"ba9605faffbf00be76b6fdd603dc2aee","sha1":"43533dff9c1cca2c2c80f5375c00c53f64ecba64","sha256":"2ee9d23d7da20a03d164ede960983327ce09f296aab0dd02b8e4eb4007d2d5ee","sha512":"8fdd055e07dd1c12cc04cc979519f32ff241365f9281d8e1e533c048ff66aefeaafacf4e2e2bdd7dc9a56741f3c055ad98f8c678f142e03e4b7ccfed72bda97c","ssdeep":"1536:koUr3sXJZseOWvUaPqTvLi8dupZ9cB+x52nml69H3tos2WO6OElHeKcEDvWG4:gyZtcaPqTTipncwx52nml6h3tosROMc/","tlshash":"8a830271fc0c2510041516bde49707a86ced26fcb564bda23ac93dfa8795bb060bf869","first_seen":"2025-10-10T20:35:07.674463Z","last_seen":"2025-12-07T20:02:46.038939Z","times_seen":3,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/86/68175084/68175084_029_290c.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.518Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/86/68175084/68175084_029_290c.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 85040\r\nserver: nginx\r\nlast-modified: Sun, 17 Jan 2021 15:30:28 GMT\r\netag: \"60045814-14c30\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85040,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"012f9767ab409bd0503e6e0e6e2a0919","sha1":"f9e931eef777519890c1d19c67ee98ef999002e9","sha256":"5e52cd6d474f4bc0890069afb1b0be0ae2b2439a9c13ce3f547eb1ee338ddfc6","sha512":"2793b1dba8a03f6052a1eacafc65beaae57826a0b362d88080b09e8ec8ac696f62575a7284c1e658ecbf5e809ffa27dd9e8edea977dd0d628d6d9b91332bdf14","ssdeep":"1536:kupLE5Fdg+S9Ji2N91p4lCT+w0hQeTGLYRcXqexBJ+WNfeqo+pp9q8ZnqCAqSWGo:tpiqi2NTpiCTo/SURoqefJ3MNG9qiIqd","tlshash":"b283027bf10d41f4f56104bd7d4ed5fab90893a79394c3aaa85dc841e20a01b2c7e7ae","first_seen":"2025-10-10T20:35:07.255027Z","last_seen":"2025-12-07T20:02:46.040864Z","times_seen":3,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/779/96942349/96942349_079_5e14.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/779/96942349/96942349_079_5e14.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 148602\r\nserver: Angie\r\nlast-modified: Tue, 01 Apr 2025 14:45:19 GMT\r\netag: \"67ebfbff-2447a\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":148602,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"21175ce60928f3b4d092f21c885ce659","sha1":"5541d1ac33c50e49dcb11d541b7c92c794b8a772","sha256":"458c42294ec26aa89e50906537e0d1629c463d62696fa7fc991945e7b27c1be0","sha512":"66608e1c79bdf09b6008c64490eed2376f0bcd0ed465c3c5e276b812b066199a3370a3ec5cf6f6dee09a0965e91959d1accc1002f423ed3c807958803f96b5ab","ssdeep":"3072:N87C0ax1lk6OlFsOYgUOCu+2WisUDkJ41+HVbH:N8W0Y13udYSSUYG+9","tlshash":"00e31239e0a3e4a0aa29057655accd6d7a2e8379b678e5383d10d707e1bb7ced13d403","first_seen":"2025-10-10T20:35:07.542583Z","last_seen":"2025-12-07T20:02:46.042945Z","times_seen":3,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/3/10/67370973/67370973_005_d568.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/3/10/67370973/67370973_005_d568.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 79320\r\nserver: Angie\r\nlast-modified: Tue, 06 May 2025 02:15:07 GMT\r\netag: \"681970ab-135d8\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,ds6620,DS6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79320,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x586, components 3","md5":"a689b0044b50bc7c6b30168017ea961f","sha1":"80991a56c750f3c988ac0590a760c96568fec2f8","sha256":"aeb31e9b7433b30e455bd3007dbbdae2a49971b3d343dd7e1b42ef9044e3ae92","sha512":"1a9406bbea631824e1afdf77499a828e35b75b71943d85bf7887181f78adfaf779ad94321d32dbf96cbf20c041618cc8b46beb4be35a2c41aafba3c9c7ecc5f5","ssdeep":"1536:cVSw96hjqM9minIg0Sj/+uFOJ+gFpd4i9XIBARDvil479d5f:sXGjqMMinIg0Ag+gFD4i9XPvil47P5f","tlshash":"357301e9e561e8117fe7b7a4f5cca92b34ff7082b5d1aa15e9524282fcb008b3d4460d","first_seen":"2025-10-10T20:35:07.467302Z","last_seen":"2025-12-07T20:02:46.044738Z","times_seen":3,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/163/59395157/59395157_189_1100.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/163/59395157/59395157_189_1100.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 104342\r\nserver: nginx\r\nlast-modified: Wed, 22 Dec 2021 04:33:02 GMT\r\netag: \"61c2aa7e-19796\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":104342,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"0aaf67000f1015d997679a43e048d7f8","sha1":"764ce13a740cb5dcbed9ea1dc1435cf35cf07a32","sha256":"d83f0365daa8f9866cb943289d908dc06d26be946e511bf26ded6d747d9dc21f","sha512":"368f432730c3e8ddbff04f06aafdc6fcc3d98eec0e01cd6071ad996c298db6bf22028b6aa151974435ccb51457742646448b7a7ce0ac9375f686e82d913e1931","ssdeep":"3072:NqRtUUo7UnGC8/96Le5AE4O4hrQ+6YhAzgGhpjK9i8m:NYHo7Uw96Le5AEHm+QYK9i8m","tlshash":"55a31244ef6fa3b3a69af7f9cb2fac2d978108f42fc5947046688293c90774a254485c","first_seen":"2025-10-10T20:35:07.715454Z","last_seen":"2025-12-07T20:02:46.046891Z","times_seen":3,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/630/62978935/62978935_049_0329.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/630/62978935/62978935_049_0329.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 79184\r\nserver: nginx\r\nlast-modified: Tue, 14 Feb 2023 05:31:09 GMT\r\netag: \"63eb1c9d-13550\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79184,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"90c53bde775f1a9b279df361aa689cd2","sha1":"bf951a7567a135b10a9d31b2a69c8acb815ae36e","sha256":"46f3c700568661928631737eefaf5d22ffeaea3e367129882edd39e628f7a505","sha512":"532d7ac7027a5f3a92e35a71f17dea96a41c843c0a788e5dab07daa28e0c0c2e0a8103ef0524c488d9ab6db1111fad1c07bcab941885d8fc90e8d74d06b6f83b","ssdeep":"1536:8LyQFDssB9h6Ak66THo2gdLAef8VxdbLBNOJ+0S47liBxaUnWkq8eTkt:cxDmo26AY8dbLBNW+0lJNNkq3gt","tlshash":"3f730224885cee3da2a082ef16c136eed0ce1b47b85b4ec0375c6e0fa7bf256654151e","first_seen":"2025-10-10T20:35:07.514001Z","last_seen":"2025-12-07T20:02:46.049017Z","times_seen":3,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/579/62797357/62797357_025_129b.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/579/62797357/62797357_025_129b.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 91848\r\nserver: nginx\r\nlast-modified: Tue, 30 Aug 2022 16:32:41 GMT\r\netag: \"630e3ba9-166c8\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":91848,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"035dabeea3e710a070ebb477aa99c6a7","sha1":"4de4820d775e3089bb2a982b547400ce3e252996","sha256":"9e2b08b36575ed7e3bf8fa44aab840779dcf3478cdbaf6f0f2991391ce130ab0","sha512":"a6ff533f0be07243ea0e8e469e1f9023d2406b66b805fc8c2f20992a3f3bf00a3b7cbbeba8a8dd9bc2607e79447e0bf5d76f4ed16a0924ef7273a8e6fc0952af","ssdeep":"1536:8ZfKyzuNqfMGYjznQKgSCEYDSyb7hkdTFRXffB60yA/0gkz090e6/rGbBbV0p:GfK/NqajQKZYDSygTX3WAsgmre6jGdV4","tlshash":"68930238ebc07d62de49077ecc3797ea0a664785e208b4e667f04cb9558c6bad538342","first_seen":"2025-10-10T20:35:07.667502Z","last_seen":"2025-12-07T20:02:46.051129Z","times_seen":3,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/783/78392515/78392515_022_d4cf.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/783/78392515/78392515_022_d4cf.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 95258\r\nserver: Angie\r\nlast-modified: Tue, 15 Apr 2025 01:45:07 GMT\r\netag: \"67fdba23-1741a\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":95258,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x682, components 3","md5":"bfbcc0a229588f78d8777b72d92e4afb","sha1":"0734079c5385a36a4590d0f5a388db42e826ad7a","sha256":"58ed0dd1864696bd4155b60468e923ad4f75c694f06f1cbab0ba4309d68376e3","sha512":"072d546a930d4a06147b79eab144e57cfb9364bc520e0f377ea0b6e702dd5da546c7800d07aefc5c57b0ce0c9400256305c9c563ee27a98ef131f33c7f314d60","ssdeep":"1536:8m1B1pdX5DOBT2GkyeNwKBvqMc2Wo72lknpdQvN9a9YTokTHXTfkug9FAKfdTmkY:L1Bh5KBaLyybvnce/nwi3kfmfXByoYfz","tlshash":"6a93122cc1780d4e962dd2f7e3c304f36a188a3befd9b2891c1da1857a792ff1545861","first_seen":"2025-10-10T20:35:07.527661Z","last_seen":"2025-12-07T20:02:46.053152Z","times_seen":3,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":135,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/286/77107976/77107976_260_e9f7.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/286/77107976/77107976_260_e9f7.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 96488\r\nserver: nginx\r\nlast-modified: Fri, 05 Nov 2021 17:31:22 GMT\r\netag: \"61856a6a-178e8\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":96488,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"e9fe7184d785999eb1b0473fd5e73af5","sha1":"710bc43a3cd51b7446a37418137c973ae335d47a","sha256":"8bf2297fc302870565cd0814060549d9434c6df6ef6d0f39fd4e2d0e12b4be4d","sha512":"b89a1251f560a578a9a4c73b63ac8a781b6545fd20beeb52fceb9819b17a24a8eb63d23fb1f5e06b678466c9e6709fd5e68dbd235db93b24b60f805d75abd65f","ssdeep":"1536:kn9hl/ZJrKYd4tXjeHIQ3uigUmU1+YHL0bY4YTPuCKS+8V8p3bh1VwkWo/ATermb:E9PHrB4xjYg36DgY4VSqh1VwkWFerpTy","tlshash":"019312f4b5ee0525e228e2668327d6830f8fed18e21716845913cae4effcdd9c536261","first_seen":"2025-10-10T20:35:07.415631Z","last_seen":"2025-12-07T20:02:46.054898Z","times_seen":3,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":176,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/122/64946005/64946005_187_cc78.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/122/64946005/64946005_187_cc78.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 99915\r\nserver: nginx\r\nlast-modified: Wed, 17 Nov 2021 12:30:53 GMT\r\netag: \"6194f5fd-1864b\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":99915,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"76c859c568eca732eb4618c98d998a2b","sha1":"a7e1cc0cdf02e9ec4ea029a741bf3e2055d51bfa","sha256":"599ddf7b212f9fd41a3e4cfdfd65098a2c3c7c646de38bdab10d2aac36db8692","sha512":"3e0b7871b529df922023d2568094ce1cc80772d58cd14298856a8569ddef003ccef0810a6494eef6eef1c9a3bfec86b3a9559662d4744ad74d0418b095f2b940","ssdeep":"3072:WxgDkNR0WZeGIM9+i9xMGksjqrmxJs3ZTZAm:WaWdeGf9+GMGksfxJiZT5","tlshash":"4ea312dc4fd970b5e3bb2a7330b8679ad7da4434d97eb14cb139302900a4ec55b93866","first_seen":"2025-10-10T20:35:07.233316Z","last_seen":"2025-12-07T20:02:46.056644Z","times_seen":3,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/5/30/92117677/92117677_007_525a.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/5/30/92117677/92117677_007_525a.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 129227\r\nserver: nginx\r\nlast-modified: Thu, 16 Dec 2021 10:31:03 GMT\r\netag: \"61bb1567-1f8cb\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":129227,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"da1b68aaff2ab33369897506bc41b93e","sha1":"7585c4627c75e00dee87b358ee2bbc82b3d18425","sha256":"1173c2bdc9ffa23833dc18fffc84d43c61eba3db7ee4d20fae272c5f224a9ccc","sha512":"73fe8caa51384ab7df570450fce38d770bd47054b313139899f01b5a948fed6505a5893dac1d8fc1564680a5d7edc19d26105961a89748e160911e814a98118e","ssdeep":"3072:C1RgNzqKbDAlWkNogCoBKLwsHymQrOTDPimjUcJ2H29v:CDgNzv4bfSPy4nPiaUcJT9v","tlshash":"6dc312bdb5179837811233e870a91ed693739b56c70eb2888a54332ce28f63b446f774","first_seen":"2025-10-10T20:35:07.189855Z","last_seen":"2025-12-07T20:02:46.058271Z","times_seen":3,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/627/28107983/28107983_057_931b.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/627/28107983/28107983_057_931b.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 76596\r\nserver: nginx\r\nlast-modified: Fri, 06 Jan 2023 23:31:22 GMT\r\netag: \"63b8af4a-12b34\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":76596,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x341, components 3","md5":"03f7279fa7aaafbeedd036d092b7f84b","sha1":"9110eb23d5db6ceec32e55ce22a27ce17bb23138","sha256":"9b71a4e2bf2982e3eec28793cfae6660999fb4991507c3e6c71de29c9266649d","sha512":"f1c00fcdb48ac75f57c40a3c55d116c23d1cd5031ad33fb0acb3b497458364c3522354f43d322b7e6e3797f7c7d10d49505127b1ed0af399e7e38e71697f14a4","ssdeep":"1536:+Gf+5IXiAKHtqvXnKR/87w7pMKzEIwKEgzu6iZG1HhcoxuL0RBfgWNYSu:G5IyAKHsvq87wzFbvKG1BcY7Ygc","tlshash":"0e7312fc6d36832a5311ffe0f656238602636363edb7a0eb99fa187482e55d10c9361d","first_seen":"2025-10-10T20:35:07.390823Z","last_seen":"2025-12-07T20:02:46.060032Z","times_seen":3,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/789/11644657/11644657_037_5945.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/789/11644657/11644657_037_5945.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 119352\r\nserver: Angie\r\nlast-modified: Sun, 11 May 2025 11:45:12 GMT\r\netag: \"68208dc8-1d238\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}],"data":{"size":119352,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x816, components 3","md5":"2097c2fa7049bcb46e8bd8b371ec5a14","sha1":"db251c5148d3e7eb70a38c9a3f2442c61663beeb","sha256":"34fb95eeab26ff76218220ec0e6583bb87749faa362a3a8731427a3a8242af15","sha512":"4cbed5c5b6d020be463526b28fcb2420969fd6dce732d30279dd33a2ce3d8f78736ddac8d886eb2ff347e5b2eadf8a27093cb416f9b0481809da2ff7ecb75054","ssdeep":"3072:9p7CZX6+HUIviHqujaNmMa7aE1xIunP6qmIloqWSAlnX6v5l:9pLQU4iXca1xIuPCIlTWzs5l","tlshash":"83c3120df260f953ca0c7a9fc250b23f65dd4b1ab7a43d29c3102da6c51efd49d69a22","first_seen":"2025-10-10T20:35:07.395338Z","last_seen":"2025-12-07T20:02:46.061621Z","times_seen":3,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":34,"dns":0,"connect":0,"send":0,"wait":70,"receive":125,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/566/79405586/79405586_002_ef72.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/566/79405586/79405586_002_ef72.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 79643\r\nserver: nginx\r\nlast-modified: Fri, 08 Apr 2022 12:32:37 GMT\r\netag: \"62502b65-1371b\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":79643,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x610, components 3","md5":"579f1f13eeff5e20bba8a36ab56cd445","sha1":"fb875eac6c4b38d242da713941c3126078a339db","sha256":"2d869e5d28b1e24bea928444ba25a0d2287e95aa58c4bfffa3f3c9813be0f4a6","sha512":"87bc13576bad4c3d9f3cbb1330223715434a6cff2614e1bda658e3eb0b1ec19f4bed21063331616aa13ab7f98aec91816a579205da3ef8c964144966a68e56c2","ssdeep":"1536:UmQpnSmeRR8P1PaYhRX/BA4yIhttTxT+qLJF6IsX9:BRa1PaYjBxqqD8X9","tlshash":"4073021dcdaf8a1ff7097a7a52c1055361d0642fc5b8b7146be6e8acd80128ec67cc9a","first_seen":"2025-10-10T20:35:07.239284Z","last_seen":"2025-12-07T20:02:46.063385Z","times_seen":3,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":85,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/789/91123123/91123123_044_d6c0.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/789/91123123/91123123_044_d6c0.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 33183\r\nserver: Angie\r\nlast-modified: Thu, 08 May 2025 16:45:14 GMT\r\netag: \"681cdf9a-819f\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":33183,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x253, components 3","md5":"7da63bed3b0b01463fbb430018b99988","sha1":"7273c75827b58e97b36e174c060d98887d93ec58","sha256":"3e8873171e7f2e973a4ec200b5d6a8bb87573f278fabce0e40d587fa3814debc","sha512":"6bd244ccf0a5228b1cefd56a4db47ba4e364e65747d9047f843b66477b50d6132f8a4ff8c4006deff5dd20711f2f1af8f2c9f7b292029b39cd69df99c9500671","ssdeep":"768:lNuMq3Ng+Z7c+UQi4THL7h6l4LPxjmc9mjStQ:lP0A+UQFPUctVm","tlshash":"91e2e1eb50045201b1cad0f6e59fb3b5c472422e9b5337263c62747abe9d281e0f6286","first_seen":"2025-10-10T20:35:07.175383Z","last_seen":"2025-12-07T20:02:46.064946Z","times_seen":3,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/429/21691361/21691361_116_4209.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:39.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/429/21691361/21691361_116_4209.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 122618\r\nserver: nginx\r\nlast-modified: Thu, 03 Feb 2022 22:33:19 GMT\r\netag: \"61fc582f-1defa\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":122618,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"ec2c5b4ceab5ded192fc61f209d96e6f","sha1":"2007b76dcbc4dec484d4001eccde56f4298d4a64","sha256":"6a7c0d63d8971dfc57667fee90a048090e4b4041635cf0b2399cf53388610af9","sha512":"d6ee4f2ed925a4efc4f869ec0e9f4f4f5238296c1bffce6c2b97ad66e9ab99573a175331923497968196e7c4b1648d7b3ab337517ba83b7a9a729b4350e4729a","ssdeep":"3072:nZg9/SLYLyvW1/daFpzlv0/KNfOWkHthts1:nZgALKyvWvaTN0SN2Bg1","tlshash":"e8c312cdf2e19e4f939aba2e5a04fa9e8ec78234bd15074095591c132abd74f3e48c74","first_seen":"2025-10-10T20:35:07.287784Z","last_seen":"2025-12-07T20:02:46.066521Z","times_seen":3,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/1/343/31320857/31320857_006_75ba.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/1/343/31320857/31320857_006_75ba.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 44068\r\nserver: nginx\r\nlast-modified: Tue, 15 Mar 2022 13:32:04 GMT\r\netag: \"62309554-ac24\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44068,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x253, components 3","md5":"d079ccee6aea1b6aea45fb1ee7be69eb","sha1":"79d97bd195a5ff16a04778b85db1eee07df03874","sha256":"1c19b3c3b6882b60093cb6ebf6f566bfbd14ab00ba2d7962d49b8668e5e3b2cd","sha512":"d419c307282e0c44cfb6585614a06823105dbd66cc386a03c0337ae73ea870debe7a82d3f5a33bf98e16444e4d1d5960df8e7436b8f0791037967b59dd3587b5","ssdeep":"768:lhnvRZlK1v4LwfIctDLUAOuqPHIh+CpGGOgfDxtGrUDhYwjRwdhaMG:lhnvRZlukwfRtDLwPoh+CpGFyD3KUDhf","tlshash":"6213f18cf18d91d19fea25bde0035af33483ab0ea4ac3b54f5066a06432499b85e2f61","first_seen":"2025-10-10T20:35:07.736073Z","last_seen":"2025-12-07T20:02:46.068191Z","times_seen":3,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/3/10/59196682/59196682_009_d82a.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.515Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/3/10/59196682/59196682_009_d82a.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 124171\r\nserver: Angie\r\nlast-modified: Tue, 29 Apr 2025 02:45:13 GMT\r\netag: \"68103d39-1e50b\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":124171,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x610, components 3","md5":"be281d9d0aabe945adef0d9e06279b48","sha1":"4ad04d4c2c7022d0e31b36dbdd9bc8e12ccf9150","sha256":"0d018b13f384075949d4e309f725318106ae34943fe3a0f35573bf8a7e8b205d","sha512":"b26bbb64824ef52e7c4a9e81bf2056b8d236144a4e8fec93744a86d29cc661875e72d35e5deff90968ea69124402db0e0ca8a2b0d2d0d5ea1ded921254cfca62","ssdeep":"3072:QR2oVZAG7rVwP/qnGf3EGfO6LGcINhmIjaBTjEdd:QR2oXr23qnMUKOGGcINhFKKd","tlshash":"99c312b26e4276638bd1f1afd34431392f793b95993a30408d7303e9b68967c8d653ca","first_seen":"2025-10-10T20:35:07.40435Z","last_seen":"2025-12-07T20:02:46.06977Z","times_seen":3,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/743/10162500/10162500_025_b10a.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/743/10162500/10162500_025_b10a.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 105861\r\nserver: Angie\r\nlast-modified: Fri, 18 Oct 2024 04:15:10 GMT\r\netag: \"6711e0ce-19d85\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":105861,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"77c25bef8ed725056ffd29d13951d649","sha1":"23acc5c7f6ca9ca3b54fa5934c53a9cb3a420034","sha256":"6db075ee1fd9f24f9009410abc22d9a965c77577b049050ff771baf7327b52c5","sha512":"6b220ab31a84e2ebbd7c0fb8227316bdc965e35457edc56a1d2ce0942bdfee6e824fffc9427a51b179bb38d081a47e9716191c33785c515229d3b57e0858a419","ssdeep":"3072:1QcT1my8X3LdsquaSdWdqZqZ2C9pqof1PFudPC:1QcTUy8X3LKquaSAdqZqZZ9/tPFa6","tlshash":"2ca312e4bf62137ad507983693de4c977fa7ca33b3623412907276d5ac0c2920a173ad","first_seen":"2025-10-10T20:35:07.698383Z","last_seen":"2025-12-07T20:02:46.071264Z","times_seen":3,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/519/79644219/79644219_090_03ff.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/519/79644219/79644219_090_03ff.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 82915\r\nserver: nginx\r\nlast-modified: Mon, 01 Nov 2021 11:30:47 GMT\r\netag: \"617fcfe7-143e3\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":82915,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"7dcb006075099ae2d48367c973535395","sha1":"39e23d31cc4707315e903cbdbd6124abc12b86db","sha256":"044d0b7d636ffb8bbdb013ea8575992de9f0c21328262ecfc677d394cda50b5e","sha512":"60a7db72295659821e1eaa9a64a2a57a0b38686af46459783e200d004666596cb06b879165966a68d9d0f263b7041019c3d736c281f9eb56b0bd017caa721fc8","ssdeep":"1536:kiMhMXMnVx3Bj6t9KDk5DXnG7Lnby5NkZTO6OCv2hDB1YsiPvEUZtbt+Mc3H1T:qaXMbI3KDk5DXnGHmNkZi3uID/cPM0te","tlshash":"2d83124cca425ac3588f4efec88d14279b0ef7a3e0f08ea8b3194f79fa590566411dd9","first_seen":"2025-10-10T20:35:07.466041Z","last_seen":"2025-12-07T20:02:46.073206Z","times_seen":3,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/1/318/47980839/47980839_004_a7b8.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/1/318/47980839/47980839_004_a7b8.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 65371\r\nserver: nginx\r\nlast-modified: Fri, 04 Mar 2022 13:30:13 GMT\r\netag: \"62221465-ff5b\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65371,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"3ac0afea020722edfd55c9fb5fc449be","sha1":"2dd01a358bc7e3fd271b6525593dcd157f78dc4d","sha256":"90913e49188d8c9f5d9f5401fb086c089ccaa5ed1b1bd2cf1450899e8674d617","sha512":"3fe6b4cd99d3afbacace55f441d077549eb0567045906590c4a6eccab7de939862eab5d4f82eec4de83553098dc410eaf7b3e04afd433d0607eb3f7cc4e23065","ssdeep":"1536:kLqsHQ1PZ1PmlokbF40C+rEz++BDNtFkgoXyNpcJmjPLL:0qswfdm5F404LBDNZtNpamjX","tlshash":"06530167ed48f29a8c62b3f1383d094d279fb714cd463e2f007bd5f52c9696294a09ac","first_seen":"2025-10-10T20:35:07.62107Z","last_seen":"2025-12-07T20:02:46.074702Z","times_seen":3,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/320/82426564/82426564_013_a304.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/320/82426564/82426564_013_a304.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 80649\r\nserver: nginx\r\nlast-modified: Fri, 27 May 2022 05:36:08 GMT\r\netag: \"62906348-13b09\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":80649,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"79dad5fffe3d4553a572d20fc7d1ff04","sha1":"cf34db00fdce7b9e27ac901d2c09a9a5eff7d280","sha256":"7784b4813109f86d89303a15e607c200a30514a189fcd7aee298921c8e54cff5","sha512":"3c92fc5fa58a0649a077cb5c30f96cf6d3167fe9c21b989c31d5363e0280b0e5f0b26c68ba2d78c50babceb004a3bcb15191e4f3704c8851543c22e86fc26be9","ssdeep":"1536:kDS8TiQBD2QcBGponfpYNMi99Tm1iem3V9huGAeyVp3jIzr7:iS82APCeofpZirTmwemlruve6p3czr7","tlshash":"30730212f781527496f8b5bdee96b343349afe30f318a4a522613706d10e52bd7fd841","first_seen":"2025-10-10T20:35:07.268043Z","last_seen":"2025-12-07T20:02:46.076375Z","times_seen":3,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":173,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/779/17817135/17817135_050_7473.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/779/17817135/17817135_050_7473.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 76979\r\nserver: Angie\r\nlast-modified: Mon, 31 Mar 2025 23:45:02 GMT\r\netag: \"67eb28fe-12cb3\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}],"data":{"size":76979,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"e2287b12b11f562afec42f10be5d0cad","sha1":"eb190d31625a890805c972b770c89943268d1132","sha256":"c7ca17945940a8b37d6bc14731491dba852608f093fd7a87ef828ce98501a53f","sha512":"45acd45b1931da9f0883194b0b61a5491fce5105ffa05db7f03a45a89e740f23f416d5440f3b0145f6e98800ee163f5dc4018e275bfe0cb3a9f7db2bfbb7e34b","ssdeep":"1536:k1uLXOr5FF8WpYS4KgRojwyZlkHaE3/3kfm9zqbiF4EJxbysPiBTIviGgz/0b1:IAg26Y/uNisfm9y/MxbyUXviG8+","tlshash":"2a730294cd18e8753c7cd97eeafa055d013f6fa0b702966f178ba8a092a0913ff16058","first_seen":"2025-10-10T20:35:07.323718Z","last_seen":"2025-12-07T20:02:46.077935Z","times_seen":3,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/48/20789763/20789763_046_77e8.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/48/20789763/20789763_046_77e8.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 74370\r\nserver: nginx\r\nlast-modified: Wed, 04 Nov 2020 11:30:15 GMT\r\netag: \"5fa290c7-12282\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":74370,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"51c558561e10cc24dd0f85c67cebfed8","sha1":"3f8cfd6ee0a35dad52efa9b280a2269e44dceef9","sha256":"1f3bb0b4390ddbbbae462e2840c7a18471b642fbf4b1c6b2259e9c2596e989bf","sha512":"6d76b6d712d42d4594f3296064366ca68a355c7bd57fe62b09db5b3f1e68bbf8acdafd07d47a7d694ff74f23991af5e3ca7257d5b597c868c2f9a7d14c39cda9","ssdeep":"1536:kzL4gaz0wDk9w6x0n9taRO36Q7mK+TIXZysESJvZI3ctRYPM8P3Csx:s474wn6x09tyO36Q7mtIzEGUMRYPzC0","tlshash":"8e730200eca3eee4d81a03bb7c1d7f25492db07a5b7444c3cf75a706d1aabba11d2495","first_seen":"2025-10-10T20:35:07.687203Z","last_seen":"2025-12-07T20:02:46.079457Z","times_seen":3,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/5/98/70114288/70114288_013_b9f0.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/5/98/70114288/70114288_013_b9f0.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 98274\r\nserver: nginx\r\nlast-modified: Sun, 20 Feb 2022 05:32:48 GMT\r\netag: \"6211d280-17fe2\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":98274,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x705, components 3","md5":"697a7891bcd0baa1e21e6ebee7a62952","sha1":"46b44044993956cd6a564b05d10ca6376fe24842","sha256":"2aea278c8480fb1a8aae6b26063902a65c033500d4dc6838b6a1e7db6b4b268a","sha512":"3c3961616f8d27daa0c53cb7d0c5a294aac0b19e6c64964e1048d80db8ebce087b003e9140ff57b285ec18c5bca93a0a598bf3f0058438347586d4f15535dfe2","ssdeep":"1536:TBeRYAX5PF1TT9Wzax2+29wYSdt9EypWvS51OBHpTjnBPFI90mjE6+1TBlIOc92X:WtBQzax2+29w2bUQBHNrB9I90a+Zg7Ba","tlshash":"a4a31217c3e7b5856faf5bf61009c00b4fe06688e7a99a0bea14ccc5f49ea4174382dd","first_seen":"2025-10-10T20:35:07.696749Z","last_seen":"2025-12-07T20:02:46.081111Z","times_seen":3,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":37,"dns":0,"connect":0,"send":0,"wait":70,"receive":122,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/5/170/70819654/70819654_016_f806.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/5/170/70819654/70819654_016_f806.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 38396\r\nserver: Angie\r\nlast-modified: Fri, 29 Apr 2022 03:32:06 GMT\r\netag: \"626b5c36-95fc\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":38396,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"c64f53ae3f516802b8751b168f8ace9c","sha1":"2bf3df8ab6ae71c44a518421ba871823ae2a1a9b","sha256":"12762f466c9cfce866c44349028b5c234d12084224d6a04adeff2512d5dabcc5","sha512":"2e890d27b69e774f03b95114130fd66a0ea0f786c18efb287b7e6fd25b5a20f485f4d34b6c34249a25c21e99c3c41dad36c0fabc2358d12286b2e7f5e24d0bac","ssdeep":"768:myLkdHwjlPwrtQh4M7QsRR5wAjSlin9FOxtVIOLeGYD5ToDTDsfsaQ:myLkdQjBwhuR7T/5POxEOCGY4N","tlshash":"5903f284d9f9206e81c646f2612ed298daedc11bf9a78c0121f5bf10ee94b0ce0dde56","first_seen":"2025-10-10T20:35:07.451907Z","last_seen":"2025-12-07T20:02:46.082736Z","times_seen":3,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/457/53502018/53502018_079_28dc.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/457/53502018/53502018_079_28dc.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 90181\r\nserver: nginx\r\nlast-modified: Fri, 30 Sep 2022 13:31:28 GMT\r\netag: \"6336efb0-16045\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":90181,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"3d3eb510c7397d73512c84c44a8d5ac4","sha1":"b21035f9c233463e82642171fa433b1e36f797ff","sha256":"95c72c1e7ae6d533e2125cb644b19ade87032979a819cfcd742909f88c415713","sha512":"165b4be9136221d7cbf43a0b6c4f8f01ec234239d5f0af7cc5062ee44bc99e928e8f830a63b75d5c757293cec1218bc6d6f91308e2c2b7a06d7914aab3789be4","ssdeep":"1536:kuo+/o+2B8xupRC3lW5rGVTyaelQZ6H385+N8lsFhWr0vK32PmEgvMWDDYUAy2Nl:J/sOxe6llTyFQQ8EWlsFhVotDYUqaI","tlshash":"5e9312dbe8ca32e00365017731da1263b1eef5a59ba6055a4e33981fdc4acd3d2cd436","first_seen":"2025-10-10T20:35:07.574126Z","last_seen":"2025-12-07T20:02:46.084128Z","times_seen":3,"resource_available":false,"data":null}},"time_used":248,"timings":{"blocked":68,"dns":0,"connect":0,"send":0,"wait":69,"receive":111,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/758/91940998/91940998_037_e708.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/758/91940998/91940998_037_e708.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 113085\r\nserver: Angie\r\nlast-modified: Wed, 27 Nov 2024 21:15:26 GMT\r\netag: \"67478bee-1b9bd\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]}],"data":{"size":113085,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"a00798a8d0d7603017109813dc4cf845","sha1":"3ec883172725f4c187f0fd50d7ddce17df5803e0","sha256":"8c654355d26df09e910cd7cf95ad94bf1b2c479c4308611a7fe874eb478d47ba","sha512":"0471c8cd47115fbf85bdb0b71a02ea20326ef7a743839a249c723002fa44000050f51c1967bf7ab36093d269f3933d05cc44a7bba861311260c96c03e70c1c75","ssdeep":"3072:2d5IqoSdIOxEPSs7dDez2zF2X+9mQj4w1hwOYl0:CIqJdIgyi2z0Pan","tlshash":"73b3128bf780fd72a7204bb10a9f0980b1389ba354d9d1d154eea1ae53b316bd37078d","first_seen":"2025-10-10T20:35:07.691917Z","last_seen":"2025-12-07T20:02:46.0856Z","times_seen":3,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":14,"dns":0,"connect":0,"send":0,"wait":71,"receive":128,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/547/10818248/10818248_006_a940.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/547/10818248/10818248_006_a940.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 60920\r\nserver: nginx\r\nlast-modified: Fri, 05 Nov 2021 07:32:35 GMT\r\netag: \"6184de13-edf8\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":60920,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"3e53c6a07428b43aa88659157f1f9c82","sha1":"7e7a5192a7c190ea16d0b6d01840298c6c1e7eb7","sha256":"88ceba0d0a7987967391c87acfddd73e566d459c7f414f744f027b63b593b523","sha512":"a9cb0dd934abd7d0dd349561cac4eb49d35640f6985a3a2a0f7b0fed011666feae80912e61e8e54dab36ca2ee26de1aece8ca1d0d232a7a1f7d59e47828793a1","ssdeep":"1536:k5tq7DbQlsURclGPEkXYFwQVjXkiiCFI9H+j+Wl:Gq7D30clGcFFRlkiiCFI9Hq+6","tlshash":"21530220de27b15b9d5dca7f2a509c4cbb0a0d61e3dbf900b16074eaa2c077ed1ca95d","first_seen":"2025-10-10T20:35:07.21453Z","last_seen":"2025-12-07T20:02:46.087103Z","times_seen":3,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":85,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/783/28405799/28405799_096_9e86.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/783/28405799/28405799_096_9e86.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 92499\r\nserver: Angie\r\nlast-modified: Sun, 13 Apr 2025 12:45:22 GMT\r\netag: \"67fbb1e2-16953\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":92499,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"c63669492464574c8210761219a41fa6","sha1":"b0631b6fbcf0b224c7fbbb2479cbd41cfb70d3ad","sha256":"29a61cd776dd6818f97368e5d64942fb337afb1c43d46b4337b02adef293d147","sha512":"f2fa99e1f93c46cc43e85dac3156eba4aca42d21ae4b1c862b692360cb34004afa19d3888e3f8a088e17034c71db8a93df146c66a04a14685e6c66fe4dce19ad","ssdeep":"1536:kEfpvCnmijw9cIwU56325ANp9a/b6xW3DhY6dT7IJX9IZ3b575v:BhqVocuQRpu6sa6dHIJX6ZV1v","tlshash":"2d9312a0ffd445d27cca90779062885d30baff96fad604161aea7e210d4d1efa142b3c","first_seen":"2025-10-10T20:35:07.173623Z","last_seen":"2025-12-07T20:02:46.088471Z","times_seen":3,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/789/50406995/50406995_166_2079.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.254Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/789/50406995/50406995_166_2079.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 94051\r\nserver: Angie\r\nlast-modified: Sun, 11 May 2025 06:45:19 GMT\r\netag: \"6820477f-16f63\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":94051,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"5e973986f0acb91cb6ea21f97e7f17e1","sha1":"bb04bde5d72ddd6820d14c718c480d5ba0aed2ce","sha256":"23958fed095ebbdc28b4c1a4495b8e0f74c40f8d952a714901ae47e6c7198e3b","sha512":"6f452e865fd39856fdc12ffe65eb753d39a363b5c96149b1e4e4fc5aab308d807cef83845a62fabafb3b2c19cdabbb56715d55a737707b505ee591b69846c672","ssdeep":"1536:kcnQ+fIvFC5MXZ0YeY1l57BhLIFFLdyQLx44jun6skkmcDoUDjtVJSdFvhDCveQq:R/fKK00Yzv5T8FpnTjun6tkmcDFDRDS7","tlshash":"159312dc4efc7356c2698ef1a9ce194c2a7513fcd8cad613b40495c81d2da5e5d822ec","first_seen":"2025-10-10T20:35:07.434569Z","last_seen":"2025-12-07T20:02:46.089887Z","times_seen":3,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":187,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/782/78684181/78684181_106_2a79.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/782/78684181/78684181_106_2a79.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 84169\r\nserver: Angie\r\nlast-modified: Thu, 10 Apr 2025 21:45:10 GMT\r\netag: \"67f83be6-148c9\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]}],"data":{"size":84169,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"5dc65dd99ea490eb32ac0b887b38dd2e","sha1":"dbbc61b166aea587e89cc25b9ad53c9c172c5881","sha256":"23b580c6d48dfb097926d063e2019d79ddde3c57da3fdfbf16d2caa1ce89451e","sha512":"71cf89fa2b107cfef05950c5dc6f72965a880d0cb55180b55f3ca7fd7cbe259bed556da9f2cedd7dcaf6d0ce05190f11dbc56854e9b7205a414af309c669c25c","ssdeep":"1536:kbcrxcnrNYmDiWlxmbzp8FgykTKEjf3KNIEaHcdHykGjJQ7MBGOmAq2PlzTkEiNN:7YRHDBlobSChn/KNbkcQkz7OGOmcvW8E","tlshash":"e8831291c421e8e6e203537424ac541a85b68d2dc37ffe057e58dddcbca6d138288bee","first_seen":"2025-10-10T20:35:07.400281Z","last_seen":"2025-12-07T20:02:46.091354Z","times_seen":3,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":199,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/293/24896449/24896449_072_102a.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:40.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/293/24896449/24896449_072_102a.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 86397\r\nserver: nginx\r\nlast-modified: Sun, 24 Apr 2022 14:32:56 GMT\r\netag: \"62655f98-1517d\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":86397,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"b7947376cd778f159261be6e278958ac","sha1":"9785b0b5cf1cb2a68beed2d212ff6d5c01517b85","sha256":"7610e43b61835ef09931639f67f80600fc1bf603dc153103dc87a3a2b4bb2b1c","sha512":"45a0271ae076fafcaab4553edc92f53665d6e8831be5804cb3f2a450e7cc7888bd6e2e73acf0e21da3324e82bc5a7866f6fde22a99e05d3628e337419d0a4d61","ssdeep":"1536:kjb/WEip9SUO4/4CExyPTIGejDHGFnj3pz1bAYgSG4BK3LzmCarMW8uNos:+b/WEiqUH4CExqTreHH4nbx1MFSxK3Lu","tlshash":"948302482a4cd726e2f8f0b11820e76f706f1db5351d2749ea6b3250c62582d7783bee","first_seen":"2025-10-10T20:35:07.42319Z","last_seen":"2025-12-07T20:02:46.092652Z","times_seen":3,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/367/46809835/46809835_155_8fdb.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:41.095Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/367/46809835/46809835_155_8fdb.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 71799\r\nserver: nginx\r\nlast-modified: Mon, 02 Nov 2020 11:04:23 GMT\r\netag: \"5f9fe7b7-11877\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:38 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":71799,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x690, components 3","md5":"273742e2cd81c824f3b2792b386bdf65","sha1":"78ba89cacd3eb331126504578f113810d759fbdf","sha256":"d7d3ab9e56a588573c1f40d1d0f10227e9c48a46bacc8bd87adaa1e5e635590a","sha512":"fa621201358a7e380abe0eb458f0371dca3634cec17e4ecb9ab4e19b026dba01c8cf0754dc6a85af5b229bbc7be191ebf593e4e2a790f243516778fd9e540245","ssdeep":"1536:knJ6gbxg5+0t/ybYKHl/buSR/lenK14LXPRx2B74i/qfbpn4:gJxdg5+0Wl/V8uI/KBB/sba","tlshash":"1e630278e687cc6b594db9f08c732daa92f9d21591b25920dc39dcdc232904b3f9e15c","first_seen":"2025-10-10T20:35:07.289027Z","last_seen":"2025-12-07T20:02:46.094114Z","times_seen":3,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/776/45054797/45054797_059_d57c.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.106Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/776/45054797/45054797_059_d57c.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 90448\r\nserver: Angie\r\nlast-modified: Sun, 09 Mar 2025 03:45:10 GMT\r\netag: \"67cd0ec6-16150\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":90448,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x642, components 3","md5":"486cd207f8f98524c0d2082a7060c89f","sha1":"2378658f5607b88773fc4eefee44fec171861d5d","sha256":"d68070826f337f5a0720e216da3069ad79dd056df4052ade4246f5d83919c583","sha512":"814742fb81cad2e06ac6bb8478f30853f40c55c6dc0555f2fa03e86c32f66cb4cd5f6fd5d07312d7bff69009435482b033b0b06a1bd84a40bd2b32d6a3904c9b","ssdeep":"1536:07r3ZtX0gjWbpWIPCOEKZAjL8xj4YdG/VH2fK4WAU2Z5FNfW1pCoR7D5Z1fEJAOy:ubPXJ7IPpEKZAH8qYdIZT49HZh2IytZz","tlshash":"be9312eaec00257ef31a48f09a5f196f82257f41f3fd8cee08a7a4e76c5651b54485b0","first_seen":"2025-10-10T20:35:07.1693Z","last_seen":"2025-12-07T20:02:46.095471Z","times_seen":3,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":168,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/517/42696838/42696838_254_d118.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:38.769Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/517/42696838/42696838_254_d118.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 52578\r\nserver: nginx\r\nlast-modified: Wed, 05 May 2021 09:30:31 GMT\r\netag: \"609265b7-cd62\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6620,ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":52578,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x301, components 3","md5":"a9e9d8556ad253f765139f698f59724c","sha1":"eabfa9cc9a5e70ae987178daa6c728fb1c1fd0ae","sha256":"217e13cbabed428b2ece40be4d06286d4a62128be61860b5f7c59bfca995c192","sha512":"b3134ec7626d3898be000ffecfaf6a81852e27270d982f9ec471c384db2b087662bcd4c2ae6abb9d7ee0fd02ce7a82b4f063c6a94eed140eebb3e4deb3e689a5","ssdeep":"1536:mgluoyHoNrqoTjLG/4ZqBR/Mc0RM1AOBvn5:HQ9I4mZqrMc061AA","tlshash":"0233023df0be2b8854299e28c826c2c4b17c0588ebd58571a5dcdeeed65aa9bd06009c","first_seen":"2025-10-10T20:35:07.587344Z","last_seen":"2025-12-07T20:02:46.097011Z","times_seen":3,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/7/572/96925246/96925246_008_0e4a.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:36.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/7/572/96925246/96925246_008_0e4a.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 102016\r\nserver: nginx\r\nlast-modified: Sun, 10 Apr 2022 06:30:30 GMT\r\netag: \"62527986-18e80\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:36 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102016,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x460, components 3","md5":"e9ef11ef1f73db346dc8a98bab247851","sha1":"3ddb7eed0b30e7945edeb1b09e4737a39c0aba03","sha256":"50908a3bc2a510722871969c3e815eb51f7a8c94f49bd9331536311a52d57dd3","sha512":"4b9527147fffaf3fa709ce226c6a14506445cfb2332fd4cbd5c3da1af95eed37c2886440bf30b903739fad605b46d3151ccc1e9d34e7620ada662855ba640bfc","ssdeep":"3072:+HtSagbePq4BjZfixjZlkpWdwVh5llVEbD+0gOS:teSQ2ZlndwT5tEbD+9B","tlshash":"5ea30224873069f98c059a163523855eab87fcbf7acf676308b3168052c39538a9d7a7","first_seen":"2025-10-10T20:35:07.230153Z","last_seen":"2025-12-07T20:02:46.098555Z","times_seen":3,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":71,"receive":130,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdni.sexiframe.com/460/3/5/29845448/29845448_001_5153.jpg","fqdn":"cdni.sexiframe.com","domain":"sexiframe.com","tld":"com"},"ip":{"addr":"45.133.44.50","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sexiframe.com/","date":"2025-12-07T20:01:37.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdni.sexiframe.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 22 Nov 2025 02:33:25 GMT","end":"Fri, 20 Feb 2026 02:33:24 GMT"},"fingerprint":{"sha1":"D2:18:25:E2:3A:CE:C7:64:47:E8:1F:BC:B6:CC:E1:2E:A9:16:BD:53","sha256":"BA:94:0E:89:D7:60:87:20:46:35:2B:CD:C5:AD:63:53:11:97:8C:A8:8B:0B:66:5D:64:E4:CE:E3:FA:35:C5:CB"}}},"request":{"raw":"GET /460/3/5/29845448/29845448_001_5153.jpg HTTP/1.1\r\nHost: cdni.sexiframe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sexiframe.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 20:01:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 102160\r\nserver: Angie\r\nlast-modified: Mon, 10 Feb 2025 03:15:10 GMT\r\netag: \"67a96f3e-18f10\"\r\nstrict-transport-security: max-age=31536000\r\naccess-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-max-age: 86400\r\ncache-control: max-age=2592000\r\nexpires: Tue, 06 Jan 2026 20:01:37 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ds6320,DS5059\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Angie","description":"Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.","website":"https://angie.software/en/","common_platform_enumeration":"","icon":"default.svg","categories":["Web servers"]},{"name":"C","description":"C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.","website":"https://www.open-std.org/jtc1/sc22/wg14/","common_platform_enumeration":"","icon":"C.png","categories":["Programming languages"]},{"name":"Perl","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102160,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x816, components 3","md5":"45ab895adb2a21f12faa657ca39d2938","sha1":"94b81fc8ed16d9aa7715a8e71b4184989b14c175","sha256":"1e9280ecabb574d95a8c6767a9ad19171b92443779b3b969d0757773ac66bce4","sha512":"b987f4b0b03954fd24e7071f4d657a21a91629e74edf0a659c7d9b5dfb65ea44a1f2fefb5c34e31e61e30232f2e2a48aa51b7ea0d92b1fca40292b854d61df37","ssdeep":"3072:61c592ij11xBzbcTCLYsapnyzY0A+VbMK1:6+T2ovM+E0A+CK1","tlshash":"6ea30279b3d8e3f661e723b196d8188e9170e3c0e84529e41e2cc512e5ae36f111ebc9","first_seen":"2025-10-10T20:35:07.738402Z","last_seen":"2025-12-07T20:02:46.100194Z","times_seen":3,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":89,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"cdni.sexiframe.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}