{"report_id":"9fb5a905-d9ef-40fa-8de6-abcb6431763a","version":6,"status":"done","tags":[],"date":"2026-01-03T10:44:02Z","url":{"schema":"http","addr":"pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"172.67.207.152","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"title":"Lawayan Mo Bro para Dumulas ang Kiffy","dom":{"size":9496,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (8967)","md5":"f4c9b2471282636645111826138b73f1","sha1":"602279d28fcc5708839b213a079b0e76b915529a","sha256":"b0431f15db0a7b537a93274798cdcda95cbf8655c13762b660a26bda111fcf33","sha512":"74f479f6f96c87de3dbd9a954b005c21fed421cdecb254745c2e94969a21534001f7be062447c853db8159b54983b781f1b6986cee5d8208c3b1002273f385b6","ssdeep":"192:lxfchcZAoIedWCyZVVm90u70+GKE8fmSfMyj6gu3BLTCw:lxcWUdr8J7UMrfMyj673BP","tlshash":"9212f96069141128f477d14ef4f0cf99622a8047e7a31e9ef2ed5a7bcbc6c9625a824c","dom_hash":"domhash11452d69631e5ecefb13054f02bc2cfd","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"172.67.207.152","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-07T10:44:02Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":23}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"crossingshare.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"crossingshare.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"playhubconnect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"mat.143flix.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"fp.metricswpsh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"video.sacdnssedge.com","ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"domain_registered":"2024-01-30","domain_rank":155152,"first_seen":"2024-01-31T13:27:57Z","last_seen":"2026-01-02T12:45:58.565554Z","alert_count":0,"request_count":3,"received_data":1438339,"sent_data":1616,"comment":"","tags":null,"fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"bid.onclcktg.com","ip":{"addr":"45.133.44.24","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2023-11-28","domain_rank":350689,"first_seen":"2024-02-11T04:01:24Z","last_seen":"2026-01-01T23:17:39.394743Z","alert_count":0,"request_count":1,"received_data":1505,"sent_data":486,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-12-28T22:14:05.525046Z","alert_count":0,"request_count":3,"received_data":122889,"sent_data":1637,"comment":"","tags":null,"fingerprints":null},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-12-31T21:55:03.360474Z","alert_count":6,"request_count":2,"received_data":171912,"sent_data":820,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"go.mavrtracktor.com","ip":{"addr":"104.18.40.50","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-05-28","domain_rank":0,"first_seen":"2025-10-30T22:47:01.721715Z","last_seen":"2026-01-01T13:50:34.70149Z","alert_count":0,"request_count":1,"received_data":3413,"sent_data":658,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"js.onclckmn.com","ip":{"addr":"45.133.44.53","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2023-12-13","domain_rank":342528,"first_seen":"2023-12-28T01:05:45Z","last_seen":"2026-01-01T23:17:40.362263Z","alert_count":0,"request_count":1,"received_data":148109,"sent_data":423,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"bid.onclckstr.com","ip":{"addr":"62.122.173.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2023-12-13","domain_rank":445643,"first_seen":"2024-03-15T17:46:34Z","last_seen":"2026-01-02T00:35:35.946593Z","alert_count":0,"request_count":1,"received_data":560,"sent_data":457,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.pahindot.cc","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-02-22","domain_rank":0,"first_seen":"2025-11-25T17:58:09.75094Z","last_seen":"2025-11-25T17:58:09.75094Z","alert_count":0,"request_count":1,"received_data":1868489,"sent_data":559,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"onclckmetrics.com","ip":{"addr":"138.201.236.216","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2023-12-21","domain_rank":18509,"first_seen":"2023-12-26T11:04:13Z","last_seen":"2026-01-01T23:17:40.342797Z","alert_count":0,"request_count":1,"received_data":322,"sent_data":835,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"guidepaparazzisurface.com","ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"domain_registered":"2025-03-12","domain_rank":51755,"first_seen":"2025-04-29T00:57:48.054581Z","last_seen":"2026-01-03T06:01:38.243512Z","alert_count":0,"request_count":20,"received_data":239130,"sent_data":18762,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"kettledroopingcontinuation.com","ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":196057,"first_seen":"2025-07-30T15:18:19.355595Z","last_seen":"2025-12-29T13:33:59.184771Z","alert_count":16,"request_count":4,"received_data":2116,"sent_data":2269,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"sourshaped.com","ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-10-06T14:35:38.581947Z","last_seen":"2026-01-03T09:56:38.479224Z","alert_count":2,"request_count":1,"received_data":513,"sent_data":490,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ads.quality-traffic.com","ip":{"addr":"104.21.2.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-04-02","domain_rank":1697304,"first_seen":"2025-03-05T04:44:50.068828Z","last_seen":"2025-12-27T04:24:03.978772Z","alert_count":0,"request_count":1,"received_data":520,"sent_data":533,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"flushpersist.com","ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-07-01","domain_rank":23810,"first_seen":"2025-07-08T10:43:12.76905Z","last_seen":"2025-12-31T21:11:25.087578Z","alert_count":6,"request_count":2,"received_data":1060,"sent_data":1528,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ad.twinrdengine.com","ip":{"addr":"34.111.67.216","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2023-06-07","domain_rank":79586,"first_seen":"2024-01-20T17:03:24Z","last_seen":"2025-12-29T00:28:01.15306Z","alert_count":0,"request_count":1,"received_data":4885,"sent_data":494,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"creative-sb1.com","ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-01","domain_rank":22211,"first_seen":"2025-08-08T09:32:32.509707Z","last_seen":"2025-12-30T08:11:41.528618Z","alert_count":21,"request_count":7,"received_data":249533,"sent_data":3149,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"drimquop.com","ip":{"addr":"195.201.208.168","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2025-03-10","domain_rank":17833,"first_seen":"2025-03-25T20:25:54.722464Z","last_seen":"2026-01-01T23:17:40.497431Z","alert_count":0,"request_count":1,"received_data":322,"sent_data":484,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"playhubconnect.com","ip":{"addr":"104.18.15.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-09-25","domain_rank":18094,"first_seen":"2024-10-01T12:19:44Z","last_seen":"2025-12-30T09:09:47.883332Z","alert_count":8,"request_count":8,"received_data":5167049,"sent_data":4120,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ruxella.com","ip":{"addr":"104.21.22.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-16","domain_rank":0,"first_seen":"2025-10-17T01:57:02.048615Z","last_seen":"2026-01-03T06:01:37.691537Z","alert_count":0,"request_count":1,"received_data":10588,"sent_data":529,"comment":"","tags":null,"fingerprints":[{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"mat.143flix.com","ip":{"addr":"104.21.14.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-10-11","domain_rank":1771839,"first_seen":"2023-05-15T23:32:59Z","last_seen":"2026-01-02T19:28:36.360848Z","alert_count":2,"request_count":2,"received_data":67690,"sent_data":1259,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:8.3.23","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}]},{"fqdn":"onclckinp.com","ip":{"addr":"116.202.249.56","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2023-11-28","domain_rank":20672,"first_seen":"2024-01-03T15:28:46Z","last_seen":"2025-12-31T07:59:18.820561Z","alert_count":0,"request_count":2,"received_data":681,"sent_data":1036,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"go.forscprts.com","ip":{"addr":"104.18.40.50","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-02-13","domain_rank":168242,"first_seen":"2025-03-11T08:31:55.912898Z","last_seen":"2025-12-31T11:09:10.884221Z","alert_count":0,"request_count":1,"received_data":2807,"sent_data":942,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"pahindot.cc","ip":{"addr":"104.21.76.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":7865,"sent_data":1057,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.show-creative1.com","ip":{"addr":"104.21.15.229","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-20","domain_rank":392451,"first_seen":"2024-08-27T12:23:01Z","last_seen":"2025-12-29T08:13:36.913204Z","alert_count":0,"request_count":1,"received_data":2272,"sent_data":476,"comment":"","tags":null,"fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"js.onclckbnr.com","ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2023-12-13","domain_rank":384217,"first_seen":"2023-12-18T10:32:24Z","last_seen":"2026-01-01T23:17:39.522853Z","alert_count":0,"request_count":1,"received_data":85378,"sent_data":433,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2026-01-01T07:47:27.133157Z","alert_count":3,"request_count":1,"received_data":377,"sent_data":415,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-12-28T22:17:10.032556Z","alert_count":0,"request_count":1,"received_data":17441,"sent_data":430,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"pahindot.vip","ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-11-25","domain_rank":0,"first_seen":"2025-11-25T17:58:09.744517Z","last_seen":"2025-11-25T17:58:09.744517Z","alert_count":0,"request_count":42,"received_data":1509353,"sent_data":25431,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"reCAPTCHA","description":"reCAPTCHA is a free service from Google that helps protect websites from spam and abuse.","website":"https://www.google.com/recaptcha/","common_platform_enumeration":"","icon":"reCAPTCHA.svg","categories":["Security"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP:8.1.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"www.guidepaparazzisurface.com","ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"domain_registered":"2025-03-12","domain_rank":0,"first_seen":"2025-10-17T18:20:34.583428Z","last_seen":"2025-12-17T20:47:59.028974Z","alert_count":0,"request_count":8,"received_data":5672054,"sent_data":4312,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.google.com","ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2025-12-28T22:22:31.188277Z","alert_count":0,"request_count":4,"received_data":114438,"sent_data":2552,"comment":"","tags":null,"fingerprints":null},{"fqdn":"protrafficinspector.com","ip":{"addr":"3.120.91.143","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-06-18","domain_rank":614186,"first_seen":"2025-07-25T22:45:21.95813Z","last_seen":"2025-12-30T21:57:49.11287Z","alert_count":0,"request_count":2,"received_data":842,"sent_data":880,"comment":"","tags":null,"fingerprints":null},{"fqdn":"crossingshare.com","ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-07-15","domain_rank":3476137,"first_seen":"2025-07-30T10:04:24.46197Z","last_seen":"2026-01-02T08:34:22.276647Z","alert_count":12,"request_count":6,"received_data":197038,"sent_data":5433,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.gstatic.com","ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":146047,"first_seen":"2012-05-29T15:36:17Z","last_seen":"2025-12-28T22:24:05.936453Z","alert_count":0,"request_count":7,"received_data":3573122,"sent_data":3340,"comment":"","tags":null,"fingerprints":null},{"fqdn":"bn.adbestnet.com","ip":{"addr":"104.21.90.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-02-09","domain_rank":659069,"first_seen":"2025-03-16T19:35:45.726512Z","last_seen":"2026-01-01T23:17:40.034263Z","alert_count":0,"request_count":5,"received_data":14625,"sent_data":2728,"comment":"","tags":null,"fingerprints":[{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fp.metricswpsh.com","ip":{"addr":"157.90.84.242","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2021-10-29","domain_rank":154722,"first_seen":"2022-04-22T11:20:32Z","last_seen":"2025-12-31T09:44:40.044694Z","alert_count":2,"request_count":2,"received_data":824,"sent_data":1064,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"mat.143flix.com/matomo.js","fqdn":"mat.143flix.com","domain":"143flix.com","tld":"com"},"ip":{"addr":"104.21.14.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3b15a5dfb84f2467de1742e24bc42c4b","sha1":"1175543d4130141bce1b2aa84925d94b40f0d8da","sha256":"b4e85bf817418063c7bef172d47b552bf79e60e32dfe2f8783d487609c4b8b19","sha512":"913547578f5e8b4824fcf45bbb12cd5316dd5ef5bc25021e0e66c41f57a9f0f63d7c0caa60b254ba3f6ff155497f27b69f470ed21c57b6e2f136281b265349a6","ssdeep":"1536:IydsUOQKezcVo9hm8s28Hy2Fyl5mrDKuR8WE1I3TFto7b06:IaHj9hgmutR8RAFG","tlshash":"2253b4cab2c2757a5ace2171507f010bb2faacaa1448c464f12ad4e53d39d0e957bf7c","size":66266,"data":"","first_seen":"2023-04-11T03:14:14Z","last_seen":"2026-04-13T07:12:43.973019Z","times_seen":80,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/get/1990309?id=1990309\u0026pid=__clb-spot_1990309_bew_7\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=3\u0026uf=0\u0026freq=0","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"9faccf742c2ff2be13e06c5ee071361c","sha1":"0911771b22a11783d9501da25096f7d3662d891e","sha256":"56ece365b6d4efea3e3325aa7b16aaf9863b3aac908e6dbb4bf136e9040b7822","sha512":"8e834e5040dd89847961ae46a707f9178018da0665933303421aae9c8d9abeb83c59667c3c134f66444ac45ca0126869b5e30d6f0c5c250b9017c6153dc5f5ba","ssdeep":"96:O9IjVVKdw8r9IjVVKdw8p9IjVVKdw8o8/9IjVVKdw8sxQBk3N+y74o:HjVyajVykjVyoHjVysGmVUo","tlshash":"2cc1fbe84106abe74287fd8137ba4adbb984f112cdbb643d0950f972455c53d383f652","size":6125,"data":"","first_seen":"2026-01-03T10:44:24.701019Z","last_seen":"2026-01-03T10:44:24.701019Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/get/1923765?id=1923765\u0026pid=__clb-spot_1923765_hon_3\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=1\u0026uf=0\u0026freq=0","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"b4c805bf694d565c856278acd0ffa2d8","sha1":"c886237acd930ee2ccd7ae946969a2c4b840570d","sha256":"787640241eba9c378f56415b86511f76a0595e96c8d40f5e9195843bb140a3c3","sha512":"a65cc8854123c1bb59f80ecabce8e30fe175dfb8d387b8a39f2892a391cfedf8d0be841e86d1152272076cf58e674803f24a61b42e62b7af68efb2d9c96ae6b4","ssdeep":"96:SmhHS0c2rvDPWfSAHSQHS0c2rvDPWfSAHMHS0c2rvDPWfSAHJHS0c2rvDPWfSAHF:Smh7NjDvQ7NjD77NjDE7NjDGJmpo","tlshash":"a6c11aa65083edfe8917b8831b736eb1ed1ac718e8d4e5d160ece9e5508436f860d1c9","size":6143,"data":"","first_seen":"2026-01-03T10:44:24.85301Z","last_seen":"2026-01-03T10:44:24.85301Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/plugins/clean-tube-player/public/vendors/jquery-3.4.1.slim.min.js?ver=3.4.1","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d9b11ca4d877c327889805b73bb79edd","sha1":"dd15958a3f0f1f3601461f927c4703a56ed59011","sha256":"a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f","sha512":"787598a2bb567b6372c4722263fc18f369cae1194f2030c3483e59bd31eb4e48aaf6d01efbe0c186ae6b0dc0b4db1a87c61d1cb4618c6c72a8b6ab5871881764","ssdeep":"1536:7DFXT6kYFbzDoyZxg6V4BMWzIVzvxuOczHdpc3RvVE+hWtfBPfH2r+rxQ47GKi:BT6gOczHdUC/fHlxQ47GKi","tlshash":"016308dd72c6b07357ab31ba007f610bf136189a6c4d4450f129e4e9bc78a4a827bf6d","size":71037,"data":"","first_seen":"2023-03-07T01:06:36Z","last_seen":"2026-04-30T15:36:40.625149Z","times_seen":8461,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LdA2QEsAAAAAId6Kd8IJcsUKYIoPp2P7frTZ0Sd\u0026co=aHR0cHM6Ly9wYWhpbmRvdC52aXA6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=sbvp19oauwdi","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"f54d153d2c9e9135fc01dd2dc51ba6ea","sha1":"a57cfea3874b37f8e5323ff3d87ba17ae2e57c4e","sha256":"55e7089ec414695d8f55ee493d7bbcb109333c734f110a79e8d5d83e2b57e65e","sha512":"dabe348fbf73ec915ea153116fd34be4bd2dd4e5b6455b9269e8c564c4c45c3040327c552c03687154abc957d4cd11678e9263a608159f2a97bd10a828fad51f","ssdeep":"384:vDbSlvjgR6DcHiixu034cEo6naeLk6NuD1xNuVP/Q7:/K7gwwe034czQaeoB5xNuJk","tlshash":"57c2c68cf6e1f16d92b6a4b4006f111df6b67811da08281cf151c6d86e70e9d90abffe","size":25791,"data":"","first_seen":"2025-12-15T13:30:30.222924Z","last_seen":"2026-01-03T10:44:24.864331Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ruxella.com/out3.php","fqdn":"ruxella.com","domain":"ruxella.com","tld":"com"},"ip":{"addr":"104.21.22.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"63fed2e53ad0197865d1e9d623dd2611","sha1":"f65113ad18017afe571e76e982c57ca1ad0f0900","sha256":"52ed878e90a11c6338676ab0d0db674ed37d20ce249dce0dc2f70065876ae6fe","sha512":"1605ed4c36edc4e05b1edff3d10d4ac54bc266e1177f0f402e1592bf4d3fce90a6cea7cc02312d5cd7563aa9c40bb9ceb88b1306e28c8f9a073449ce3ec4b930","ssdeep":"192:y5fA2PJt/wKoI/uynlC/f5D535Ax5NN6cilWXC2ifai8iYoi7DkX8zlJjijSiKV:GI2xZw79ys5D535Ax5L+lWX5iSi8iji5","tlshash":"6812528516fb2036ca77502d4fab25657234980b7a0acd4c3ead83d85f88e3586b5ff4","size":9381,"data":"","first_seen":"2026-01-01T23:17:49.130575Z","last_seen":"2026-01-15T15:33:47.423845Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"43e28c5553d54ed2964bd5147521769b","sha1":"0a2b8c3db330a47aa7b9195e6dfdf944adb9240d","sha256":"d63026c985dc46aeb316574b7bf1828080c906238e35d5e34cb80414c0e70d23","sha512":"6dda085e4196167cf64287cb675c05b09bdaa291decebd1bea2b52ccdbd380de5875dc233fa3d439559413693f1e7974f485d60a2c1541bf62a8887bf5ff9811","ssdeep":"","tlshash":"1b80000c0a20c0882a00af00e000c202a0c2200f0220238ce823bce2a83c888808fea0","size":38,"data":"","first_seen":"2023-04-10T16:02:06Z","last_seen":"2026-04-30T15:27:53.082866Z","times_seen":140497,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/plugins/clean-tube-player/public/player-x.php?q=cG9zdF9pZD0wJnR5cGU9dmlkZW8mdGFnPSUzQ3ZpZGVvJTIwaWQlM0QlMjJ3cHN0LXZpZGVvJTIyJTIwY2xhc3MlM0QlMjJ2aWRlby1qcyUyMHZqcy1iaWctcGxheS1jZW50ZXJlZCUyMiUyMGNvbnRyb2xzJTIwcHJlbG9hZCUzRCUyMmF1dG8lMjIlMjB3aWR0aCUzRCUyMjY0MCUyMiUyMGhlaWdodCUzRCUyMjI2NCUyMiUzRSUzQ3NvdXJjZSUyMHNyYyUzRCUyMmh0dHBzJTNBJTJGJTJGY2RuLnBhaGluZG90LmNjJTJGcGFoaW5kb3QlMkZEb3dubG9hZGVkJTJGMjYwMSUyRmxhd2F5YW4tbW8tYnJvLXBhcmEtZHVtdWxhcy1hbmcta2lmZnktMTI5ODQ4OS5tcDQlMjIlMjB0eXBlJTNEJTIydmlkZW8lMkZtcDQlMjIlM0UlM0MlMkZ2aWRlbyUzRQ==","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"523560e1d6bc39b6b7abb33b5ab10bde","sha1":"8a07289f5e6192123e12c163e1a8eb82779e1f73","sha256":"29746674267f198f273a7fc09088b99965e88c16036f90e0bb6f5f1467ab52d1","sha512":"3f14707a4c86b4cc6dd73c7dd995f7e4ed95a1c01d67724cf6026ebbcc8a5ca9204a67c5b3ce704820d0150c4fefd401083cddbf001a0123b9e984ef0750390e","ssdeep":"","tlshash":"2551e1e1db1c162f98f31159bd3e81c82a3da335a06089bbfc52f51c24de25c42eb5d5","size":2875,"data":"","first_seen":"2025-04-26T07:10:21.59189Z","last_seen":"2026-04-03T18:52:28.679151Z","times_seen":52,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"43e28c5553d54ed2964bd5147521769b","sha1":"0a2b8c3db330a47aa7b9195e6dfdf944adb9240d","sha256":"d63026c985dc46aeb316574b7bf1828080c906238e35d5e34cb80414c0e70d23","sha512":"6dda085e4196167cf64287cb675c05b09bdaa291decebd1bea2b52ccdbd380de5875dc233fa3d439559413693f1e7974f485d60a2c1541bf62a8887bf5ff9811","ssdeep":"","tlshash":"1b80000c0a20c0882a00af00e000c202a0c2200f0220238ce823bce2a83c888808fea0","size":38,"data":"","first_seen":"2023-04-10T16:02:06Z","last_seen":"2026-04-30T15:27:53.082866Z","times_seen":140497,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/get/1990311?id=1990311\u0026pid=__clb-spot_1990311_iwb_8\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=3\u0026uf=0\u0026freq=0","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"5c23dfd646cbca2682e393c66dbd2821","sha1":"1344aa6eb1311a3ca7167f0125551141439ba0a7","sha256":"cd0c7761b064c358ca6039d4a38f59131ddd6717c422218222760242fe1cb4ed","sha512":"7f0210dc84d2d80810c5c5a0ef537f89d308581d9b6f7bec72d828e9aac07160eb030eba187c37ddf46ed3c8c0337708545699d5511dd5f002631d5b8628cfdd","ssdeep":"96:K7mDcLgRNhlFjFSsVsgwLgRNhlFjFSsVsguLgRNhlFjFSsVsgFLgRNhlFjFSsVsu:5jFjuYjFjuCjFjuFjFjuJo","tlshash":"ccc13a101f52c1c65543e437f32fe54c8ada329e2eaaf49d934d8e402bfb193a391929","size":6143,"data":"","first_seen":"2026-01-03T10:44:24.749716Z","last_seen":"2026-01-03T10:44:24.749716Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/bframe?hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026k=6LdA2QEsAAAAAId6Kd8IJcsUKYIoPp2P7frTZ0Sd\u0026bft=0dAFcWeA5YRc4cvXOvicv8bzEC6ibAAjgLeTbsQCxBetmgBaUKyIJuyZrcmtCqHFXa5k5XGw2Vbr9LZ17YkHC4JUKaykfmF3RWLQ","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"45ecf7458f42da80ac248ad42d610372","sha1":"a5b3edf8328769bc754e6e616a957ceed4fdadd7","sha256":"75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf","sha512":"e269e258cee29ed9ac04510c30517ebd77aa78e9c79b5736e5761bcbd372e38ab00a8092e2d391baf681eb4602dfb9a4ae1650628967735d94695b3d28aa4502","ssdeep":"","tlshash":"fba002f31935c4218ea2c5509953fb88e593611dfd45c1d470254edea3e19d3c100990","size":69,"data":"","first_seen":"2023-03-07T01:02:05Z","last_seen":"2026-04-30T15:36:23.782135Z","times_seen":415652,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bn.adbestnet.com/abal.php?id=324","fqdn":"bn.adbestnet.com","domain":"adbestnet.com","tld":"com"},"ip":{"addr":"104.21.90.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0e62255a31995246ed0e8f3fbb96ea33","sha1":"223138cd6c439e499701c749a6cc19eeed97958a","sha256":"94fd6b67df5379a7da688df4c7d2210b761c099aca19a693a1504a9b7eb4c7df","sha512":"be4513464a9212219f7d8498238a8f1085e1f4c67b43fbf1ae814992586e593ed20972c9c65fde4acf9317c8f196f987a6c628cd50a4f8c023813f19349c7f12","ssdeep":"","tlshash":"9c3102a701b7101d4d5b146752db0123f55ee80b3a93eac1760ed3153fec51952e798e","size":1471,"data":"","first_seen":"2025-10-11T13:46:03.640976Z","last_seen":"2026-01-15T15:33:47.437745Z","times_seen":430,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/bframe?hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026k=6LdA2QEsAAAAAId6Kd8IJcsUKYIoPp2P7frTZ0Sd\u0026bft=0dAFcWeA5YRc4cvXOvicv8bzEC6ibAAjgLeTbsQCxBetmgBaUKyIJuyZrcmtCqHFXa5k5XGw2Vbr9LZ17YkHC4JUKaykfmF3RWLQ","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"af46f6dfa2986bf5aac10e6e12160a3e","sha1":"dbb34f26cda45e3bb9b81331f8d7fdecc92684f7","sha256":"4ede9ffe58303cc65cb95be4b5e8233ff8e869b3ab113344df7771671d108a74","sha512":"9671b9ce25428c2b79c34719fd4ab27f9c3ce9f9c2ad2629544ae6b168c76fe9c8db24153e20ac63abb4f122b03e3ab4e5de9a76b3d95bbdd402598af4859707","ssdeep":"","tlshash":"62d0226312022cf28d20bcb2081a406e1c8a083b9022c7f57edd7c51afa0e013e08978","size":219,"data":"","first_seen":"2025-11-25T17:58:24.606947Z","last_seen":"2026-01-03T10:44:24.877308Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.onclckbnr.com/banner-admanager/build.m.js","fqdn":"js.onclckbnr.com","domain":"onclckbnr.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"01903853e3410c57e30e0a7abc3c1f60","sha1":"094aa098801352ae39ce557b293e4eb0fc3eb6d1","sha256":"cf7169f391156797acf11a9da11225701c3ee3c16afebc35eeefa3fb25e8daf3","sha512":"146bd24d76c9a9050a3a68b7a6d85264812fd8b1e41e93c674fd7d80ec01ee246a1302fbb0e37945ec1c53fd67dc86603dea509f5d9464c25e20ece1d3e2ee03","ssdeep":"1536:7aNtpnDTPupIDxZJBpqgiZMZLUyzOBR6mXIEFWDDIYA:709DTP9PpqSL3bmLIE","tlshash":"4b836b843290b4b541e640afa43f430af3392d06b80b9458f16dede67b79e896176f39","size":84990,"data":"","first_seen":"2025-12-18T08:41:29.003596Z","last_seen":"2026-04-18T22:35:55.833181Z","times_seen":454,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"43e28c5553d54ed2964bd5147521769b","sha1":"0a2b8c3db330a47aa7b9195e6dfdf944adb9240d","sha256":"d63026c985dc46aeb316574b7bf1828080c906238e35d5e34cb80414c0e70d23","sha512":"6dda085e4196167cf64287cb675c05b09bdaa291decebd1bea2b52ccdbd380de5875dc233fa3d439559413693f1e7974f485d60a2c1541bf62a8887bf5ff9811","ssdeep":"","tlshash":"1b80000c0a20c0882a00af00e000c202a0c2200f0220238ce823bce2a83c888808fea0","size":38,"data":"","first_seen":"2023-04-10T16:02:06Z","last_seen":"2026-04-30T15:27:53.082866Z","times_seen":140497,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85379,"data":"","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-04-30T15:37:40.405323Z","times_seen":15005,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4772b688b6775c60e18bc91b4c29efad","sha1":"1906e0f40fcbe4aa8a268872c5e3c7e02b6dd6cf","sha256":"9b44a45ef8b6ec879d6eb31d7d465a211a454996999e8458737c916bdcbd4b92","sha512":"4dc49bbb8813262095e72ca20a61b642a466692d2d2ce0acba5de590f2b5426196ab5d8e4156d1a90c700830d56a835ffa4e5fd9ec0a5cdbe3e584441739f74a","ssdeep":"","tlshash":"aef0c01108ef1efd123aa27e6d7e9d1d73ab281990a0c0006d8098155d715818640388","size":510,"data":"","first_seen":"2025-11-25T17:58:24.60828Z","last_seen":"2026-01-03T10:44:24.881573Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/get/1923765?id=1923765\u0026pid=__clb-spot_1923765_ten_2\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=1\u0026uf=0\u0026freq=0","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"f9fedab8cc6cd9e235718fd04282cff3","sha1":"5a391ba5855f4bb7cb46018df7effe733da34bff","sha256":"638f3bdb3dce6b24957960e36da70f07ab1ab33a35a1dd8a7f1e5fd4dd0f5b6b","sha512":"80edb5b6888fabe60b7fc0879652af314880d78e9814c03ed1b22adf6168c4785342af4859f37f669c51ff608bf31fe6354395cdd4a214cc5c3c70b3235762b8","ssdeep":"96:cZbWe05ick0o/bWe05ick0o6bWe05ick0yvbWe05ick0SRB9Cyxo:cZiekzkV/iekzkD6iekzkjviekzkVFo","tlshash":"5fc1f8b7392f0bd80581eab00a7def227d8c25c5c38d76b4569a09891b24b8d5874f26","size":6143,"data":"","first_seen":"2026-01-03T10:44:24.523456Z","last_seen":"2026-01-03T10:44:24.523456Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LdA2QEsAAAAAId6Kd8IJcsUKYIoPp2P7frTZ0Sd\u0026co=aHR0cHM6Ly9wYWhpbmRvdC52aXA6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=sbvp19oauwdi","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"45ecf7458f42da80ac248ad42d610372","sha1":"a5b3edf8328769bc754e6e616a957ceed4fdadd7","sha256":"75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf","sha512":"e269e258cee29ed9ac04510c30517ebd77aa78e9c79b5736e5761bcbd372e38ab00a8092e2d391baf681eb4602dfb9a4ae1650628967735d94695b3d28aa4502","ssdeep":"","tlshash":"fba002f31935c4218ea2c5509953fb88e593611dfd45c1d470254edea3e19d3c100990","size":69,"data":"","first_seen":"2023-03-07T01:02:05Z","last_seen":"2026-04-30T15:36:23.782135Z","times_seen":415652,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bn.adbestnet.com/a33.php?id=34324","fqdn":"bn.adbestnet.com","domain":"adbestnet.com","tld":"com"},"ip":{"addr":"104.21.90.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"acf5dbdcb2bc20708e6cd971cd12a1fe","sha1":"08300f2a74dd4b8edd55ccef11a525175963976a","sha256":"8ac5c1e96c6d92ed994d080cc088a13dce048e04169b12d23a8f558e5a7b9923","sha512":"eb692f2834d797c0a0e942a7b0d24aa6b51d96d8284e4fb200903bd4c20d4b3793f5029bc7d94768d16d6dd5c0b238e374d1b5418a1868cb01417ec13e4e96fe","ssdeep":"","tlshash":"aee0926b6cba20791a2690ba127fa5683156300b54e7c7f83c1cd7825fe463e51496ec","size":389,"data":"","first_seen":"2025-10-11T13:46:03.647596Z","last_seen":"2026-04-30T07:35:25.265093Z","times_seen":717,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ca956219876073e2f13e8fd63f0b9d26","sha1":"230a172e1fcf2036687131567200dee5fd200a09","sha256":"392c00d030e58635abc9339f903f23a2ebf2cc0ac6371363105549689dfe0206","sha512":"4bbbd3cd9f929185245ca260e7a2521763d3d90b47bbb1d1205819b40b84918e552d482ad8db91c9258e2504891a91efa190041d210c5290c63f38014adbf53c","ssdeep":"6144:QmhF4MqL/nL5k0wmjxRqyFF83/p50YFqrnMI74ggRLXal17bRc0wMwVmbIyWHVEI:zlqT1qyOEnMKabwBRIm0Epzax4XssBQ","tlshash":"040528d8b15278a2a332f4f14467241da77f966ed4084d1df29899f03fb4409a0bbeb7","size":849529,"data":"","first_seen":"2025-12-11T19:34:34.525691Z","last_seen":"2026-04-28T23:51:59.987409Z","times_seen":49446,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crossingshare.com/b5/c5/80/b5c5807ccbf0ff617c5a4fedf124acd8.js","fqdn":"crossingshare.com","domain":"crossingshare.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"28bdcb392ca3f69a5aa02747529bb8f9","sha1":"df38a86258fd2c2a2c4f1b08c233be53c5ccf9a9","sha256":"90f3240c1245cf4fe667ae05e21bc2aceb1ed7019b9e0e01e0b9c05fa6b9c166","sha512":"47c7ca50894b26ae3d2fa64d0ab2084d1fc9f5422206abc9b94968c748d923c4fc9e54d32eeeb5ce9059f265afef2a60f3753a9bc5e46a1969ecbd786f7f2f4b","ssdeep":"1536:x9yUBg8XFOUGBAVTesz3WArOwlNyBv77NzxpQ2jFFwB1jIV:x3B91c8pUhxpJwDIV","tlshash":"847309487f82b15b5352a073627fd047f0256f1261ecd498d123e6a86f6c33af636b98","size":78864,"data":"","first_seen":"2026-01-03T10:44:24.536546Z","last_seen":"2026-01-03T10:44:24.536546Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/get/1890614?id=1890614\u0026pid=__clb-spot_1890614_ddu_5\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=1\u0026uf=0\u0026freq=0","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"8f15e02fe52775e80bfa412aa7a30f24","sha1":"d6e861ef8eeceeb983e6f52e673305945c78662a","sha256":"9303c6190fd19ae0d6bdcd9f8abf4e297b338a82a2fcb7691cda276ea003f96b","sha512":"c40984d6c8d5a551f44b85fefef09acbffe1b1f34a7cb2bb158476901cb02f0e2d9096ad5124a3de3d67e3027d0e8763dac76aa934d4c59fd122ceadd9282bbe","ssdeep":"96:SvMT7cHr/efjCntSdGzzvkW7cHr/efjCntSdGzUvwW7cHr/efjCntSdGzv3vyW7R:SvMEr/poGzzvir/poGzUvmr/poGzvvs2","tlshash":"8fc11b18a503db482fdca30354d929da953a95686f2a1243901bfc2526fcfa3e67fd05","size":6143,"data":"","first_seen":"2026-01-03T10:44:24.736678Z","last_seen":"2026-01-03T10:44:24.736678Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ad81beb0a28e87fe3ce3742823d264a8","sha1":"f0aa1a71cc5d0b2b40e1b009486fc627f7703878","sha256":"10531cb9ccd59383133c85843a19c55ba0a27d1a2eb912628e9bd7f68b479aa5","sha512":"ed7834311ae7828b03aa5a7411e9f4bbf5066879ee89fe01f83fa28d1a299733d0a81eea1cc4ab97477bf80c13c5ecf94e398d95c3bd3a2911d480b651c6fb78","ssdeep":"","tlshash":"9131ee7df5291636095661fde399e341a030f0dadc428424efb5cc5ea8cce9548abdf2","size":1717,"data":"","first_seen":"2025-07-25T05:28:04.194173Z","last_seen":"2026-04-30T16:05:34.99528Z","times_seen":12913,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"43e28c5553d54ed2964bd5147521769b","sha1":"0a2b8c3db330a47aa7b9195e6dfdf944adb9240d","sha256":"d63026c985dc46aeb316574b7bf1828080c906238e35d5e34cb80414c0e70d23","sha512":"6dda085e4196167cf64287cb675c05b09bdaa291decebd1bea2b52ccdbd380de5875dc233fa3d439559413693f1e7974f485d60a2c1541bf62a8887bf5ff9811","ssdeep":"","tlshash":"1b80000c0a20c0882a00af00e000c202a0c2200f0220238ce823bce2a83c888808fea0","size":38,"data":"","first_seen":"2023-04-10T16:02:06Z","last_seen":"2026-04-30T15:27:53.082866Z","times_seen":140497,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ca956219876073e2f13e8fd63f0b9d26","sha1":"230a172e1fcf2036687131567200dee5fd200a09","sha256":"392c00d030e58635abc9339f903f23a2ebf2cc0ac6371363105549689dfe0206","sha512":"4bbbd3cd9f929185245ca260e7a2521763d3d90b47bbb1d1205819b40b84918e552d482ad8db91c9258e2504891a91efa190041d210c5290c63f38014adbf53c","ssdeep":"6144:QmhF4MqL/nL5k0wmjxRqyFF83/p50YFqrnMI74ggRLXal17bRc0wMwVmbIyWHVEI:zlqT1qyOEnMKabwBRIm0Epzax4XssBQ","tlshash":"040528d8b15278a2a332f4f14467241da77f966ed4084d1df29899f03fb4409a0bbeb7","size":849529,"data":"","first_seen":"2025-12-11T19:34:34.525691Z","last_seen":"2026-04-28T23:51:59.987409Z","times_seen":49446,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LdA2QEsAAAAAId6Kd8IJcsUKYIoPp2P7frTZ0Sd\u0026co=aHR0cHM6Ly9wYWhpbmRvdC52aXA6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=sbvp19oauwdi","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"4bdbb487475b3e6bb2edeb30f3c16e92","sha1":"76f4f1ecfe92e127cc0dd93ce60279b99bf2bace","sha256":"9a66353e221e9d6a76dd9c8000dd2f822c6bdf6b8cc7dea367aed6fda6e29fb1","sha512":"770d30aaf19f48b48cd679c33d17e69d0c2d3ca92eec5bf38fc397c4530a8f489d0dc2086d8e5bac383ab1ea8c840ec307f872612cdabf27cfae3844aa6fa8e3","ssdeep":"","tlshash":"23a0220c0e30ca30002a2082a00a00a80e20200000e00f002ab080830b28cbc00330ef","size":62,"data":"","first_seen":"2025-12-10T10:56:06.864317Z","last_seen":"2026-01-20T21:14:28.954464Z","times_seen":19435,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LdA2QEsAAAAAId6Kd8IJcsUKYIoPp2P7frTZ0Sd\u0026co=aHR0cHM6Ly9wYWhpbmRvdC52aXA6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=sbvp19oauwdi","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"a31c3faa7f070bea0dfcd135efc91335","sha1":"2c0a419826c5438ac8e96f10b597224c4d8601f9","sha256":"e07765ac0698cb214ef4df8056a9f69df72a0f904321d110a37222a4a7532f9a","sha512":"92c78fcd89ec97d1ec6b73a825c4e22fd53411ade7216fa3421c5ea77b5652348be64c295e7ff6e743da11c18e64c8e659e32ac6b93bfe5cf9d31f5906e0a9a0","ssdeep":"384:nDBSlvjgR6DcHiixu034cEo6naeLk6NuD1xNuV7/QD:NK7gwwe034czQaeoB5xNuVo","tlshash":"f892c6cc3ae1f16d82b7a4b4046f111df6ba39115a08280cf151c6d86e74e9d90abffe","size":19698,"data":"","first_seen":"2025-12-10T10:56:06.863546Z","last_seen":"2026-01-20T21:14:28.959026Z","times_seen":19421,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/utility/robot/3/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6326c600df01e3bfb9b40e1aa08176f8","sha1":"6b4fb754d29b297b539bf62ba9b4eaf0f33f314a","sha256":"df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3","sha512":"641aaeecb9b89bcc319cabfef18f76faa9b1ba79f9de30c6d07f22d385fc78ac3f11a718fe9ec96f8a13d82e3dff4ca34944ccb449a4ef8e378ad65dfad581c0","ssdeep":"1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri","tlshash":"eb83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","size":84384,"data":"","first_seen":"2023-03-07T01:10:11Z","last_seen":"2026-04-30T16:00:46.504951Z","times_seen":11077,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.onclckmn.com/static/onclicka.js","fqdn":"js.onclckmn.com","domain":"onclckmn.com","tld":"com"},"ip":{"addr":"45.133.44.53","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5e56aea0751aea0d183bd0b17fda1a63","sha1":"51119482d2a57c64aa99be99026b11e464f1e1f0","sha256":"b193f09412f87411bab8904863bea3018d054936f15135f9ba2ae5e3f9c69638","sha512":"a176bdf8424b78ff51c5db203bb43ff51b2ac9e54d4d901d616d133a8c49e5da51b0dec4edfe79eb7735d7c8c4e27250e69473073a3d106f367c1d6a535430bb","ssdeep":"1536:O18MdnC5OPz8QP9r2RcZSgtK8sBggAO12FoX50FtQySd8uj6DzKEVKf7lbe0etsz:mFSGSgtqZCqd8uODG0K5y0etsz","tlshash":"8ae34adcb2d2b07407e75099d83f1206b73a1a16b80c9058f6a6e9c17878ddb5237f7a","size":147721,"data":"","first_seen":"2025-12-24T09:34:21.963037Z","last_seen":"2026-01-15T10:33:49.065141Z","times_seen":202,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"21e2785e10968a96d5d93f992c5b01a5","sha1":"7ed7d3696531a67e706fd7ec07cb6eb15e866bf3","sha256":"7de46671eb35520bde71c5b0cd694691fe8ef15ecc383da6cea84e73da17e7f2","sha512":"021a32b26646e31683e7d02f0e49eddf346a92573740c45cd9f9950b0c0cc589a130f74ed7816a4001278ac5e90f898fdc9086801ed0d59557508ee8870a3e15","ssdeep":"192:H0r/BJ7Mdb7LiEWiFiacrcYmen1VuOTlmGFF3bH/fA68IDeIToJ:H0r/BpMdb7LiEWiFiHn1VuexjrHnAym","tlshash":"fa22420419b9d921c01ca02f207e2296f7240a57ad7abfd4bbc941045fde95f75b823f","size":10330,"data":"","first_seen":"2026-01-03T10:44:24.892065Z","last_seen":"2026-01-03T10:44:24.892065Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/get/1885262?id=1885262\u0026pid=__clb-spot_1885262_pxr_4\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=1\u0026uf=0\u0026freq=0","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"842a8d8a73d003fa1c3e73163eb66c90","sha1":"e4d4a76ddff1676a55a5f59c60c2814fcafe8cea","sha256":"a3d8c6e994751d20cd10ee3e71de80a5647d117295e2e3c45cb8dce344d4b50b","sha512":"5c051114e2a4f6826262a7ee3856247e76b42fb980d6917d73810925e2e4878c5826bbbf39b06054c0ab8e1e3c676d9587ca9f72a67ffb2faadc4940bd0617f7","ssdeep":"192:8zLy5wr77wYkLy5wr77wYRLy5wr77wYFLy5wr77wYmEnqyo:WyKDwpyKDwKyKDwoyKDwso","tlshash":"1cc10bfec445c63e8f743112442efe98a447654357e102b6f249e9b53b4520a9e7e8c1","size":6146,"data":"","first_seen":"2026-01-03T10:44:24.658289Z","last_seen":"2026-01-03T10:44:24.658289Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/get/1890614?id=1890614\u0026pid=__clb-spot_1890614_sps_6\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=1\u0026uf=0\u0026freq=0","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"98f42a1c8f42d79002816bcdccb3e609","sha1":"3c3d897d29742009579c35f5e1dff4c192dabb39","sha256":"a0edf726454ae5e3b218f94b66aa0e8b5b0832c927a8a8ea22de2ae9c945aeeb","sha512":"1bfb8158952d1bbfc71aa9b3551a47a1979b5a593ad7746e5a9388b6bdf7ce70204632dd5478b2774dc5efc5efcb17788e892a5c41b5b8b77d4f456408720b4c","ssdeep":"96:KuMzD/DrCFuMzD/DrTCDuMzD/DrMcuMzD/DrggRr9GMqo:Hi7ib7iyiPRso","tlshash":"c4c1eaed3dc6cc80b674a38079709c4c8448f99e2387ee65d25f3428fe566b593af096","size":6143,"data":"","first_seen":"2026-01-03T10:44:24.663247Z","last_seen":"2026-01-03T10:44:24.663247Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crossingshare.com/1e/40/90/1e4090d2a697a1a126244d851f2129fc.js","fqdn":"crossingshare.com","domain":"crossingshare.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"27d863f77f9d01b2d1562ce230e5dd4a","sha1":"f89e6262f5a7e906ca2b26ca4e4cb53d5cb5c969","sha256":"b0b3c2a1c322a32943bcda15e9560946f21d92ed04a542a54d4621481871554f","sha512":"a05613b0f4d6df2d38e3c7c5da2be3eda2a57c636ed38cbff84b0fd9b2aa302f2fdcae9dcb121a464a31c70d2bc63e5f1c74392bf3282a0e4651fc5940804983","ssdeep":"3072:EMW17aMWZ44SXdVY4lDKVVbZ4i3/9j9y1UglGewsw:EMWw194Lwsw","tlshash":"1ca3c788bfd0f06d129a6473223f950ff11a4e42505ce558e907f8e66abc32af47db64","size":106871,"data":"","first_seen":"2026-01-03T10:44:24.588296Z","last_seen":"2026-01-03T10:44:24.588296Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/get/1923731?id=1923731\u0026pid=__clb-spot_1923731_its_1\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=1\u0026uf=0\u0026freq=0","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"dce749d40097fb217345c14ba7e86384","sha1":"39631d6d7aad0ffee993ed775e7faf3abc23f28f","sha256":"56b4b6fd335157f461fba829ef8c925981e638cbb43e71a58ba6e911c33713b7","sha512":"8c8ecc76c0505ff9f4f4ce1e41ff2a7fd8b4d8616ec40f65c8720014faa555399902b81df61776ea04e405268a0b392588f7ff0014694d61ff8276bf5aaa03c4","ssdeep":"192:KNgSif9Vie1GvHaSif9Vie1GvHSSif9Vie1GvHpSif9Vie1GvHn2qo:sgSif9VpGvHaSif9VpGvHSSif9VpGvHT","tlshash":"59c1e7487c6f84fe8b2316eb62eb5c4d15e10ecdc2a61a3a53366b450d21332cfa5657","size":6146,"data":"","first_seen":"2026-01-03T10:44:24.842068Z","last_seen":"2026-01-03T10:44:24.842068Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LdA2QEsAAAAAId6Kd8IJcsUKYIoPp2P7frTZ0Sd\u0026co=aHR0cHM6Ly9wYWhpbmRvdC52aXA6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=sbvp19oauwdi","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"368447d079bd6786c29a8324096f87ab","sha1":"60168ee76733f23d3df4c112d289e6663367f973","sha256":"9ef636a7d5350f3bfc49cf81767b152b0502a743e49a215f43971983ff28788f","sha512":"8b91ad341ac02b8ecfea56109f1bfbbab6451c5002c2b94a6c3683758700b878484a7e7a10031fbfee6298afc0edbe50e7a771e764059b468b885642405288be","ssdeep":"","tlshash":"767000082c08a820202ab03800cb000a202a02a200020202a00022882c3c02e000288c","size":22,"data":"","first_seen":"2025-12-10T10:56:06.868347Z","last_seen":"2026-01-20T21:14:28.953887Z","times_seen":19435,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api.js?hl=en\u0026ver=696b5afc78c6e1a2be7e52f07257cab4","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b57455c9a0032c8d67868882258a4a19","sha1":"017f1d5e957af25bc7ee498e8e6104da00835773","sha256":"1aa296f8312ecf0d0959f759affc2850e1ed52b321033a51355cc1f37fd5dc89","sha512":"24db4575be8e92cfb7b408e04e6bee7cc5257a22b46488a3f4e9a8dbc05f75c3f4a465fea59e4ea866c1a9f3afb145f50b60fb5969a61ef7c466d572a7197e57","ssdeep":"","tlshash":"581165731a04f0350b3209d1e1ffc7b5e482b01cf12845dca511ea842f79ccbce04589","size":1017,"data":"","first_seen":"2025-12-15T23:56:17.122996Z","last_seen":"2026-01-20T22:35:06.74886Z","times_seen":7485,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"43e28c5553d54ed2964bd5147521769b","sha1":"0a2b8c3db330a47aa7b9195e6dfdf944adb9240d","sha256":"d63026c985dc46aeb316574b7bf1828080c906238e35d5e34cb80414c0e70d23","sha512":"6dda085e4196167cf64287cb675c05b09bdaa291decebd1bea2b52ccdbd380de5875dc233fa3d439559413693f1e7974f485d60a2c1541bf62a8887bf5ff9811","ssdeep":"","tlshash":"1b80000c0a20c0882a00af00e000c202a0c2200f0220238ce823bce2a83c888808fea0","size":38,"data":"","first_seen":"2023-04-10T16:02:06Z","last_seen":"2026-04-30T15:27:53.082866Z","times_seen":140497,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ca956219876073e2f13e8fd63f0b9d26","sha1":"230a172e1fcf2036687131567200dee5fd200a09","sha256":"392c00d030e58635abc9339f903f23a2ebf2cc0ac6371363105549689dfe0206","sha512":"4bbbd3cd9f929185245ca260e7a2521763d3d90b47bbb1d1205819b40b84918e552d482ad8db91c9258e2504891a91efa190041d210c5290c63f38014adbf53c","ssdeep":"6144:QmhF4MqL/nL5k0wmjxRqyFF83/p50YFqrnMI74ggRLXal17bRc0wMwVmbIyWHVEI:zlqT1qyOEnMKabwBRIm0Epzax4XssBQ","tlshash":"040528d8b15278a2a332f4f14467241da77f966ed4084d1df29899f03fb4409a0bbeb7","size":849529,"data":"","first_seen":"2025-12-11T19:34:34.525691Z","last_seen":"2026-04-28T23:51:59.987409Z","times_seen":49446,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bn.adbestnet.com/fao.php?id=3","fqdn":"bn.adbestnet.com","domain":"adbestnet.com","tld":"com"},"ip":{"addr":"104.21.90.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b87f7d8ef641f26d29a395aa7cf1f967","sha1":"7b477d2e1df5e72e91cbb1e43fa3bdff99007a9b","sha256":"c8f58415612380a79703bd0d653ac060b4321dbb2698e1679298730cb22fd65d","sha512":"17e38310854193a73a0b668fad5e6d835e9430675f68640b906f0006f0b2f33772d067d2d308e557872f0b8691d3bf71352ee08f6aed72a1364dbcc95942f664","ssdeep":"192:aaHyqCNfrckjOcRw8jOAlhzLBtdWxiUGiM6iciVIiEtLriIAi+AitAi45:aABSjcyOcRw8jH7dWxiUGijici2iCiHm","tlshash":"5202415526b71031ca67118d0fe7462572b4a41f7909ca8e3e6d82992fc4f3692f8ff8","size":8649,"data":"","first_seen":"2025-11-01T05:28:47.29261Z","last_seen":"2026-01-15T15:27:46.460432Z","times_seen":162,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/get/1990311?id=1990311\u0026pid=__clb-spot_1990311_qts_9\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=3\u0026uf=0\u0026freq=0","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"e561955ceeb97021c6ee41909cc5f36d","sha1":"2648c32a3f331dc9d0f7d4a061eae998d23d2ca2","sha256":"892f848b50ca7613ada4dea618ef42588c857eb7f9c6044cafa5615ca474cfc5","sha512":"acff5886963a77987ae18ebae14d11974e33caf5e28879675e6ef58ebd49a5899b8cd8181ed34f2213bb4cb7dc2921905aa84011a344b3b7c07dfde523e13f0f","ssdeep":"96:ECunz0cxjMUV2a7Z9Z0cxjMUV2a7Z9N0cxjMUV2a7Z970cxjMUV2a7Z9nKivUoxx:tw0QMUtF0QMUtJ0QMUtX0QMUtRUDo","tlshash":"6ac109ca1789d54bc8fffaaf66b95c78d588f884190e88944a4d7b076699e3304e3284","size":6143,"data":"","first_seen":"2026-01-03T10:44:24.856252Z","last_seen":"2026-01-03T10:44:24.856252Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/plugins/clean-tube-player/public/vendors/fluidplayer-3.0.4.min.js?ver=3.0.4","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2896df93f5e7b6ddd19e3cebcab9e43b","sha1":"7cb28a844bb25b53b841bde95160021eab06c39c","sha256":"6c12348af4b06634411003ecb69f0b3b60cd8674efb1329ee7319ba6cc3d2466","sha512":"36decbdacee87f1ea42cf7b2e36d44bc292804badab0a061f6ea5b92ad9b6e8af1d2e238eb92d960419f84aac64381f2725378c92379d7ca39409f5c8409166a","ssdeep":"6144:eHokyLucaeewSwCGEYwBvZw+oVVNPYI//k0fWqsyB3zonjv35Jmmz+b:CYwBvZwlVVN2yIjv35Jmm6b","tlshash":"7f14f8ce3a549a304cdb6b9fb7efd211323c6509a832712ab417fd8e43ac589d4136d9","size":206885,"data":"","first_seen":"2025-07-07T03:23:20.423729Z","last_seen":"2026-01-03T10:44:24.83668Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LdA2QEsAAAAAId6Kd8IJcsUKYIoPp2P7frTZ0Sd\u0026co=aHR0cHM6Ly9wYWhpbmRvdC52aXA6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=sbvp19oauwdi","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"1648ffb33ce66c1dce6b100fb73c7c63","sha1":"61574351b5733c57872898265a6dd39558ab3a68","sha256":"75cc6262bd210f440be1ca9365604501866618ad4078ba5ece982c9c616138c3","sha512":"9bd1293710fd96eb2b379a0ff158870216879fc8fc5e774f20c7d86f4b71cccff51807f621d6076cfe928b1526e92fb563584005fdbe71ee1411fc13c2f562f7","ssdeep":"","tlshash":"8d7000082c08a820202a3038008bc00a202a020200020c02a00822880cb802e0802a8e","size":22,"data":"","first_seen":"2025-12-10T10:56:06.867552Z","last_seen":"2026-01-20T21:14:28.949715Z","times_seen":19439,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/bn.js","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"2d158e92e83d6c8a70cc928e23060ce7","sha1":"a3bfddb1307774261e73ab9d2486438504b35084","sha256":"44f722d75c727be078a5931dd3497aacf652ba8c6eb3097176599d06aac160a9","sha512":"1d4c7db82aed070da74c04af696f6ff716b1de4097cdb46ff681926e43691f1a72279569b98dab6562736b6c1c167ea2a20b3a6d0dfe1b8543c9037f1312cd22","ssdeep":"3072:YY3td0G485lbLLPY0QkWGENs6kmJNdRVJG:9d05QlbLTofgg/dVG","tlshash":"caf3c7deb74528361156b0390f2fdf34a6a5e8d2b88d8474e0e3c0ec787c996e193b65","size":170706,"data":"","first_seen":"2025-12-24T15:48:22.966068Z","last_seen":"2026-01-11T23:52:13.961648Z","times_seen":225,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"43e28c5553d54ed2964bd5147521769b","sha1":"0a2b8c3db330a47aa7b9195e6dfdf944adb9240d","sha256":"d63026c985dc46aeb316574b7bf1828080c906238e35d5e34cb80414c0e70d23","sha512":"6dda085e4196167cf64287cb675c05b09bdaa291decebd1bea2b52ccdbd380de5875dc233fa3d439559413693f1e7974f485d60a2c1541bf62a8887bf5ff9811","ssdeep":"","tlshash":"1b80000c0a20c0882a00af00e000c202a0c2200f0220238ce823bce2a83c888808fea0","size":38,"data":"","first_seen":"2023-04-10T16:02:06Z","last_seen":"2026-04-30T15:27:53.082866Z","times_seen":140497,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LdA2QEsAAAAAId6Kd8IJcsUKYIoPp2P7frTZ0Sd\u0026co=aHR0cHM6Ly9wYWhpbmRvdC52aXA6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=sbvp19oauwdi","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b4a23af3384f7dd70678ce1ffdd99fb9","sha1":"179b8755bb5efdf12cabf81dcb4b9e3e32475c88","sha256":"1adb16191a385ca33cb988d144241d24a0461d97ddda86e588291c0d1524f84f","sha512":"ef55046f2bb3be6b1ef01cbe212508295115de9d69792bf26bbdf60960a983406b9e9b00d0058a02398c3f823431adee47a617caf26af514791863143deb015b","ssdeep":"1536:bSRUnYQ9PJhV9NoisRBKtJmfqAlKnPswMo6YlPxejkP1vR9fSElWdGx:jhJ4d4tnsYl5eQPntZ","tlshash":"b073cf2bb79774dfcf7edb004be6a695223da049210715cc1bab05c24e3de87667819c","size":74292,"data":"","first_seen":"2026-01-03T10:44:24.902145Z","last_seen":"2026-01-03T10:44:24.902145Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"de3d92befb3c4b7f5f6ecb5f53197c85","sha1":"f624723fd35669df404016f43ea2ec1f5b6b893b","sha256":"53611174eed7ebc9c5b2c751cbf0f3850231163aa158612a1785cbe77c01018b","sha512":"f42f410b966485569e360f4db2af7db9fba771b4704808dcb6623bf51e4742a8753e36f0289e91f16c5946cbd7d48eec759b7fa9ca674362cfcf6c062e1436a1","ssdeep":"","tlshash":"2b60000c0000000c0c003c0c0003000f3c0c0c000c00000c0000300030003cfc000000","size":12,"data":"","first_seen":"2025-07-20T13:26:17.548807Z","last_seen":"2026-04-12T07:20:59.984157Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/litespeed/js/730104da0c43a0daf16996e1a93478ca.js?ver=478ca","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4647d28fa4a32eb283205785ddf3c3d8","sha1":"26586753fc737f0007aeab17b0f569d8f16f7592","sha256":"8c7be054e758689036fb6e1d0c13b4f5e2ddc88b35fcb852d2cee5b56b6b8f26","sha512":"bd54edcc8ac4e5a74c380f81e17d0afa994fd81e1e0188083775597eca477d003f39123a71563da6a4a8388abdea562cd04a39e9bb7f8c280006a40888e34a12","ssdeep":"192:oLjhKG0GzDQ93j6NBYiGnMIaFgA7Ep0fvG38U3u4voVlxwnw2ZFp:oLjhKOzDQ93jRiGnMItY+38U3uYodm","tlshash":"05d1835e778674e6c23b26e5f53e221170328c9de743aca52f78602d5420da52273fab","size":6418,"data":"","first_seen":"2023-08-13T05:28:52Z","last_seen":"2026-04-12T07:20:59.943356Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85379,"data":"","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-04-30T15:37:40.405323Z","times_seen":15005,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"6d775420a936d01c1cbb46c0428f9e2a","sha1":"96f198bfae8da82504ab157f7f4e9f210f07f9c6","sha256":"355f3976a236e5649c0ae57f4f628f7a2cfde8a67980d00a897345fec3d8358e","sha512":"c42213d140649f0c4bf05d24635ec272da9568e2bad6251ad5ca113870404ce9b1dbd05f41592ddcd556bdf018e06fe6b828180b7fb7be8de5edb865d0786e84","ssdeep":"","tlshash":"abc02272d2162108e91200c440b4000c3a20a90aeb30a6028ae93612e80827f4c322ad","size":191,"data":"","first_seen":"2025-11-08T14:12:35.374586Z","last_seen":"2026-04-29T21:36:55.805381Z","times_seen":470,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/11/Di-Hadlang-ang-Pagiging-Single-para-Lumigay-ang-Tinggil-300x169.jpg","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/Di-Hadlang-ang-Pagiging-Single-para-Lumigay-ang-Tinggil-300x169.jpg HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 07 Jan 2026 13:26:29 GMT\r\netag: \"2a91-690a794e-11ffbf2;;;\"\r\nlast-modified: Tue, 04 Nov 2025 22:08:14 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 10897\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YpvhsNQLJkvekiAUI7vO8RhZSD3kWC1VxUxv%2F52YffsKjwnoBEfXqm8COdKctDOsmv%2FY3EAdqbNJa%2BFRhBo9D4DqJEoEWGsDdTQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e56ed8c95697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":10897,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 120x120, segment length 16, comment: \"Lavc59.37.100\", baseline, precision 8, 300x169, components 3","md5":"c4d9f7aa99a30754e57053cab910e35e","sha1":"4d64f4373dc08d408e6125da19aaed4d05ba88af","sha256":"a8a30d099fb7048dcd5d08c706f30a650a5a8c8477351829c6e084ca3e789ff6","sha512":"8f721ec55a240764daee9b657571580958d74c3bd043a7f1818adbdb28c4eb106de4d7c8e23243844c4521fd8a518d812f3963b0a1010989ba39e58d76498983","ssdeep":"192:nMIpwo+Q71a3qq5QpuhtZ8g54kk5i5gxyBkXctqwKgpENinY4kvMrUBA9cx:5W67M3q8BpZkbAqwKg5nY4IMrU2q","tlshash":"3422bf4eb602bdc4df254ee3193252789420cd85f946f33d0c7ac361f82d9a26668f0b","first_seen":"2026-01-03T10:44:24.480493Z","last_seen":"2026-01-03T10:44:24.480493Z","times_seen":1,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/11/Lapag-Osus-ni-Jowa.jpg","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/Lapag-Osus-ni-Jowa.jpg HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 08 Jan 2026 15:05:43 GMT\r\netag: \"3e5f-690a7bd7-1201bb5;;;\"\r\nlast-modified: Tue, 04 Nov 2025 22:19:03 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 15967\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=47VUxJmNuc4IiHeWyVtC0DKRzyL7JGV4b6S5q2RZnorX%2Bp%2FojRODUr36tq4J6f78ojZgFT69WmKbUXq5HFSsoFso9x6UYcqAJRM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e56ed8cc5697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":15967,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 96x96, segment length 16, comment: \"Lavc59.37.100\", baseline, precision 8, 640x360, components 3","md5":"0aea558d3b6edb3044d97e2b7dbcf5ff","sha1":"fa8a0d8c29f53be459eec43af18652095ad1cba1","sha256":"e60509fb42f6e963fedbbdaca26f3aa932e038f6685487327b6f2d14b76162b4","sha512":"c2fa90ef4d169e2fb1750e04761f1fb80b4c924dc545ac37c3fb94c8654db1fef2bd11be5d7e0dc15479a300fd66376f0402de34f9bea03881965edc3dd75149","ssdeep":"384:V83JByciTh238m53mufV9YdLNiGI8Nau3T+fH7u:VwJgco8EunV8su36PC","tlshash":"8562d0d2e5a2ff64b6bf0f745bb0e0801a4351a45890df4c94e079acae539de12cbc6c","first_seen":"2026-01-03T10:44:24.486969Z","last_seen":"2026-01-03T10:44:24.486969Z","times_seen":1,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/plugins/clean-tube-player/public/assets/css/ctpl-player.css?ver=2.3.0.1732480616","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pahindot.vip/wp-content/plugins/clean-tube-player/public/player-x.php?q=cG9zdF9pZD0wJnR5cGU9dmlkZW8mdGFnPSUzQ3ZpZGVvJTIwaWQlM0QlMjJ3cHN0LXZpZGVvJTIyJTIwY2xhc3MlM0QlMjJ2aWRlby1qcyUyMHZqcy1iaWctcGxheS1jZW50ZXJlZCUyMiUyMGNvbnRyb2xzJTIwcHJlbG9hZCUzRCUyMmF1dG8lMjIlMjB3aWR0aCUzRCUyMjY0MCUyMiUyMGhlaWdodCUzRCUyMjI2NCUyMiUzRSUzQ3NvdXJjZSUyMHNyYyUzRCUyMmh0dHBzJTNBJTJGJTJGY2RuLnBhaGluZG90LmNjJTJGcGFoaW5kb3QlMkZEb3dubG9hZGVkJTJGMjYwMSUyRmxhd2F5YW4tbW8tYnJvLXBhcmEtZHVtdWxhcy1hbmcta2lmZnktMTI5ODQ4OS5tcDQlMjIlMjB0eXBlJTNEJTIydmlkZW8lMkZtcDQlMjIlM0UlM0MlMkZ2aWRlbyUzRQ==","date":"2026-01-03T10:43:38.625Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/plugins/clean-tube-player/public/assets/css/ctpl-player.css?ver=2.3.0.1732480616 HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/wp-content/plugins/clean-tube-player/public/player-x.php?q=cG9zdF9pZD0wJnR5cGU9dmlkZW8mdGFnPSUzQ3ZpZGVvJTIwaWQlM0QlMjJ3cHN0LXZpZGVvJTIyJTIwY2xhc3MlM0QlMjJ2aWRlby1qcyUyMHZqcy1iaWctcGxheS1jZW50ZXJlZCUyMiUyMGNvbnRyb2xzJTIwcHJlbG9hZCUzRCUyMmF1dG8lMjIlMjB3aWR0aCUzRCUyMjY0MCUyMiUyMGhlaWdodCUzRCUyMjI2NCUyMiUzRSUzQ3NvdXJjZSUyMHNyYyUzRCUyMmh0dHBzJTNBJTJGJTJGY2RuLnBhaGluZG90LmNjJTJGcGFoaW5kb3QlMkZEb3dubG9hZGVkJTJGMjYwMSUyRmxhd2F5YW4tbW8tYnJvLXBhcmEtZHVtdWxhcy1hbmcta2lmZnktMTI5ODQ4OS5tcDQlMjIlMjB0eXBlJTNEJTIydmlkZW8lMkZtcDQlMjIlM0UlM0MlMkZ2aWRlbyUzRQ==\r\nCookie: UGVyc2lzdFN0b3JhZ2U=%7B%7D; _pk_id.125.8d89=da0b78d847ed0a92.1767437019.; _pk_ses.125.8d89=1\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 10 Jan 2026 10:43:38 GMT\r\netag: \"157d-67438e68-7436bf;br\"\r\nlast-modified: Sun, 24 Nov 2024 20:36:56 GMT\r\ncontent-type: text/css\r\ncontent-length: 947\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I%2BZzhoUPoeDmbW8ZIcY58O96mQIjRsgtH4lQZRTw0Ql%2FYRx7F47v63w%2BOUrnr%2BydmjViVtZSEweEl8PDCVsbdKLTGqT2tjiHZFs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9b81e57669105697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":5501,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (435)","md5":"e90849bad095d06ffd20ba59cf34de75","sha1":"5c0d1b70b53f57271f57119ace9ef40a89672236","sha256":"a1965d1fd5aef09e3a55fb2623038d20483707d2af0fb3c1be69eeeeae8f5e2e","sha512":"f7cdc1f6793c084b0d23c848a6d3a12b8a5fab52e50125e999e8d68fcc0414dd0cf02bbccf1d00eb04434087712a1a13a693fc419a69da978f859e4419ace122","ssdeep":"48:srifxnFCMjQ3teUy3eUy227wsqlfgTomcYBecJWGWbCH+cYBe6PbJ1DJOG1o6JOS:PlFCGQtez3ez22Pqxg14r6A1siF","tlshash":"57b18de92a650e14a83b9b4f6391c6d4377d8016f936e86eb1c33d2e8bdd10884336c3","first_seen":"2023-04-08T14:32:23Z","last_seen":"2026-04-28T08:37:14.572211Z","times_seen":597,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":52,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/utility/robot/3/img/close.svg","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/interstitial/utility/robot/3/img/close.svg HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:40 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Dec 2024 14:36:22 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qfR4kkD%2Fh9z8fCVEe16VWjcJk%2B1a5N4kFYKdOWWV%2Fhku31bUvBtQ%2FWWCjtoNGjWobhmeZ3JYxJNtJs0Pn0%2BY%2BLHjVT49jfmcvYyBLEJY\"}]}\r\nage: 1326186\r\ncf-cache-status: HIT\r\netag: W/\"675af4e6-4ff\"\r\ncontent-encoding: br\r\ncf-ray: 9b81e5836e7fb4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1279,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"369850b9873659adf0951d845f57dba1","sha1":"a64257186daa33b6b318943a457b6cf8d80b26b6","sha256":"9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21","sha512":"6441b40e85c86e21362c7061a6b9610f52a5c801b274b246711546ad45c68c3e7f2f242f1621b90967eaeebf52709545d06283c2015d6b9ad7f6f7d37fb14a88","ssdeep":"","tlshash":"6821d8dc958f223ef324ff6189b316606ba423f6bb18c5bcb199a8157e1cb910c48e14","first_seen":"2023-04-07T22:39:47Z","last_seen":"2026-04-30T09:46:46.852381Z","times_seen":9116,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/utility/robot/3/img/recaptcha.gif","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/interstitial/utility/robot/3/img/recaptcha.gif HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:40 GMT\r\ncontent-type: image/gif\r\ncontent-length: 65140\r\nserver: cloudflare\r\nlast-modified: Thu, 04 Sep 2025 10:56:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"68b97041-fe74\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 1482274\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BG1PvrVioQ4SHYwKPpzDVFzzLVv0CER1lBaAN%2BJ7rrmtJbF32Aib53BZAvKvRdKCMBpIQMezEbnKhOQgS18XipbYBj%2F0f2BnJ4dfbH7B\"}]}\r\ncf-ray: 9b81e5836e84b4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65140,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 616 x 164","md5":"a83efb86bdb5d741f6103b69d6979035","sha1":"c944477b467f4aee49b4c86f3622a3519679667c","sha256":"e62a51a868623e3d04ac6c1bf28c3d34dd1e7008b9d62753963b2e2272971774","sha512":"9638afd8bfa476d24261a76a49c0e6df11c39db07cc357025f40660a3140499f234956a6971fce1ef0b61f74edba0f39e54a9a75e81adcbe423415f93dd23709","ssdeep":"1536:pcrveQZWvRPMwQUWJicq8ILNUcB4nReNsnrIfOPBVeD:Orve+WUJohC0fO5QD","tlshash":"4853ce1fc2181eeafc3bcbb6520b8d160a415b751c54c613e6b9f1c5382c5de2b15bae","first_seen":"2024-10-23T13:11:53.403324Z","last_seen":"2026-04-16T12:24:04.644638Z","times_seen":1730,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-03T10:43:37.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /watch/lawayan-mo-bro-para-dumulas-ang-kiffy/ HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-powered-by: PHP/8.1.33\r\nx-dns-prefetch-control: on\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self';\r\nx-litespeed-cache-control: public,max-age=604800\r\nx-litespeed-tag: 257_post,257_URL.102ad4bd0442ed4e3202e6012db20832,257_Po.106054,257_\r\nx-litespeed-cache: miss\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tmDLuuzXnLL1ScEbMle5mI7nIKGP1m6E7tQp%2FFiMpafKiOIvNa9XmLcdhJlqcKsNMhEVg2mrE1TpOktWY1AOdN8JMb4%2BFWCuceX51Q%3D%3D\"}]}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nlast-modified: Sat, 03 Jan 2026 08:39:54 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=3600\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-encoding: br\r\ncf-ray: 9b81e56d2d261525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"reCAPTCHA","description":"reCAPTCHA is a free service from Google that helps protect websites from spam and abuse.","website":"https://www.google.com/recaptcha/","common_platform_enumeration":"","icon":"reCAPTCHA.svg","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"PHP:8.1.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":85880,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (34291)","md5":"cefc9b75dfa7558fedd098c1fefdb0a2","sha1":"d3dc41a867a7b8a9f98c81aa5dc3fd0bfb8672cd","sha256":"5ba9849978fc43e2f5b71ea039f946a3bf83ca35043fcb88347cc4b307b0719e","sha512":"be82ba3966e5529a113465889e0a094ec4e29a8275ae7771fffbfb2cc247788f5501886a0c127724bbffdc0f79fad34e4d26d07f9c77299f7db50acb7c00597e","ssdeep":"1536:jAn5/sHjrmZ8EGDbcZbqn1Ydc5XYEefQnyBptE6gx5gIg2rehu362aFqZ4MObSjA:j9vv+nQnyarjW","tlshash":"d0831a73f0a41136262bc2e9e9d0b72c6562d107ca024ea5fafc72ac8fc9ed1157764d","first_seen":"2026-01-03T10:44:24.50509Z","last_seen":"2026-01-03T10:44:24.50509Z","times_seen":1,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":39,"dns":20,"connect":1,"send":0,"wait":73,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/11/Sige-Babe-Lawayan-Mo-para-Dumulas-300x169.jpg","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/Sige-Babe-Lawayan-Mo-para-Dumulas-300x169.jpg HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 10 Jan 2026 04:48:05 GMT\r\netag: \"20d5-690a75fe-11fd453;;;\"\r\nlast-modified: Tue, 04 Nov 2025 21:54:06 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 8405\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LktJJC9pAL66uFgXvCGnuoXK5N66w1IcZ2HSFOpV%2FU7UFRmI5XJsJT9C78UxwCeXoQrcUo7UPV2yRsTHqxPd%2BDWZzzoRVhVDvKk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e56ec8bf5697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":8405,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 168x168, segment length 16, comment: \"Lavc59.37.100\", baseline, precision 8, 300x169, components 3","md5":"0beb4989ee9e1351176a549cb05b4bca","sha1":"37aa1431f1049740103d97e0493dfc6f3e5ff12c","sha256":"9ebf037d4480d4f269408706255a4ec1950a40a3271989963c0d5ce3d201fc2b","sha512":"a410fd8f7470a62ac94e8471d90ed83f66dd37c719e4c7c43fc9582a58771f390dea97bc7f977a7a256a17cffaab81be006dd0a639886e1e919256e83ab07b50","ssdeep":"192:nM1tMK38GEehJZhC8HiGMH5awkz72FYgb+4C3Oz6b5:0tMk8GESlMQwY72nx61","tlshash":"92029e279e6869f3f02cfdb521015a68faa6df8996be0d0b5231d29cc7510ddd23432c","first_seen":"2026-01-03T10:44:24.513947Z","last_seen":"2026-01-03T10:44:24.513947Z","times_seen":1,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/plugins/menu-icons/css/fontawesome/webfonts/fa-brands-400.woff2","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/plugins/menu-icons/css/fontawesome/webfonts/fa-brands-400.woff2 HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/wp-content/litespeed/css/59c3e913d4099ac65a7100d2c64b76d9.css?ver=b76d9\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 10 Jan 2026 10:43:38 GMT\r\netag: \"19a98-68bfde3c-ec5495;;;\"\r\nlast-modified: Tue, 09 Sep 2025 07:58:52 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 105112\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SPto%2BeX4NgD7xcGvRK0YMoKofD7Z3kUf%2FNGblJBNPcKWB48eBpBoUbXeADMzsr7oLfZXDxAKUphHE5iUel6%2BkbtIG5K9yWr95a4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9b81e573b8f65697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":105112,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 105112, version 769.1280","md5":"5531dd3a7705ec68a6c5f5d02b25da6f","sha1":"e219af1e3bbc2219359d3d0916e263b279c4abfd","sha256":"967394d1fd10b388d99bec9df2a3cab546a40f695f5c70641daf0b51af5604c6","sha512":"82b0f830bdfc46fffb185083b17bf704c7d13f99b9e3a0e39824e9ba39d0d1081ad8901751124d7ddcc5d5fe6787604006d354d74243fe363eea40926d887744","ssdeep":"3072:tGcjIvKG2mrLoczNr9zfxC+iFzPREOXljKFUQ:tPUvKWrLochr9jxC+yNz9Q","tlshash":"5ba312353ad5819c9d2110f85b7dbf2d52b6d97406cee1c040f820eed5964a8eeaeecc","first_seen":"2023-04-12T17:06:24Z","last_seen":"2026-04-30T15:21:35.305006Z","times_seen":1557,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":87,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/get/1923765?id=1923765\u0026pid=__clb-spot_1923765_ten_2\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=1\u0026uf=0\u0026freq=0","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /get/1923765?id=1923765\u0026pid=__clb-spot_1923765_ten_2\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=1\u0026uf=0\u0026freq=0 HTTP/1.1\r\nHost: guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nCookie: cart=1; cart_p=2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-route-id: config\r\nset-cookie: CHCK=1; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\nPTS=; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\nUID=260103054370930cf70f1340a1943bd0bbec; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\r\ncontent-encoding: gzip\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6143,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (6143), with no line terminators","md5":"f9fedab8cc6cd9e235718fd04282cff3","sha1":"5a391ba5855f4bb7cb46018df7effe733da34bff","sha256":"638f3bdb3dce6b24957960e36da70f07ab1ab33a35a1dd8a7f1e5fd4dd0f5b6b","sha512":"80edb5b6888fabe60b7fc0879652af314880d78e9814c03ed1b22adf6168c4785342af4859f37f669c51ff608bf31fe6354395cdd4a214cc5c3c70b3235762b8","ssdeep":"96:cZbWe05ick0o/bWe05ick0o6bWe05ick0yvbWe05ick0SRB9Cyxo:cZiekzkV/iekzkD6iekzkjviekzkVFo","tlshash":"5fc1f8b7392f0bd80581eab00a7def227d8c25c5c38d76b4569a09891b24b8d5874f26","first_seen":"2026-01-03T10:44:24.523456Z","last_seen":"2026-01-03T10:44:24.523456Z","times_seen":1,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/plugins/clean-tube-player/public/assets/img/wps-play-icon.svg","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/wp-content/plugins/clean-tube-player/public/player-x.php?q=cG9zdF9pZD0wJnR5cGU9dmlkZW8mdGFnPSUzQ3ZpZGVvJTIwaWQlM0QlMjJ3cHN0LXZpZGVvJTIyJTIwY2xhc3MlM0QlMjJ2aWRlby1qcyUyMHZqcy1iaWctcGxheS1jZW50ZXJlZCUyMiUyMGNvbnRyb2xzJTIwcHJlbG9hZCUzRCUyMmF1dG8lMjIlMjB3aWR0aCUzRCUyMjY0MCUyMiUyMGhlaWdodCUzRCUyMjI2NCUyMiUzRSUzQ3NvdXJjZSUyMHNyYyUzRCUyMmh0dHBzJTNBJTJGJTJGY2RuLnBhaGluZG90LmNjJTJGcGFoaW5kb3QlMkZEb3dubG9hZGVkJTJGMjYwMSUyRmxhd2F5YW4tbW8tYnJvLXBhcmEtZHVtdWxhcy1hbmcta2lmZnktMTI5ODQ4OS5tcDQlMjIlMjB0eXBlJTNEJTIydmlkZW8lMkZtcDQlMjIlM0UlM0MlMkZ2aWRlbyUzRQ==","date":"2026-01-03T10:43:39.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/plugins/clean-tube-player/public/assets/img/wps-play-icon.svg HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/wp-content/plugins/clean-tube-player/public/assets/css/ctpl-player.css?ver=2.3.0.1732480616\r\nCookie: UGVyc2lzdFN0b3JhZ2U=%7B%7D; _pk_id.125.8d89=da0b78d847ed0a92.1767437019.; _pk_ses.125.8d89=1; pp_main_1e4090d2a697a1a126244d851f2129fc=1; sb_main_b5c5807ccbf0ff617c5a4fedf124acd8=1; sb_count_b5c5807ccbf0ff617c5a4fedf124acd8=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=fc452f32-c345-4736-b87a-f9cba0e30227%3A2%3A1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 10 Jan 2026 10:43:39 GMT\r\netag: \"71e-67438e68-7436c0;br\"\r\nlast-modified: Sun, 24 Nov 2024 20:36:56 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 773\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 03 Jan 2026 10:43:39 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HXShHm4%2Ba1H7oZtL6nLrXC6obSxo5biDMuPLD7vx%2BfZBK952pNReJeW6P3%2FSisA3XpKKyoH0xIgsDLOGejC%2Bu9Kzj45bjsRPqHY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9b81e57a293f5697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":1822,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ae6dd48a64c33b2f717e2c3b91a9cc85","sha1":"692166598ef600def8f2ab4a7ff207711bbc4800","sha256":"bcda83ae83fa3d55ae3dcaede2593445d6d201c7049ee4c21088c2f28394c1c0","sha512":"4aa068673a629285d8325326b81812fe1bdfddcaf526a61d4ba28ccf07bacb7c8ca6a4fad8fe66e92807d6e9e7741ce7236fa0afc3722c1c65fb503bbd8033f3","ssdeep":"","tlshash":"0931f52e5308ed73d44a839ce790a022357666c5b6d4c3dad67daf1f93148a70c357d2","first_seen":"2023-05-11T21:39:45Z","last_seen":"2026-04-28T08:37:14.605495Z","times_seen":643,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.guidepaparazzisurface.com/static/video/bn/24b/e55/095/24be550950a7c6fb20244a506c13acd5ded0f432.mp4","fqdn":"www.guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /static/video/bn/24b/e55/095/24be550950a7c6fb20244a506c13acd5ded0f432.mp4 HTTP/1.1\r\nHost: www.guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:39 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 153602\r\nlast-modified: Mon, 15 Dec 2025 18:52:34 GMT\r\netag: \"694058f2-25802\"\r\nexpires: Wed, 04 Mar 2026 10:43:39 GMT\r\ncache-control: max-age=5184000\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS\r\naccess-control-expose-headers: Last-Modified\r\ncontent-range: bytes 0-153601/153602\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":153602,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"04d2bfd50d9359a53ed9531684e9da96","sha1":"24be550950a7c6fb20244a506c13acd5ded0f432","sha256":"647163abd604e867cca1fed5bdcb521f50121eee154b80596e62c9c37f146a35","sha512":"5e55e24b39958657fa25d6e2707d7c7f3a68e1487041bb7262c91c180eccc3a75a4028b5b7d0f80bc6b1fab9063d99411a5cdb638d428a4230cbb0a83e37a69c","ssdeep":"1536:5KHRxmfOPN5bHRrg7C9UKFethHwr/hYhZ4e3dn:5cmoNzg7ChF0wLh0nn","tlshash":"4ce3e1295ea26882f34cf37e48a1c829caf35363c4d6e14b788f49584f35225476f977","first_seen":"2025-08-25T16:09:43.16385Z","last_seen":"2026-04-28T18:21:54.037303Z","times_seen":333,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/utility/robot/3/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/interstitial/utility/robot/3/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:40 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 04 Sep 2025 10:55:55 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yVsPNcAS0EgNJLtk5ure%2BS6rUhOXQWvDl4bSsC58qN%2FsuPVvdj2wuRdN1RXjnFWul4%2BtNsvXr2ZqZXbLyQloc5jx7cX5UHukcTP8E458\"}]}\r\nage: 1480523\r\ncf-cache-status: HIT\r\netag: W/\"68b9703b-149a0\"\r\ncontent-encoding: br\r\ncf-ray: 9b81e5836e87b4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84384,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32025), with CRLF line terminators","md5":"6326c600df01e3bfb9b40e1aa08176f8","sha1":"6b4fb754d29b297b539bf62ba9b4eaf0f33f314a","sha256":"df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3","sha512":"641aaeecb9b89bcc319cabfef18f76faa9b1ba79f9de30c6d07f22d385fc78ac3f11a718fe9ec96f8a13d82e3dff4ca34944ccb449a4ef8e378ad65dfad581c0","ssdeep":"1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri","tlshash":"eb83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","first_seen":"2023-03-07T01:10:11Z","last_seen":"2026-04-30T16:00:46.504951Z","times_seen":11077,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/litespeed/css/02b73ee6b96d1426b45aec0059bb1fc9.css?ver=b1fc9","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/litespeed/css/02b73ee6b96d1426b45aec0059bb1fc9.css?ver=b1fc9 HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 10 Jan 2026 10:43:37 GMT\r\netag: \"a78-6958f2d7-7ae185;br\"\r\nlast-modified: Sat, 03 Jan 2026 10:43:35 GMT\r\ncontent-type: text/css\r\ncontent-length: 628\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y6fcjpswDcBfHSsNwaYc3PZ3Dml4vuDn6QoG3tNX1%2FNIEKoZDFL%2BJc5PNX%2FfyUpwGIBd1IhDYZTXB%2FESLqNKwNxIzm6Fc3P5Uss%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9b81e56eb8b85697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":2680,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2680), with no line terminators","md5":"c895bd4ca29593beae1369c83d822a86","sha1":"0090c35f98c10fd1d0076837b8a7e8e82f0900bd","sha256":"b3f39200be6d4a1dd05e6e0ddc6d59769217f6eb2b0a2e55c5d92447fe8e822b","sha512":"db8e789e1b4230ba86942e30621dfa1bd399d727b47b4ca2fcd2d6771450006f380005194c51d8f1de5696570ee688168458d55c3efdc916874138dbb4734098","ssdeep":"","tlshash":"b9518c85b2823def65064c1b914afe79a98e453384edcdfeec41e2d21ac25e9800f757","first_seen":"2024-12-07T19:15:32.248443Z","last_seen":"2026-04-29T19:47:03.776966Z","times_seen":418,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crossingshare.com/b5/c5/80/b5c5807ccbf0ff617c5a4fedf124acd8.js","fqdn":"crossingshare.com","domain":"crossingshare.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"crossingshare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 12 Nov 2025 21:18:09 GMT","end":"Tue, 10 Feb 2026 21:18:08 GMT"},"fingerprint":{"sha1":"BE:66:C4:96:C5:2D:CB:A2:6B:65:41:51:47:60:19:CC:6C:69:FE:F0","sha256":"90:63:89:D0:F2:25:F0:CF:30:61:9A:6D:D1:DD:41:94:AC:D0:52:A4:ED:60:01:C7:51:0D:37:99:0A:A4:6D:28"}}},"request":{"raw":"GET /b5/c5/80/b5c5807ccbf0ff617c5a4fedf124acd8.js HTTP/1.1\r\nHost: crossingshare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 10:43:37 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 30204\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 4\r\nHost: crossingshare.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b3cdfa86b0915e9b6ae1a4da3725b3a4\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78864,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"28bdcb392ca3f69a5aa02747529bb8f9","sha1":"df38a86258fd2c2a2c4f1b08c233be53c5ccf9a9","sha256":"90f3240c1245cf4fe667ae05e21bc2aceb1ed7019b9e0e01e0b9c05fa6b9c166","sha512":"47c7ca50894b26ae3d2fa64d0ab2084d1fc9f5422206abc9b94968c748d923c4fc9e54d32eeeb5ce9059f265afef2a60f3753a9bc5e46a1969ecbd786f7f2f4b","ssdeep":"1536:x9yUBg8XFOUGBAVTesz3WArOwlNyBv77NzxpQ2jFFwB1jIV:x3B91c8pUhxpJwDIV","tlshash":"847309487f82b15b5352a073627fd047f0256f1261ecd498d123e6a86f6c33af636b98","first_seen":"2026-01-03T10:44:24.536546Z","last_seen":"2026-01-03T10:44:24.536546Z","times_seen":1,"resource_available":true,"data":null}},"time_used":941,"timings":{"blocked":344,"dns":49,"connect":106,"send":0,"wait":113,"receive":108,"ssl":217},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"crossingshare.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"crossingshare.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/11/Yung-ang-Ganda-Mo-na-ang-Sherep-Mo-Pa-300x169.jpg","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/Yung-ang-Ganda-Mo-na-ang-Sherep-Mo-Pa-300x169.jpg HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 07 Jan 2026 12:02:21 GMT\r\netag: \"2184-690a5eec-11e919c;;;\"\r\nlast-modified: Tue, 04 Nov 2025 20:15:40 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 8580\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\nage: 254475\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cmoetr25pAmISC9JxfkrpLMmX0ln5LzOlQ0yNBHiYZNgrhHMLsDWogHiwJv5fb1HgYtV4P%2BlIxUTQJpAGaYFGO2UhF3d2dxKvO8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e56ec8c15697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":8580,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 168x168, segment length 16, comment: \"Lavc59.37.100\", baseline, precision 8, 300x169, components 3","md5":"9eee5f5795af22c4773a7eba4786cce1","sha1":"88e492a0960d2cde4101b53b018c8ca362a17bd5","sha256":"223d0542017f88a06bca8c6f20ed45b6f43bc1edd67a7d46b97dc2f21769d017","sha512":"ef867c7826ec04b9ad68543c41cb7a9e36d245189ded4e86c9a8b4637f06fe356c5fd344638ebb3d3e309bb4532f6eb4fecc709f5fa167c9a73e7520afe275cc","ssdeep":"192:nMMhmYrFzmKZno5JQfngzNdUo4wEDCAK/7sYwLaw8duW0Pg:brFyjXQ2MFDC/7sYm/Pg","tlshash":"7d02af7fb3ce4ef7eca57f331ec26881563184a1ba06629ab974db10da550c59802c7b","first_seen":"2026-01-03T10:44:24.54074Z","last_seen":"2026-01-03T10:44:24.54074Z","times_seen":1,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/api2/logo_48.png","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LdA2QEsAAAAAId6Kd8IJcsUKYIoPp2P7frTZ0Sd\u0026co=aHR0cHM6Ly9wYWhpbmRvdC52aXA6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=sbvp19oauwdi","date":"2026-01-03T10:43:40.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /recaptcha/api2/logo_48.png HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gstatic.com/recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/styles__ltr.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ncontent-length: 2228\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 01 Jan 2026 00:15:00 GMT\r\nexpires: Thu, 08 Jan 2026 00:15:00 GMT\r\ncache-control: public, max-age=604800\r\nage: 210520\r\nlast-modified: Tue, 03 Mar 2020 20:15:00 GMT\r\ncontent-type: image/png\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2228,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"ef9941290c50cd3866e2ba6b793f010d","sha1":"4736508c795667dcea21f8d864233031223b7832","sha256":"1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a","sha512":"a0c69c70117c5713caf8b12f3b6e8bbb9cdaf72768e5db9db5831a3c37541b87613c6b020dd2f9b8760064a8c7337f175e7234bfe776eee5e3588dc5662419d9","ssdeep":"","tlshash":"c34149bb68287f1be14b501d319001e4b5bb891327c8f24180bf974e4662eaad10f118","first_seen":"2023-04-05T07:17:57Z","last_seen":"2026-04-30T15:35:35.032693Z","times_seen":580372,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/utility/robot/3/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/interstitial/utility/robot/3/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pahindot.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:41 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 04 Sep 2025 10:55:55 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9FzVpExj00Jtr5xHDPoxgusb7RYxdjKtXWDovo57EQgsnvGV2XbkmO%2Fad2cqutGUrQGM0Riqn3mAVEZAOu%2B8uurC%2FBLnn60RDy6HFtzN\"}]}\r\ncf-cache-status: MISS\r\netag: W/\"68b9703b-2762\"\r\ncontent-encoding: br\r\ncf-ray: 9b81e5843f54b4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10082,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"efffc36bcbcc0aaea3978474151a0122","sha1":"f9b9c23faef40025dcfe3f1dfdb158ce2855b83b","sha256":"4da2338ad196c676f6a310b1b91f8e4c3e513fa07cb3b7022ca9ecc4868db398","sha512":"52afe7b12764a6297e3cb430eca352a3d778802b79e3cbeb4a2c22b0e070496abd9bfb78823573aa1e4a0bff1f52f79dd9ab92a55341324c175c3ce811d01aeb","ssdeep":"192:iFJuLiEWiFiacrcYmen1VuOTlmGFF3bH/fA68IDeIToS:iFMLiEWiFiHn1VuexjrHnAyF","tlshash":"2222420409b9d921c45ca02f203e2666f7240a539d7abfd4bbc941045fdd96f79b823f","first_seen":"2025-09-21T13:47:45.283292Z","last_seen":"2026-04-16T12:24:04.652167Z","times_seen":1651,"resource_available":false,"data":null}},"time_used":486,"timings":{"blocked":11,"dns":0,"connect":0,"send":0,"wait":475,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"drimquop.com/in/dip?event_id=ebdbe513-9447-492c-a4bd-3b5a9a84982d","fqdn":"drimquop.com","domain":"drimquop.com","tld":"com"},"ip":{"addr":"195.201.208.168","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bn.adbestnet.com/fao2.php","date":"2026-01-03T10:43:42.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"banner.infrapu.sh","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 01:51:50 GMT","end":"Mon, 09 Mar 2026 01:51:49 GMT"},"fingerprint":{"sha1":"15:BF:4B:65:46:08:22:8D:E9:38:46:3E:D4:56:B1:02:94:D7:17:A4","sha256":"84:24:50:A3:0F:03:EA:54:61:3B:C5:4D:33:7B:1D:61:84:80:E3:A6:B0:1F:90:D1:38:32:01:C5:35:7B:D2:F6"}}},"request":{"raw":"GET /in/dip?event_id=ebdbe513-9447-492c-a4bd-3b5a9a84982d HTTP/1.1\r\nHost: drimquop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://bn.adbestnet.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bn.adbestnet.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0\r\ndate: Sat, 03 Jan 2026 10:43:42 GMT\r\ncontent-length: 0\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":157,"timings":{"blocked":66,"dns":4,"connect":25,"send":0,"wait":25,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"playhubconnect.com/bn/24b/e55/095/24be550950a7c6fb20244a506c13acd5ded0f432.mp4","fqdn":"playhubconnect.com","domain":"playhubconnect.com","tld":"com"},"ip":{"addr":"104.18.15.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:39.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"playhubconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 04:50:46 GMT","end":"Wed, 11 Feb 2026 05:50:34 GMT"},"fingerprint":{"sha1":"08:40:B9:AE:36:A1:74:E1:BA:0F:75:D5:97:DA:7B:24:68:4A:EC:AF","sha256":"A8:FB:61:7B:C9:91:75:23:4D:3A:56:E0:47:39:85:A1:36:66:5A:69:9F:F6:18:D0:70:9B:87:10:19:BC:7D:0D"}}},"request":{"raw":"GET /bn/24b/e55/095/24be550950a7c6fb20244a506c13acd5ded0f432.mp4 HTTP/1.1\r\nHost: playhubconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Sat, 03 Jan 2026 10:43:39 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 153602\r\ncf-ray: 9b81e57c0c070b55-OSL\r\nx-amz-id-2: HjuIOPuHWoHjRvobiLi/Orkx2IjN0KKHfdv3J6Pgx63kDreXGngj79nuD0ttV/n6wKVMxo7LXnc=\r\nx-amz-request-id: 8BDHCMTRR16C8564\r\nlast-modified: Thu, 10 Jul 2025 14:05:43 GMT\r\netag: \"04d2bfd50d9359a53ed9531684e9da96\"\r\nx-amz-server-side-encryption: AES256\r\nage: 707174\r\ncontent-range: bytes 0-153601/153602\r\nexpires: Tue, 03 Feb 2026 10:43:39 GMT\r\ncache-control: public, max-age=2678400\r\ncf-cache-status: HIT\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":153602,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"04d2bfd50d9359a53ed9531684e9da96","sha1":"24be550950a7c6fb20244a506c13acd5ded0f432","sha256":"647163abd604e867cca1fed5bdcb521f50121eee154b80596e62c9c37f146a35","sha512":"5e55e24b39958657fa25d6e2707d7c7f3a68e1487041bb7262c91c180eccc3a75a4028b5b7d0f80bc6b1fab9063d99411a5cdb638d428a4230cbb0a83e37a69c","ssdeep":"1536:5KHRxmfOPN5bHRrg7C9UKFethHwr/hYhZ4e3dn:5cmoNzg7ChF0wLh0nn","tlshash":"4ce3e1295ea26882f34cf37e48a1c829caf35363c4d6e14b788f49584f35225476f977","first_seen":"2025-08-25T16:09:43.16385Z","last_seen":"2026-04-28T18:21:54.037303Z","times_seen":333,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":58,"dns":5,"connect":6,"send":0,"wait":16,"receive":26,"ssl":49},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"playhubconnect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"js.onclckmn.com/static/onclicka.js","fqdn":"js.onclckmn.com","domain":"onclckmn.com","tld":"com"},"ip":{"addr":"45.133.44.53","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bn.adbestnet.com/fao2.php","date":"2026-01-03T10:43:41.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"js.onclckmn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Dec 2025 02:33:47 GMT","end":"Mon, 16 Mar 2026 02:33:46 GMT"},"fingerprint":{"sha1":"D5:DE:9C:E8:78:2B:C4:B8:02:51:22:18:96:12:3B:D8:09:AA:40:E2","sha256":"9C:0E:E8:D1:C2:FD:66:78:B3:06:19:0F:A9:0B:19:CA:40:C0:F3:87:FF:45:B6:19:A7:9E:34:71:10:61:65:1D"}}},"request":{"raw":"GET /static/onclicka.js HTTP/1.1\r\nHost: js.onclckmn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bn.adbestnet.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:41 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx/1.18.0\r\nlast-modified: Wed, 24 Dec 2025 08:35:27 GMT\r\netag: W/\"694ba5cf-24109\"\r\ncontent-encoding: gzip\r\nexpires: Sat, 03 Jan 2026 10:48:41 GMT\r\ncache-control: max-age=300\r\nx-cdn-host-id: AH1742\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":147721,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"5e56aea0751aea0d183bd0b17fda1a63","sha1":"51119482d2a57c64aa99be99026b11e464f1e1f0","sha256":"b193f09412f87411bab8904863bea3018d054936f15135f9ba2ae5e3f9c69638","sha512":"a176bdf8424b78ff51c5db203bb43ff51b2ac9e54d4d901d616d133a8c49e5da51b0dec4edfe79eb7735d7c8c4e27250e69473073a3d106f367c1d6a535430bb","ssdeep":"1536:O18MdnC5OPz8QP9r2RcZSgtK8sBggAO12FoX50FtQySd8uj6DzKEVKf7lbe0etsz:mFSGSgtqZCqd8uODG0K5y0etsz","tlshash":"8ae34adcb2d2b07407e75099d83f1206b73a1a16b80c9058f6a6e9c17878ddb5237f7a","first_seen":"2025-12-24T09:34:21.963037Z","last_seen":"2026-01-15T10:33:49.065141Z","times_seen":202,"resource_available":true,"data":null}},"time_used":137,"timings":{"blocked":56,"dns":5,"connect":23,"send":0,"wait":23,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/litespeed/css/cff1af02fb3a202040a9577fd11fec43.css?ver=fec43","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.423Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/litespeed/css/cff1af02fb3a202040a9577fd11fec43.css?ver=fec43 HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 10 Jan 2026 10:43:37 GMT\r\netag: \"3351-6958f2d7-7ae17c;br\"\r\nlast-modified: Sat, 03 Jan 2026 10:43:35 GMT\r\ncontent-type: text/css\r\ncontent-length: 2196\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Qk6yOCRbNU8Sv7gcB7SOQ8l40VsgGAYGTPXybduD95KMyoZ1ihOWTJXlQ8rmOcAVGFWl3e3o05pYSKEtlOFBCzzaaxh83ReD9bQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9b81e56eb8b75697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":13137,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (13137), with no line terminators","md5":"7243f621e9d2c9ac10f75f774f22a982","sha1":"95197e538f9396ff3e73ac0c163c6a1b4229fd43","sha256":"ebb0ea3b26632d04320e12a73b777deaf5b4be9ccbdee0cd33b17db8c2b782b9","sha512":"9f8a1d0986f886187a141adf5380f838eba876be62980991302687d9508ec52b2bfe6102af593953cedda1cc20f80d30779d1d186b5e7bd24f53a9febfbb686a","ssdeep":"192:/T+LdjYOfEs8I2+kYClbP3S+nx/inNF9MCy4tOQmt4:KjYCaP3SQ/inNF9NOF4","tlshash":"8742a4e5ee0f05e8b732c403d795e24c589af330edc95c12f85b9a1c59f136e1686ab8","first_seen":"2025-07-05T21:57:39.989532Z","last_seen":"2026-01-31T03:16:26.778804Z","times_seen":13,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/11/Ang-Cute-Mo-Pa-Naman-Tapos-ang-Yummy-Mo-Pa-300x169.jpg","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.446Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/Ang-Cute-Mo-Pa-Naman-Tapos-ang-Yummy-Mo-Pa-300x169.jpg HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 07 Jan 2026 12:02:22 GMT\r\netag: \"2ec8-690a7fa9-12045e8;;;\"\r\nlast-modified: Tue, 04 Nov 2025 22:35:21 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 11976\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\nage: 254474\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vtJ9vKRJjlB1bs%2FiUObwhizSeV3qcDbVWo8xF4qLmVk82H8YRBgcZS1g%2FypzajJfijd%2BjEHHEKkutBiZ9CC2wCo1V%2BHn%2FoXD7K4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e56ec8c25697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":11976,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 144x144, segment length 16, comment: \"Lavc59.37.100\", baseline, precision 8, 300x169, components 3","md5":"9bbdb349bbd5ccaef3339649e7edde48","sha1":"f90f2d74271c7ce7e2dde2071f80de594b978b80","sha256":"6d649043f78e5760c1d47773651b87b03059a369635bacb76c23770bf524e497","sha512":"87a5ca4072932ae382b06dc960c3fce62216c079545b4a3b54f5918c74cc0c4f4bd88c58da456d983c94013b9b6b6ea03330d48ac81ad4c1069983c317ae2532","ssdeep":"192:nMQM/dEqaMW/dwRBsaQea8cJkGNTNDQJbFx77Wk44WHmdIr5f5NERpQPK4SLQ8BC:ZMj1cdoba8ShNpQFx7yk4VHmkf5YSKJO","tlshash":"4032c03a6665ca70c80e9c2d194f230a77477ef9e371832b9070d6b298921f277221e8","first_seen":"2026-01-03T10:44:24.565615Z","last_seen":"2026-01-03T10:44:24.565615Z","times_seen":1,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/11/Pwede-Sya-Ngayon-Kaya-Napalaban.jpg","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/Pwede-Sya-Ngayon-Kaya-Napalaban.jpg HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 07 Jan 2026 12:57:30 GMT\r\netag: \"515a-690a7237-11fa03a;;;\"\r\nlast-modified: Tue, 04 Nov 2025 21:37:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 20826\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=n7SVb8DbAfi6FAasqsUSdsaP6%2F8WRAoVJ75h51uUjbiwxzucRyKoYH%2BHzlvXJSkau3lxRcf2Y2YvbjYHiQUH63AyKqQzuQysVTo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e56ed8cd5697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":20826,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 168x168, segment length 16, comment: \"Lavc59.37.100\", baseline, precision 8, 640x360, components 3","md5":"11f38d1e9534f24b01f235fb08a01384","sha1":"5a7f63cdbdb70f3ffefd613a371cb9d6de63a004","sha256":"b0f939e95d565f0b56c40ac7fa87d24a5d76af439c51ae13192bf3cdfd662984","sha512":"99c9a62413b8f1b0a577ab9e99fd94b641cb9239bd46e23945a602bea308d0b716fdf8a962f030229a1bfc413d02263fdc2259dc350820f7c50d18692450b0a6","ssdeep":"384:XG5iAczaLPtJgciLf31CnJyVceuDTEm1ydcyYt8to0/Ivi0ThxF:XG5iAczm1M8Uh84m1dt8to0/IvBTR","tlshash":"a992e1e1b614c484fb23f3b970c59bd5638892b139253eae3806b3a5552e4783ee4cd7","first_seen":"2026-01-03T10:44:24.570915Z","last_seen":"2026-01-03T10:44:24.570915Z","times_seen":1,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/litespeed/js/730104da0c43a0daf16996e1a93478ca.js?ver=478ca","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/litespeed/js/730104da0c43a0daf16996e1a93478ca.js?ver=478ca HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"1912-6958f2d7-7ae18b;br\"\r\nlast-modified: Sat, 03 Jan 2026 10:43:35 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 1875\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9nxyFnXcAYVhDMMjb9yGWEZwVKSVkwx0amKr5Iz%2BNyYP3FY1Jn5%2FIuFMCxRh9W2gnqRO8%2Bmg%2Bas53nclovsAh0zyR4kCVSotOe8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9b81e56ee8d25697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6418,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (6416)","md5":"4647d28fa4a32eb283205785ddf3c3d8","sha1":"26586753fc737f0007aeab17b0f569d8f16f7592","sha256":"8c7be054e758689036fb6e1d0c13b4f5e2ddc88b35fcb852d2cee5b56b6b8f26","sha512":"bd54edcc8ac4e5a74c380f81e17d0afa994fd81e1e0188083775597eca477d003f39123a71563da6a4a8388abdea562cd04a39e9bb7f8c280006a40888e34a12","ssdeep":"192:oLjhKG0GzDQ93j6NBYiGnMIaFgA7Ep0fvG38U3u4voVlxwnw2ZFp:oLjhKOzDQ93jRiGnMItY+38U3uYodm","tlshash":"05d1835e778674e6c23b26e5f53e221170328c9de743aca52f78602d5420da52273fab","first_seen":"2023-08-13T05:28:52Z","last_seen":"2026-04-12T07:20:59.943356Z","times_seen":12,"resource_available":true,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":132,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crossingshare.com/1e/40/90/1e4090d2a697a1a126244d851f2129fc.js","fqdn":"crossingshare.com","domain":"crossingshare.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"crossingshare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 12 Nov 2025 21:18:09 GMT","end":"Tue, 10 Feb 2026 21:18:08 GMT"},"fingerprint":{"sha1":"BE:66:C4:96:C5:2D:CB:A2:6B:65:41:51:47:60:19:CC:6C:69:FE:F0","sha256":"90:63:89:D0:F2:25:F0:CF:30:61:9A:6D:D1:DD:41:94:AC:D0:52:A4:ED:60:01:C7:51:0D:37:99:0A:A4:6D:28"}}},"request":{"raw":"GET /1e/40/90/1e4090d2a697a1a126244d851f2129fc.js HTTP/1.1\r\nHost: crossingshare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 10:43:37 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 38102\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: crossingshare.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9d56d5a90306ab71130cc5e45bd23c59\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":106871,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"27d863f77f9d01b2d1562ce230e5dd4a","sha1":"f89e6262f5a7e906ca2b26ca4e4cb53d5cb5c969","sha256":"b0b3c2a1c322a32943bcda15e9560946f21d92ed04a542a54d4621481871554f","sha512":"a05613b0f4d6df2d38e3c7c5da2be3eda2a57c636ed38cbff84b0fd9b2aa302f2fdcae9dcb121a464a31c70d2bc63e5f1c74392bf3282a0e4651fc5940804983","ssdeep":"3072:EMW17aMWZ44SXdVY4lDKVVbZ4i3/9j9y1UglGewsw:EMWw194Lwsw","tlshash":"1ca3c788bfd0f06d129a6473223f950ff11a4e42505ce558e907f8e66abc32af47db64","first_seen":"2026-01-03T10:44:24.588296Z","last_seen":"2026-01-03T10:44:24.588296Z","times_seen":1,"resource_available":true,"data":null}},"time_used":818,"timings":{"blocked":300,"dns":49,"connect":92,"send":0,"wait":95,"receive":93,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"crossingshare.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"crossingshare.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/12/cropped-icon-32x32.png","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/12/cropped-icon-32x32.png HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 07 Jan 2026 12:01:05 GMT\r\netag: \"254-6947c6ce-9d774e;;;\"\r\nlast-modified: Sun, 21 Dec 2025 10:07:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 596\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=6,i=?0\r\nage: 254553\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8f6Dte7p8VAj4eRy4nI6dqYiHQJBWcx%2BF2OPr4btIoQ6QM7Is2IsvhkIghW%2Bfo7Xt9cFLf0VwveBO0C8afAm2p5v%2BF6pANqWfNw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e575a90b5697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":596,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit colormap, non-interlaced","md5":"fa62a2514ee773ce9666bf75af205692","sha1":"0a9a761a65da1a93c9e25060a9a143b33d7cc6d3","sha256":"877370861beeaf907366406681c586ae7e2ab9f15653f7e32d18ed192a9b88d4","sha512":"2a372dedfe43d6478f76e48057f0f77bf5976e9b1c79b2355f990d72a999a032699bd7c102617bd7329727a0c2b0b618a4fc39d8fdcb2df34b7a75a00c8a9069","ssdeep":"","tlshash":"45f00cb315507c3893c68330602dd8ae9ff159af722fa60b5171607e2a51352e0e5723","first_seen":"2026-01-03T10:44:24.592759Z","last_seen":"2026-01-03T10:44:24.592759Z","times_seen":1,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"playhubconnect.com/bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4","fqdn":"playhubconnect.com","domain":"playhubconnect.com","tld":"com"},"ip":{"addr":"104.18.15.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:39.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"playhubconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 04:50:46 GMT","end":"Wed, 11 Feb 2026 05:50:34 GMT"},"fingerprint":{"sha1":"08:40:B9:AE:36:A1:74:E1:BA:0F:75:D5:97:DA:7B:24:68:4A:EC:AF","sha256":"A8:FB:61:7B:C9:91:75:23:4D:3A:56:E0:47:39:85:A1:36:66:5A:69:9F:F6:18:D0:70:9B:87:10:19:BC:7D:0D"}}},"request":{"raw":"GET /bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4 HTTP/1.1\r\nHost: playhubconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Sat, 03 Jan 2026 10:43:39 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 893503\r\ncf-ray: 9b81e57c1c120b55-OSL\r\nx-amz-id-2: 0svUZMc2Lq98EidBfw11PA0pOn1dXWaJC9u2gDLhYO6s/F9aa4y+qroXCZh/f1zqATK9vuZj0752fl3VU8Z2WPvEPHq9tjC5mZULWoMqGP4=\r\nx-amz-request-id: 7CMMWS4G41P7PJXS\r\nlast-modified: Thu, 15 May 2025 12:07:44 GMT\r\netag: \"df7722471047d1868385d3c71b777260\"\r\nx-amz-server-side-encryption: AES256\r\ncf-cache-status: HIT\r\nage: 1489374\r\nexpires: Tue, 03 Feb 2026 10:43:39 GMT\r\ncache-control: public, max-age=2678400\r\ncontent-range: bytes 0-893502/893503\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":749940,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"f6b2a34b980861762711b10b8f493b12","sha1":"0b0f4feda961c5fa06b71e6e67af6c3c2983f7f8","sha256":"809344e800bd3f7418fbc6a28e193f6b602a9c864268e6177f5fe4f3975cac16","sha512":"d7009838215942308458785155cb33b749a22af49b8ebe1df54d1c339e7c9afa7122956bd38a0140326829b766644298af08ead4b2d5b16d91b8cfe446f81c03","ssdeep":"12288:1rroUhH4pOe8AFxlOfEEwc6kVvq5yvGJqdQdUCMIKU+yMH/IPond34TW:1rRxYA0lJEwTkVvqWGL4jByMfI8doC","tlshash":"20f4227212c11d5be9385f3a94f756e356d8cc6822728f02b88e71355bb49ea2f27cc4","first_seen":"2026-01-03T10:44:24.608931Z","last_seen":"2026-01-03T10:44:24.608931Z","times_seen":1,"resource_available":false,"data":null}},"time_used":441,"timings":{"blocked":71,"dns":4,"connect":6,"send":0,"wait":23,"receive":269,"ssl":57},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"playhubconnect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.guidepaparazzisurface.com/static/video/bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4","fqdn":"www.guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /static/video/bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4 HTTP/1.1\r\nHost: www.guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:39 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 893503\r\nlast-modified: Mon, 15 Dec 2025 18:53:35 GMT\r\netag: \"6940592f-da23f\"\r\nexpires: Wed, 04 Mar 2026 10:43:39 GMT\r\ncache-control: max-age=5184000\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS\r\naccess-control-expose-headers: Last-Modified\r\ncontent-range: bytes 0-893502/893503\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":893503,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"df7722471047d1868385d3c71b777260","sha1":"ba936a047c1b983e1a14a47eba40bfb48ae2dbc5","sha256":"6eef643ed38be4036db1bb4f2447f35c886d8ece2b4aff0922598e413216d1fa","sha512":"20792c2370847b7100e0d18d5168319beae0bd8190459df32b456a72fcd32e2739fdff6533d31b50e0727e290229800424482ba450ba632ddcc2b4cc4afcc155","ssdeep":"24576:1rRxYA0lJEwTkVvqWGL4jByMfI8doc/TKA+rj:T+A0lJEwMmL4jByYo8Ts/","tlshash":"251522b312c11c6be6286b3798e716d763d9cd6561328e02b44d70311bf49ea2f2bdd4","first_seen":"2025-05-09T01:45:52.872445Z","last_seen":"2026-04-24T07:04:07.90058Z","times_seen":2320,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":117,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/jserror?type=banner_static\u0026bavar=0\u0026build=1.0.658\u0026zoneid=\u0026e=Error\u0026m=BCLC\u0026ab=0\u0026trid=\u0026url=https%3A%2F%2Fpahindot.vip%2Fwatch%2Flawayan-mo-bro-para-dumulas-ang-kiffy%2F","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /jserror?type=banner_static\u0026bavar=0\u0026build=1.0.658\u0026zoneid=\u0026e=Error\u0026m=BCLC\u0026ab=0\u0026trid=\u0026url=https%3A%2F%2Fpahindot.vip%2Fwatch%2Flawayan-mo-bro-para-dumulas-ang-kiffy%2F HTTP/1.1\r\nHost: guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nCookie: cart=1; cart_p=2; CHCK=1; PTS=; UID=2601030543f843a59bed6a4d31bcec042177\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:40 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-creative1.com%2Fsb%2Finterstitial%2Futility%2Frobot%2F3%2Findex.html\u0026l=1524\u0026fd=890","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 21:42:11 GMT","end":"Wed, 25 Mar 2026 21:42:10 GMT"},"fingerprint":{"sha1":"DD:BF:7F:13:B7:AA:5E:41:65:09:9E:F1:FE:42:C4:9A:00:0B:F4:E6","sha256":"FE:3B:B4:EE:8B:60:30:E2:9F:CB:E9:E2:06:C0:A4:2E:FF:35:D3:22:85:14:1C:B8:13:CD:72:FB:EA:5C:E9:98"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-creative1.com%2Fsb%2Finterstitial%2Futility%2Frobot%2F3%2Findex.html\u0026l=1524\u0026fd=890 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 10:43:40 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":773,"timings":{"blocked":336,"dns":28,"connect":109,"send":0,"wait":97,"receive":0,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/11/Ang-Ganda-Mo-na-Nga-ang-Libog-Mo-Pa-Jackpot-si-Jowa-300x169.jpg","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/Ang-Ganda-Mo-na-Nga-ang-Libog-Mo-Pa-Jackpot-si-Jowa-300x169.jpg HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 07 Jan 2026 12:02:21 GMT\r\netag: \"22f1-690a609c-11eaa62;;;\"\r\nlast-modified: Tue, 04 Nov 2025 20:22:52 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 8945\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\nage: 254475\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=higO7v1EJ%2FqeIjOEV7uAmwJX40%2FrQgcMpcd%2BbdRRnyAQt5GHSubc6mDx%2BsPDZkRGjbE9ncV4RgoXGu2t2N931oqwae3N73rUcME%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e56ec8c05697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":8945,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 96x96, segment length 16, comment: \"Lavc59.37.100\", baseline, precision 8, 300x169, components 3","md5":"5c1f35e711e0d2d6e74c0ddc15f33967","sha1":"21b64abce5d166499c19c06835d66a917813cc04","sha256":"f2b3fac52f43f0b375dd452a0bfa045a4bf569601bebd4a7a511770d9b81191e","sha512":"d5391dad455dd1b5e7c2341bee642a46a7df53ca89caa436733ea850f06e2b26318025068ed65ed5c28fcc36e50577d9bd4471479eae17464e354b3f349925f0","ssdeep":"192:nMSV3uLDfhfTXu58pPbj8BzpH+nsIpM00BlkRtqCOoV+GRQ:+xbXi8pPb45pH+sV00zkRwXPyQ","tlshash":"a302ae63a190854a0c5b2cb04df46925ea4f8e31fecf6ac42635c7d161b52df2d582c0","first_seen":"2026-01-03T10:44:24.616404Z","last_seen":"2026-01-03T10:44:24.616404Z","times_seen":1,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/Elusive-Icons.ttf","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/Elusive-Icons.ttf HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/wp-content/litespeed/css/cff1af02fb3a202040a9577fd11fec43.css?ver=fec43\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 10 Jan 2026 10:43:38 GMT\r\netag: \"f0c8-68bfde3c-ec54e8;br\"\r\nlast-modified: Tue, 09 Sep 2025 07:58:52 GMT\r\ncontent-type: application/x-font-ttf\r\ncontent-length: 36671\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9cylOTpo7AIZryJlzQKXiKHXZCIAy0C1YDv7biGOPiLUihe47TPfdv1fjsXYDefs6mENWqbc0KY%2FMAg600dbMgDqdSRsmejtGNg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9b81e57388f25697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":61640,"size_decoded":0,"mime_type":"application/x-font-ttf","magic":"TrueType Font data, 11 tables, 1st \"OS/2\", 14 names, Macintosh, type 1 string, Elusive-IconsVersion 0.0Elusive-Iconslsv-cn                                                     ","md5":"0aa7370ca99273f0781c986fb49fef6f","sha1":"711718b13ac33b35345facd6df0fd68c79942dce","sha256":"0090d6f3caaa99e927b0191c03193c437daea9c277e4a9b30b1943a5a1803c87","sha512":"3d29b877f2efb3679e3f69ac24593eda2ce2fbbc8012b6b6d95d77b9b5940e7e4c9713347850fdce6dea2a29e5596f282b17622d533ee563f3d39676b3884199","ssdeep":"768:0KPz/8UE3MleBjBEZpxZWQ91j7NljjsBd7DQxUiBetYRdPUwtPU0fK9j:r/9xkBSDQg1/jQdAxUMNP0","tlshash":"2c536c163752e081f963063d06ee801922bf6d561301f76b5d9b6eb3a1b116e346f3ce","first_seen":"2023-04-06T10:08:02Z","last_seen":"2026-04-29T03:19:13.706905Z","times_seen":288,"resource_available":false,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/plugins/clean-tube-player/public/player-x.php?q=cG9zdF9pZD0wJnR5cGU9dmlkZW8mdGFnPSUzQ3ZpZGVvJTIwaWQlM0QlMjJ3cHN0LXZpZGVvJTIyJTIwY2xhc3MlM0QlMjJ2aWRlby1qcyUyMHZqcy1iaWctcGxheS1jZW50ZXJlZCUyMiUyMGNvbnRyb2xzJTIwcHJlbG9hZCUzRCUyMmF1dG8lMjIlMjB3aWR0aCUzRCUyMjY0MCUyMiUyMGhlaWdodCUzRCUyMjI2NCUyMiUzRSUzQ3NvdXJjZSUyMHNyYyUzRCUyMmh0dHBzJTNBJTJGJTJGY2RuLnBhaGluZG90LmNjJTJGcGFoaW5kb3QlMkZEb3dubG9hZGVkJTJGMjYwMSUyRmxhd2F5YW4tbW8tYnJvLXBhcmEtZHVtdWxhcy1hbmcta2lmZnktMTI5ODQ4OS5tcDQlMjIlMjB0eXBlJTNEJTIydmlkZW8lMkZtcDQlMjIlM0UlM0MlMkZ2aWRlbyUzRQ==","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/plugins/clean-tube-player/public/player-x.php?q=cG9zdF9pZD0wJnR5cGU9dmlkZW8mdGFnPSUzQ3ZpZGVvJTIwaWQlM0QlMjJ3cHN0LXZpZGVvJTIyJTIwY2xhc3MlM0QlMjJ2aWRlby1qcyUyMHZqcy1iaWctcGxheS1jZW50ZXJlZCUyMiUyMGNvbnRyb2xzJTIwcHJlbG9hZCUzRCUyMmF1dG8lMjIlMjB3aWR0aCUzRCUyMjY0MCUyMiUyMGhlaWdodCUzRCUyMjI2NCUyMiUzRSUzQ3NvdXJjZSUyMHNyYyUzRCUyMmh0dHBzJTNBJTJGJTJGY2RuLnBhaGluZG90LmNjJTJGcGFoaW5kb3QlMkZEb3dubG9hZGVkJTJGMjYwMSUyRmxhd2F5YW4tbW8tYnJvLXBhcmEtZHVtdWxhcy1hbmcta2lmZnktMTI5ODQ4OS5tcDQlMjIlMjB0eXBlJTNEJTIydmlkZW8lMkZtcDQlMjIlM0UlM0MlMkZ2aWRlbyUzRQ== HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://pahindot.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-powered-by: PHP/8.1.33\r\nx-dns-prefetch-control: on\r\nx-litespeed-cache-control: no-cache\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\ncontent-type: text/html; charset=UTF-8\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Go%2FfAT2lv9cnPUAnZ%2F55GgU2ZErLzoHrobdhcGpoka8eM85MeuDYrH7jHyElFU%2BdHh7ocTO7LtUkl%2FKAGKem5mOWGcWWkGV9%2Fy8%3D\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9b81e573d8fb5697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.1.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":6786,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (447)","md5":"9a07b3db55bd1a7f8560985a59c22a74","sha1":"bb3d57a1f9481751abd6736b38f0e9483e4b56c4","sha256":"07453740d5f4fe7b8a6b967a83bdbd32dce22f4e908d281b3c52b763f0ed02c5","sha512":"7ff61d83e40dbbeab2120781e2440bad229de02fa1e41765733d9bde1f0d295a5f47db6f0fbdd7c64d183fafe3386eafe61e1e0e4f3cd30e4d04c2e3148e0af9","ssdeep":"192:7AmpzDi/iV65aaaju5AJNVG0d01zaQ7bEiF+WkGh:pzDi/iV65aaajMp0d01O24iF+nm","tlshash":"a5e195a6cb1c5247463352449fbc42d8167ea23395224dfffd93f81c12ce29c21abad6","first_seen":"2026-01-03T10:44:24.621616Z","last_seen":"2026-01-03T10:44:24.621616Z","times_seen":1,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"playhubconnect.com/bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4","fqdn":"playhubconnect.com","domain":"playhubconnect.com","tld":"com"},"ip":{"addr":"104.18.15.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:39.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"playhubconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 04:50:46 GMT","end":"Wed, 11 Feb 2026 05:50:34 GMT"},"fingerprint":{"sha1":"08:40:B9:AE:36:A1:74:E1:BA:0F:75:D5:97:DA:7B:24:68:4A:EC:AF","sha256":"A8:FB:61:7B:C9:91:75:23:4D:3A:56:E0:47:39:85:A1:36:66:5A:69:9F:F6:18:D0:70:9B:87:10:19:BC:7D:0D"}}},"request":{"raw":"GET /bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4 HTTP/1.1\r\nHost: playhubconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Sat, 03 Jan 2026 10:43:39 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 893503\r\ncf-ray: 9b81e57c2c180b55-OSL\r\nx-amz-id-2: 0svUZMc2Lq98EidBfw11PA0pOn1dXWaJC9u2gDLhYO6s/F9aa4y+qroXCZh/f1zqATK9vuZj0752fl3VU8Z2WPvEPHq9tjC5mZULWoMqGP4=\r\nx-amz-request-id: 7CMMWS4G41P7PJXS\r\nlast-modified: Thu, 15 May 2025 12:07:44 GMT\r\netag: \"df7722471047d1868385d3c71b777260\"\r\nx-amz-server-side-encryption: AES256\r\ncf-cache-status: HIT\r\nage: 1489374\r\nexpires: Tue, 03 Feb 2026 10:43:39 GMT\r\ncache-control: public, max-age=2678400\r\ncontent-range: bytes 0-893502/893503\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":711895,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"691399d6e73b7b9d9fa384ba6169058b","sha1":"d2fc11d1917df353b95d6483039a53bbc2d9ea07","sha256":"fc5d4aa885e3a3d2c7d440ce3501bce92aa23a7aa302be9ed6d72fc2fae6bbdd","sha512":"bb481ba9a1d226e8e2fd34b1e6e30f0d2561ba458efc40ad73abad7ddac99ff73671d5736eaaba5746930a8a8bb89b697982c1ffa6022a49369f127fb9f97c4d","ssdeep":"12288:1rroUhH4pOe8AFxlOfEEwc6kVvq5yvGJqdQdUCMIKU+yMH/IPondl:1rRxYA0lJEwTkVvqWGL4jByMfI8dl","tlshash":"c8e4127203c11c6be9686b7a98f755e756c8cc6812718f03b88db0315bb49ea2f27dd4","first_seen":"2026-01-03T10:44:24.624235Z","last_seen":"2026-01-03T10:44:24.624235Z","times_seen":1,"resource_available":false,"data":null}},"time_used":464,"timings":{"blocked":78,"dns":1,"connect":1,"send":0,"wait":21,"receive":287,"ssl":62},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"playhubconnect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/styles__ltr.css","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LdA2QEsAAAAAId6Kd8IJcsUKYIoPp2P7frTZ0Sd\u0026co=aHR0cHM6Ly9wYWhpbmRvdC52aXA6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=sbvp19oauwdi","date":"2026-01-03T10:43:39.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/styles__ltr.css HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 42555\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 30 Dec 2025 07:38:58 GMT\r\nexpires: Wed, 30 Dec 2026 07:38:58 GMT\r\ncache-control: public, max-age=31536000\r\nage: 356681\r\nlast-modified: Mon, 08 Dec 2025 05:00:52 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":83364,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"1e1e7ef5663f5b92b4516b94446dde2c","sha1":"e986dbaced4170ab6fd5852aa806ba6ed1e8cc14","sha256":"f71a14f41c5875c258dcece1dddf55d50a26b8e5bfb626ea07b948551f40fcad","sha512":"5ef4991a1755e9cdc4d2497050219de08745fb473b7d945f52abf572ae921472a64cba48a5bcd590a0ed63f3f4ae9c456d77db584b8637b65b03a5b45fe5c7f8","ssdeep":"1536:1fGNbFoZJSUYOOaLnAW8+IcTOImIdthXwW5l1Dx7:1GRFauOxLA/+IcTOuLX1","tlshash":"dc838e7338513b39fc2b9b616186b9edf21cc423e5514bfab5497a20c3db19a8253b07","first_seen":"2025-12-11T19:34:34.541785Z","last_seen":"2026-04-25T20:54:43.677056Z","times_seen":44147,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/webworker.js?hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LdA2QEsAAAAAId6Kd8IJcsUKYIoPp2P7frTZ0Sd\u0026co=aHR0cHM6Ly9wYWhpbmRvdC52aXA6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=sbvp19oauwdi","date":"2026-01-03T10:43:40.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"47:99:FB:97:02:C2:03:A6:B6:60:07:03:D3:B7:37:4B:99:D1:7F:1F","sha256":"01:72:D6:C3:FA:E5:7E:F5:EF:15:83:1F:EE:A5:BF:37:4C:78:02:B4:CD:BF:8D:EF:62:9F:53:B1:B3:1A:B6:EB"}}},"request":{"raw":"GET /recaptcha/api2/webworker.js?hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LdA2QEsAAAAAId6Kd8IJcsUKYIoPp2P7frTZ0Sd\u0026co=aHR0cHM6Ly9wYWhpbmRvdC52aXA6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=sbvp19oauwdi\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\ncross-origin-embedder-policy: require-corp\r\nreport-to: {\"group\":\"recaptcha\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha\"}]}, {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\nexpires: Sat, 03 Jan 2026 10:43:40 GMT\r\ndate: Sat, 03 Jan 2026 10:43:40 GMT\r\ncache-control: private, max-age=300\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncross-origin-resource-policy: same-site\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"884763df105a7eb061a62c244fa7832c","sha1":"bfc4d2601e5af803e2dccd964e469f624f167be1","sha256":"cd968daeca8c270c3ea51f8eecfa315a5d805bca263da5ef6f9c4c64254afc9a","sha512":"096a5e005a5b9f72fb552517cf5d4615f74c0111d6b97f23f9c989107426292f11090eb097ed66b5f20e05aacd401ec18ad33eae5b97705188b7c34649abf80a","ssdeep":"","tlshash":"6eb012231596dc280c00420ad427d3b8e012d138e65180f181342fe856249f34110940","first_seen":"2025-12-11T19:34:34.569022Z","last_seen":"2026-01-20T22:35:06.704801Z","times_seen":43041,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/api2/webworker.js?hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho","date":"2026-01-03T10:43:40.238Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 362552\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 30 Dec 2025 13:09:27 GMT\r\nexpires: Wed, 30 Dec 2026 13:09:27 GMT\r\ncache-control: public, max-age=31536000\r\nage: 336853\r\nlast-modified: Mon, 08 Dec 2025 05:00:52 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":849529,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (553)","md5":"ca956219876073e2f13e8fd63f0b9d26","sha1":"230a172e1fcf2036687131567200dee5fd200a09","sha256":"392c00d030e58635abc9339f903f23a2ebf2cc0ac6371363105549689dfe0206","sha512":"4bbbd3cd9f929185245ca260e7a2521763d3d90b47bbb1d1205819b40b84918e552d482ad8db91c9258e2504891a91efa190041d210c5290c63f38014adbf53c","ssdeep":"6144:QmhF4MqL/nL5k0wmjxRqyFF83/p50YFqrnMI74ggRLXal17bRc0wMwVmbIyWHVEI:zlqT1qyOEnMKabwBRIm0Epzax4XssBQ","tlshash":"040528d8b15278a2a332f4f14467241da77f966ed4084d1df29899f03fb4409a0bbeb7","first_seen":"2025-12-11T19:34:34.525691Z","last_seen":"2026-04-28T23:51:59.987409Z","times_seen":49446,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":7,"dns":0,"connect":0,"send":0,"wait":9,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/litespeed/css/343ffb4d1f0c91aec9d15fc93b8aab07.css?ver=aab07","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.435Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/litespeed/css/343ffb4d1f0c91aec9d15fc93b8aab07.css?ver=aab07 HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 10 Jan 2026 10:43:37 GMT\r\netag: \"e770-6958f2d7-7ae187;br\"\r\nlast-modified: Sat, 03 Jan 2026 10:43:35 GMT\r\ncontent-type: text/css\r\ncontent-length: 10512\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r%2BnosSOrlVNWIH2g%2BAS2%2FpNsWrZ8KfKEPvmQ0IyDRzG7%2FwpDyvDrIJHj%2F3AfF2bade%2Ftm%2FZ625GWUfP1H%2BrlKrHCl4uBb4pibw4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9b81e56ec8bc5697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":59248,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (59248), with no line terminators","md5":"19b60050744e24fff53b37ea3b28bc68","sha1":"0c85ea0adbab1f6743fd86e1cc9ec66540644e66","sha256":"dbe6627b70b6dc2840fd95e511141e4382657adee9fe3bc25c05aabe659842fc","sha512":"5618baf94acff82ba25629e0394b42510ee9721d856dc5456b9f8d8539c3e6f19392a4943cadeb436127f7001e02f0034da70b4e87f27c1d3c455b3a9f1452d1","ssdeep":"1536:WIyDOP6EzmocCF8E+a0eRM7YAH/8DUDpQomPKeC:Hu","tlshash":"6943a662b868216cb633c632fed176c531349222d61347eef8e6f634c68b9550773a8d","first_seen":"2025-05-31T10:55:39.384646Z","last_seen":"2026-01-03T10:44:24.640641Z","times_seen":4,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/11/Bakit-Pupunta-Pa-sa-Kama-kung-Pwede-Naman-sa-Sofa.jpg","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/Bakit-Pupunta-Pa-sa-Kama-kung-Pwede-Naman-sa-Sofa.jpg HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 07 Jan 2026 14:37:46 GMT\r\netag: \"419b-690a7c14-1201e61;;;\"\r\nlast-modified: Tue, 04 Nov 2025 22:20:04 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 16795\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i98E5LuAXyB%2F5u6COfTf2yxEqkac5ZywXVx4O1tSR0jJBd0lIZ95EuTnuWXI5vlCa8c%2BnV0%2FKQFZyo8UbLyNpYY47T%2BZR%2BPXUbE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e56ee8cf5697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":16795,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 144x144, segment length 16, comment: \"Lavc59.37.100\", baseline, precision 8, 640x360, components 3","md5":"5ffd15d12d94bdfe09d8e40b38cba479","sha1":"94021eeebd4525d26c35122cd5d0ad5980f8e682","sha256":"4ba23877e647c4e55440d47df6bdc0d4d496a37fed7d43a5bf0d5b4d4d9fa3dd","sha512":"ea04e527e46e8daa2bda2d1fafa22bb8b242ec301e6d11d48a937d97cf7d5feab403d80831b3a147a14dac357d5ec28e137a47ac071a5816dd69048e93b11512","ssdeep":"384:W6b33VzhIwBhzXyp83v5tAXhakZ7e1hFnHwHhzekjJaaKtS:/b33ZS0ye5tOhaGihFnHwBzzJaayS","tlshash":"ee72d144c24f5fc0c54668f04b9f22928346ca590afc8cf99eb75b59faa480f31826e8","first_seen":"2026-01-03T10:44:24.643766Z","last_seen":"2026-01-03T10:44:24.643766Z","times_seen":1,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pahindot.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 362552\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 30 Dec 2025 13:09:27 GMT\r\nexpires: Wed, 30 Dec 2026 13:09:27 GMT\r\ncache-control: public, max-age=31536000\r\nage: 336851\r\nlast-modified: Mon, 08 Dec 2025 05:00:52 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":849529,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (553)","md5":"ca956219876073e2f13e8fd63f0b9d26","sha1":"230a172e1fcf2036687131567200dee5fd200a09","sha256":"392c00d030e58635abc9339f903f23a2ebf2cc0ac6371363105549689dfe0206","sha512":"4bbbd3cd9f929185245ca260e7a2521763d3d90b47bbb1d1205819b40b84918e552d482ad8db91c9258e2504891a91efa190041d210c5290c63f38014adbf53c","ssdeep":"6144:QmhF4MqL/nL5k0wmjxRqyFF83/p50YFqrnMI74ggRLXal17bRc0wMwVmbIyWHVEI:zlqT1qyOEnMKabwBRIm0Epzax4XssBQ","tlshash":"040528d8b15278a2a332f4f14467241da77f966ed4084d1df29899f03fb4409a0bbeb7","first_seen":"2025-12-11T19:34:34.525691Z","last_seen":"2026-04-28T23:51:59.987409Z","times_seen":49446,"resource_available":true,"data":null}},"time_used":371,"timings":{"blocked":96,"dns":11,"connect":21,"send":0,"wait":31,"receive":134,"ssl":76},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mat.143flix.com/matomo.php?action_name=Lawayan%20Mo%20Bro%20para%20Dumulas%20ang%20Kiffy\u0026idsite=125\u0026rec=1\u0026r=187999\u0026h=10\u0026m=43\u0026s=38\u0026url=https%3A%2F%2Fpahindot.vip%2Fwatch%2Flawayan-mo-bro-para-dumulas-ang-kiffy%2F\u0026_id=da0b78d847ed0a92\u0026_idn=1\u0026send_image=0\u0026_refts=0\u0026pdf=1\u0026qt=0\u0026realp=0\u0026wma=0\u0026fla=0\u0026java=0\u0026ag=0\u0026cookie=1\u0026res=1280x1024\u0026pv_id=lMkad5\u0026pf_net=39\u0026pf_srv=73\u0026pf_tfr=3\u0026pf_dm1=932\u0026uadata=%7B%7D","fqdn":"mat.143flix.com","domain":"143flix.com","tld":"com"},"ip":{"addr":"104.21.14.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"143flix.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Dec 2025 01:29:12 GMT","end":"Thu, 19 Mar 2026 02:28:52 GMT"},"fingerprint":{"sha1":"42:CD:EA:9C:51:C5:C9:F3:AE:E9:12:BB:86:80:40:E3:7A:83:40:BD","sha256":"F8:7D:AE:93:56:C7:B4:2B:28:D4:9D:78:20:01:C9:21:41:B3:0E:8F:97:AE:9F:95:AF:EA:C4:10:AB:4F:D1:E9"}}},"request":{"raw":"POST /matomo.php?action_name=Lawayan%20Mo%20Bro%20para%20Dumulas%20ang%20Kiffy\u0026idsite=125\u0026rec=1\u0026r=187999\u0026h=10\u0026m=43\u0026s=38\u0026url=https%3A%2F%2Fpahindot.vip%2Fwatch%2Flawayan-mo-bro-para-dumulas-ang-kiffy%2F\u0026_id=da0b78d847ed0a92\u0026_idn=1\u0026send_image=0\u0026_refts=0\u0026pdf=1\u0026qt=0\u0026realp=0\u0026wma=0\u0026fla=0\u0026java=0\u0026ag=0\u0026cookie=1\u0026res=1280x1024\u0026pv_id=lMkad5\u0026pf_net=39\u0026pf_srv=73\u0026pf_tfr=3\u0026pf_dm1=932\u0026uadata=%7B%7D HTTP/1.1\r\nHost: mat.143flix.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\r\nContent-Length: 0\r\nOrigin: https://pahindot.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 No Content\r\nx-powered-by: PHP/8.3.23\r\ntk: N\r\naccess-control-allow-origin: https://pahindot.vip\r\naccess-control-allow-credentials: true\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pT7Dan7C%2BFYoLL8DClb2wvbmK9L1uFQ%2FLzFgnLZUsdHC9ofvDuXJT7RBPMITQRC3dffzoVoCb0gCsGE%2Bh1gvBFE8vYHLipi1UA9bCAw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b81e5763ca05693-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:8.3.23","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"mat.143flix.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"crossingshare.com/ren.gif?sid=H4sIAAAAAAAC_1RSz2skRRSuzuaw6MFfizdh8LT-YNIz0zOZcQ_RGKPBmMRsJMJerK6qnpSp6Wqruqcng0I0IAteZi_iwUPnm2TjahD9A2TXieAhINheDLJhYQVPgr_YixeZycDig3rvFV9Bve_73oe7ySmpIKEnK6_prlSKTlWLbuHiugy5Tm1haa1QcovupcK6DGvepUJnmEz7uVLFK7pPFV4WbFNPld2S65bcUmFeGhHoztQIhYwOG6Viwy165WKp6qFj_n-3iQNLHfD2KXkUkucP3Q2uQLIBwtZXc8Juxjp69qVWomisDdr84I1wM9RpiNb9NjAOgvBg_Bra5oR8MgEdHowZQLf3hgzgy5xMPH4bfngwHhN-e_9sUl9BhPD5g0jbAwg1gKQDML0DyX8kAONYWkbYur6kTUq3zlA6RHMyee9vyDQnk7cvIGx9Oatkp3BZqySWOrToBBlkZwDZHCBKjhB3Hcj0CCz-AJL_QKbuLSJs7S1bpSF5NmIvgwGodZAMj3SQBA6SyEGLnxQ8t-6xEq3UggZn065HPY8L323Uy65LG2waCXsfkvfAzDYis41N2YNJbsFuZLDcgY1z4ry-jTbPkAqC1BKklCCVBGlMkLazfa5s2WbXubKJXxrX8rhWsr6Om7t0X8dNERJQ04Ph2Z6M3rE7YPG5fjewvK-Hifpx1qc-z3ajU_LIUC3ns5tPY1OcFPwqq9bdacb8wA2CWmmaVakXCB6Uyh5lvA4rM0g7MRKiK3OySt5DJHNy_udf4dMjWHUEJh8GTZ4ATTPQjQzd8DCSId1qK90sMgauM0TxJOItZ1edksf6q2uzt0amvTX3JAQ7fv78nzf-_U19BGYyRCbD2_I7gqa62l_VKdlb1aklXy9HsWzJLh0aejmmsZj8_FWxlWrDF-Zs78YLbAgM28M1YeNFGnIZNi35YlZyLsy8NkyQbxbsuvBXErsxm5gwiRZXXpxfaEVGWCt1OACVOXng02fAZE4uXJwZLWv1nztg0TZsdDxztzIKWE3gRw6UzMkrV-5AieOZ73sff_vu79dA_QxW3Ofki-Obf5BR7NqraBoHNN5B2MrQNhnaKgNVPdjkXD-OzPHMT-M_fOX0fWWcPV8Zde1MKytPCtWyX6nV6zUR1HhQ4ZVyhTeqrmh4tFHzGl4Vsc3lm3_98l8AAAD__3lmOrFTBAAA","fqdn":"crossingshare.com","domain":"crossingshare.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:39.529Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"crossingshare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 12 Nov 2025 21:18:09 GMT","end":"Tue, 10 Feb 2026 21:18:08 GMT"},"fingerprint":{"sha1":"BE:66:C4:96:C5:2D:CB:A2:6B:65:41:51:47:60:19:CC:6C:69:FE:F0","sha256":"90:63:89:D0:F2:25:F0:CF:30:61:9A:6D:D1:DD:41:94:AC:D0:52:A4:ED:60:01:C7:51:0D:37:99:0A:A4:6D:28"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSz2skRRSuzuaw6MFfizdh8LT-YNIz0zOZcQ_RGKPBmMRsJMJerK6qnpSp6Wqruqcng0I0IAteZi_iwUPnm2TjahD9A2TXieAhINheDLJhYQVPgr_YixeZycDig3rvFV9Bve_73oe7ySmpIKEnK6_prlSKTlWLbuHiugy5Tm1haa1QcovupcK6DGvepUJnmEz7uVLFK7pPFV4WbFNPld2S65bcUmFeGhHoztQIhYwOG6Viwy165WKp6qFj_n-3iQNLHfD2KXkUkucP3Q2uQLIBwtZXc8Juxjp69qVWomisDdr84I1wM9RpiNb9NjAOgvBg_Bra5oR8MgEdHowZQLf3hgzgy5xMPH4bfngwHhN-e_9sUl9BhPD5g0jbAwg1gKQDML0DyX8kAONYWkbYur6kTUq3zlA6RHMyee9vyDQnk7cvIGx9Oatkp3BZqySWOrToBBlkZwDZHCBKjhB3Hcj0CCz-AJL_QKbuLSJs7S1bpSF5NmIvgwGodZAMj3SQBA6SyEGLnxQ8t-6xEq3UggZn065HPY8L323Uy65LG2waCXsfkvfAzDYis41N2YNJbsFuZLDcgY1z4ry-jTbPkAqC1BKklCCVBGlMkLazfa5s2WbXubKJXxrX8rhWsr6Om7t0X8dNERJQ04Ph2Z6M3rE7YPG5fjewvK-Hifpx1qc-z3ajU_LIUC3ns5tPY1OcFPwqq9bdacb8wA2CWmmaVakXCB6Uyh5lvA4rM0g7MRKiK3OySt5DJHNy_udf4dMjWHUEJh8GTZ4ATTPQjQzd8DCSId1qK90sMgauM0TxJOItZ1edksf6q2uzt0amvTX3JAQ7fv78nzf-_U19BGYyRCbD2_I7gqa62l_VKdlb1aklXy9HsWzJLh0aejmmsZj8_FWxlWrDF-Zs78YLbAgM28M1YeNFGnIZNi35YlZyLsy8NkyQbxbsuvBXErsxm5gwiRZXXpxfaEVGWCt1OACVOXng02fAZE4uXJwZLWv1nztg0TZsdDxztzIKWE3gRw6UzMkrV-5AieOZ73sff_vu79dA_QxW3Ofki-Obf5BR7NqraBoHNN5B2MrQNhnaKgNVPdjkXD-OzPHMT-M_fOX0fWWcPV8Zde1MKytPCtWyX6nV6zUR1HhQ4ZVyhTeqrmh4tFHzGl4Vsc3lm3_98l8AAAD__3lmOrFTBAAA HTTP/1.1\r\nHost: crossingshare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27836202=1; slecb5c5807ccbf0ff617c5a4fedf124acd8=[6308898]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 10:43:39 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: crossingshare.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: c089a4ab6e71311937630bd75de1d766\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":387,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":387,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"crossingshare.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"crossingshare.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.guidepaparazzisurface.com/static/video/bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4","fqdn":"www.guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /static/video/bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4 HTTP/1.1\r\nHost: www.guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:39 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 893503\r\nlast-modified: Mon, 15 Dec 2025 18:53:35 GMT\r\netag: \"6940592f-da23f\"\r\nexpires: Wed, 04 Mar 2026 10:43:39 GMT\r\ncache-control: max-age=5184000\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS\r\naccess-control-expose-headers: Last-Modified\r\ncontent-range: bytes 0-893502/893503\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":893503,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"df7722471047d1868385d3c71b777260","sha1":"ba936a047c1b983e1a14a47eba40bfb48ae2dbc5","sha256":"6eef643ed38be4036db1bb4f2447f35c886d8ece2b4aff0922598e413216d1fa","sha512":"20792c2370847b7100e0d18d5168319beae0bd8190459df32b456a72fcd32e2739fdff6533d31b50e0727e290229800424482ba450ba632ddcc2b4cc4afcc155","ssdeep":"24576:1rRxYA0lJEwTkVvqWGL4jByMfI8doc/TKA+rj:T+A0lJEwMmL4jByYo8Ts/","tlshash":"251522b312c11c6be6286b3798e716d763d9cd6561328e02b44d70311bf49ea2f2bdd4","first_seen":"2025-05-09T01:45:52.872445Z","last_seen":"2026-04-24T07:04:07.90058Z","times_seen":2320,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":99,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.guidepaparazzisurface.com/static/video/bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4","fqdn":"www.guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /static/video/bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4 HTTP/1.1\r\nHost: www.guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:39 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 893503\r\nlast-modified: Mon, 15 Dec 2025 18:53:35 GMT\r\netag: \"6940592f-da23f\"\r\nexpires: Wed, 04 Mar 2026 10:43:39 GMT\r\ncache-control: max-age=5184000\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS\r\naccess-control-expose-headers: Last-Modified\r\ncontent-range: bytes 0-893502/893503\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":893503,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"df7722471047d1868385d3c71b777260","sha1":"ba936a047c1b983e1a14a47eba40bfb48ae2dbc5","sha256":"6eef643ed38be4036db1bb4f2447f35c886d8ece2b4aff0922598e413216d1fa","sha512":"20792c2370847b7100e0d18d5168319beae0bd8190459df32b456a72fcd32e2739fdff6533d31b50e0727e290229800424482ba450ba632ddcc2b4cc4afcc155","ssdeep":"24576:1rRxYA0lJEwTkVvqWGL4jByMfI8doc/TKA+rj:T+A0lJEwMmL4jByYo8Ts/","tlshash":"251522b312c11c6be6286b3798e716d763d9cd6561328e02b44d70311bf49ea2f2bdd4","first_seen":"2025-05-09T01:45:52.872445Z","last_seen":"2026-04-24T07:04:07.90058Z","times_seen":2320,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":150,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/12/Umiyot-ng-Tindera-sa-Bakery.jpg","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/12/Umiyot-ng-Tindera-sa-Bakery.jpg HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 09 Jan 2026 18:52:38 GMT\r\netag: \"2fe1-693cd235-9d2d79;;;\"\r\nlast-modified: Sat, 13 Dec 2025 02:40:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 12257\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=y1V5Zxr%2Fjtezq0t99tn5lIgv%2FrE3MRExJaiTTVT5OBMPyJ2HVh%2BthkM8SioOSDJXmEZjHQCUMc%2B%2Br9Lx%2Bh8tQmspwdv7uxt%2Bdio%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e56ed8cb5697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":12257,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 120x120, segment length 16, comment: \"Lavc59.37.100\", baseline, precision 8, 640x360, components 3","md5":"8181ea1aa2998268e636435e96eaf0ce","sha1":"343d462f36101dd0f41e0b3a5699d2203ba00d4f","sha256":"c17c59a009270143e09efdc670277dd0ef12326ed40389997543c13a4320d565","sha512":"f11b6d587f117027782ed30b9ed0a6c94e6b9bd4b733888ddd711469e1697268a436e70084b90ca92291096b522bf11f88cce730d43594389df243c968769885","ssdeep":"192:XSpKoRElj8IcWokFtRMePLug+eYdzXfKfM6KJFzXBQVnMb6yovWUVXRh0oDQ5vil:XSAiFWzt/zupzSDgBQVntyovWUVXzP8o","tlshash":"a142c0c354a41b826b495e8de79176237f5413e3da94cb332fba06dde8319260cc2898","first_seen":"2026-01-03T10:44:24.653218Z","last_seen":"2026-01-03T10:44:24.653218Z","times_seen":1,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/get/1885262?id=1885262\u0026pid=__clb-spot_1885262_pxr_4\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=1\u0026uf=0\u0026freq=0","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /get/1885262?id=1885262\u0026pid=__clb-spot_1885262_pxr_4\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=1\u0026uf=0\u0026freq=0 HTTP/1.1\r\nHost: guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nCookie: cart=1; cart_p=2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-route-id: config\r\nset-cookie: PTS=; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\nUID=2601030543507378fb1389454d910c997f09; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\nCHCK=1; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\r\ncontent-encoding: gzip\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6146,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (6146), with no line terminators","md5":"842a8d8a73d003fa1c3e73163eb66c90","sha1":"e4d4a76ddff1676a55a5f59c60c2814fcafe8cea","sha256":"a3d8c6e994751d20cd10ee3e71de80a5647d117295e2e3c45cb8dce344d4b50b","sha512":"5c051114e2a4f6826262a7ee3856247e76b42fb980d6917d73810925e2e4878c5826bbbf39b06054c0ab8e1e3c676d9587ca9f72a67ffb2faadc4940bd0617f7","ssdeep":"192:8zLy5wr77wYkLy5wr77wYRLy5wr77wYFLy5wr77wYmEnqyo:WyKDwpyKDwKyKDwoyKDwso","tlshash":"1cc10bfec445c63e8f743112442efe98a447654357e102b6f249e9b53b4520a9e7e8c1","first_seen":"2026-01-03T10:44:24.658289Z","last_seen":"2026-01-03T10:44:24.658289Z","times_seen":1,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/get/1890614?id=1890614\u0026pid=__clb-spot_1890614_sps_6\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=1\u0026uf=0\u0026freq=0","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /get/1890614?id=1890614\u0026pid=__clb-spot_1890614_sps_6\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=1\u0026uf=0\u0026freq=0 HTTP/1.1\r\nHost: guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nCookie: cart=1; cart_p=2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-route-id: config\r\nset-cookie: CHCK=1; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\nPTS=; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\nUID=2601030543f843a59bed6a4d31bcec042177; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\r\ncontent-encoding: gzip\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6143,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (6143), with no line terminators","md5":"98f42a1c8f42d79002816bcdccb3e609","sha1":"3c3d897d29742009579c35f5e1dff4c192dabb39","sha256":"a0edf726454ae5e3b218f94b66aa0e8b5b0832c927a8a8ea22de2ae9c945aeeb","sha512":"1bfb8158952d1bbfc71aa9b3551a47a1979b5a593ad7746e5a9388b6bdf7ce70204632dd5478b2774dc5efc5efcb17788e892a5c41b5b8b77d4f456408720b4c","ssdeep":"96:KuMzD/DrCFuMzD/DrTCDuMzD/DrMcuMzD/DrggRr9GMqo:Hi7ib7iyiPRso","tlshash":"c4c1eaed3dc6cc80b674a38079709c4c8448f99e2387ee65d25f3428fe566b593af096","first_seen":"2026-01-03T10:44:24.663247Z","last_seen":"2026-01-03T10:44:24.663247Z","times_seen":1,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:300,400,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css?family=Roboto:300,400,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 03 Jan 2026 10:43:40 GMT\r\ndate: Sat, 03 Jan 2026 10:43:40 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"1f04e9e49d52374a409de4887e47180d","sha1":"8fee2f920567a574448d1aa6565c95951b68f9b5","sha256":"10cf0680b9dc5b310d265479bcebc5b380474bf2e8da9361cf8be458d183994e","sha512":"5fde8f721343e9c6254229e791ed64d6b47f28fad7690f7c83fa8c29e3112d0974f65ae0c63f09acd3e026dcb56c4de3fe0ffe37c464eb326b0495aa6c03b31c","ssdeep":"384:pKf5KgKPKrKyUK/qY4+K4KYKpKfMK1KWK6KyhK/qY4XKNKtK4KfdKkKDK3KyQK/9:pCJmwBUiRDfMTcfFBhiEymdmtC0BQiVb","tlshash":"df7210a1041750009b834ce223cebf35fe1f52117152d0b5abfdab6b9dcbc66526939d","first_seen":"2025-11-19T00:20:32.486705Z","last_seen":"2026-04-15T20:27:38.048842Z","times_seen":6026,"resource_available":false,"data":null}},"time_used":297,"timings":{"blocked":129,"dns":1,"connect":22,"send":0,"wait":32,"receive":0,"ssl":106},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bn.adbestnet.com/a33.php?id=34324","fqdn":"bn.adbestnet.com","domain":"adbestnet.com","tld":"com"},"ip":{"addr":"104.21.90.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://ruxella.com/out3.php","date":"2026-01-03T10:43:41.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"adbestnet.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 00:59:49 GMT","end":"Mon, 02 Mar 2026 01:58:19 GMT"},"fingerprint":{"sha1":"17:9B:31:D7:0F:D7:C3:02:EE:74:3A:82:E3:67:02:B1:D2:41:C7:8F","sha256":"E2:E9:72:B8:71:FE:90:B7:CA:64:92:0A:66:1C:F5:62:4B:2E:30:E0:32:81:03:D9:CB:17:57:7A:D2:6B:DD:FE"}}},"request":{"raw":"GET /a33.php?id=34324 HTTP/1.1\r\nHost: bn.adbestnet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ruxella.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:41 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: PHP/7.4.33, PleskLin\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iiiaxkXn5DEvH8o3ktp3xy9olg4LWSPV0IJx5uLfTgHdDdSoKZ4SvARh17NTF8nAR9AilD6Wdy7yZjyIN%2Bz%2BgAwCAzkO0q2PWU%2FaSMvC%2BBg%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9b81e58589c72efa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":547,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"e6b134f7a0bca30958ff2c7c45886f9c","sha1":"30d78c3087343a57e4a5e8681cfbeca6ae1ae4ca","sha256":"072c5146bf4b6146cb47d6f6dcd93186ef8610d449b6d28b4dd88994d11bbe8f","sha512":"cdf332743c5d0b7898ba9c48124a3f8f0842b2cf7b3df18978f8b8ccedbb4e02af4dca6be6b084d1770cdcfc89144e25cbf543e7c5b54be34a4eefd5d0e7bd91","ssdeep":"","tlshash":"fbf0566b6c7f102d591580ae117b955c3152300b51b7c3f87c59e6821fd077e50497dc","first_seen":"2025-10-11T13:46:03.54375Z","last_seen":"2026-01-15T16:01:53.597622Z","times_seen":514,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":31,"dns":4,"connect":1,"send":0,"wait":56,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"video.sacdnssedge.com/video/ol_8ec9eb7381da66471a177ccfd1abb952.mp4","fqdn":"video.sacdnssedge.com","domain":"sacdnssedge.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://ruxella.com/out3.php","date":"2026-01-03T10:43:41.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1894120159.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 19 Nov 2025 11:12:15 GMT","end":"Tue, 17 Feb 2026 11:12:14 GMT"},"fingerprint":{"sha1":"8B:3E:32:D0:D6:38:B0:7C:60:91:F6:D3:6F:B6:9F:BA:58:A8:98:50","sha256":"21:E0:91:75:BE:B5:3A:EB:F4:36:B2:EC:7D:AF:21:0D:D2:C9:58:AB:BC:4F:F3:08:0D:0B:C8:CC:44:41:94:DE"}}},"request":{"raw":"GET /video/ol_8ec9eb7381da66471a177ccfd1abb952.mp4 HTTP/1.1\r\nHost: video.sacdnssedge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=425984-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ruxella.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Sat, 03 Jan 2026 10:43:41 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 1943534\r\nvary: accept-encoding\r\naccess-control-expose-headers: Content-Disposition\r\ncontent-disposition: inline; filename=\"ol_8ec9eb7381da66471a177ccfd1abb952.mp4\"\r\netag: \"f5eede0149dea2a140e88178c809352b\"\r\nexpires: Sat, 03 Jan 2026 11:43:19 GMT\r\nlast-modified: Sat, 03 Jan 2026 10:43:19 GMT\r\nx-amz-request-id: 182f3e48-6039-491e-b885-b651a0076410\r\nx-seaweedfs-expires-s3: true\r\ncache-control: max-age=7200\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nage: 0\r\ncf-cache-status: HIT\r\ncf-ray: 9b81e5021a5b9b83-FRA\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-77-nzt: EwwBX63NDQH3EgAAAAwBuUwKDAH3AwAAAAwBT3/Y+AG3AAAAAA\r\nx-77-nzt-ray: 2a494a153702478f02f3586950f22d12\r\nx-77-cache: HIT\r\nx-77-age: 18\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\ncontent-range: bytes 425984-2369517/2369518\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":180170,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"3ac1d43a9e3b1eebcbdc610f7cffcf8b","sha1":"1bccd7ba907e17b9d97b77c6d2b96cf3260f04f7","sha256":"c94572120ac767dec68452bfce6fd9919ff94c00e4483a2816bcd8d85a9cf8bb","sha512":"4d5669f00b998692c52e66ae1db5cfdee1561f40dd423e7d789965842eef1df5fa190110969a373651514a3653d07a1672b3360efca95b9519036e7076e64920","ssdeep":"3072:BJc3ExMgQSXX5ZItVlxyobhCwkTWK3Mg8Wut4HfkO9cyspxmjKYHWQk+uO7IwSck:BC0xSwCtVlTEOU8WuykO9MTQHtS2s","tlshash":"8b041239d0b107523ecbea3d1c69165ae418fd0b486ee7651fea7f26742e074cb47a10","first_seen":"2026-01-03T10:44:24.673597Z","last_seen":"2026-01-03T10:44:24.673597Z","times_seen":1,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"onclckinp.com/keywords","fqdn":"onclckinp.com","domain":"onclckinp.com","tld":"com"},"ip":{"addr":"116.202.249.56","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bn.adbestnet.com/fao2.php","date":"2026-01-03T10:43:42.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 02:02:57 GMT","end":"Wed, 25 Mar 2026 02:02:56 GMT"},"fingerprint":{"sha1":"C4:80:D6:E8:F3:2B:FD:8A:89:D9:CF:8B:78:3F:74:35:34:B3:68:8A","sha256":"DF:07:A2:74:C6:6C:63:AA:37:DD:AA:4F:E0:F5:C5:D7:9C:B8:28:C4:9C:45:3F:F7:BC:1B:0A:AE:7F:38:FF:B1"}}},"request":{"raw":"OPTIONS /keywords HTTP/1.1\r\nHost: onclckinp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://bn.adbestnet.com/\r\nOrigin: https://bn.adbestnet.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx/1.24.0\r\ndate: Sat, 03 Jan 2026 10:43:42 GMT\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":168,"timings":{"blocked":71,"dns":1,"connect":24,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"onclckinp.com/keywords","fqdn":"onclckinp.com","domain":"onclckinp.com","tld":"com"},"ip":{"addr":"116.202.249.56","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bn.adbestnet.com/fao2.php","date":"2026-01-03T10:43:42.239Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 02:02:57 GMT","end":"Wed, 25 Mar 2026 02:02:56 GMT"},"fingerprint":{"sha1":"C4:80:D6:E8:F3:2B:FD:8A:89:D9:CF:8B:78:3F:74:35:34:B3:68:8A","sha256":"DF:07:A2:74:C6:6C:63:AA:37:DD:AA:4F:E0:F5:C5:D7:9C:B8:28:C4:9C:45:3F:F7:BC:1B:0A:AE:7F:38:FF:B1"}}},"request":{"raw":"POST /keywords HTTP/1.1\r\nHost: onclckinp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 59\r\nOrigin: https://bn.adbestnet.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bn.adbestnet.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":59,"data":"{\"ad_tags\":\"\",\"page\":\"https%3A//bn.adbestnet.com/fao2.php\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0\r\ndate: Sat, 03 Jan 2026 10:43:42 GMT\r\ncontent-type: application/json\r\ncontent-length: 15\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"32323194b8b07fd0aa9b6f7fc79a7b30","sha1":"ea248c45722bff267b55a453dc794bc42171cef6","sha256":"080040b4937f3f423f32cd7f19b2a79ba1e1e213f1d9f4f4db4f609d4ad778d8","sha512":"e6b7cefe758be1e47a28ed8fc319cd61814e942838f0f65a26e629f0af39fae2547bece75c020c0cad5294b741a20911757b43b493dea2d3b109e4cf3ae3e9a3","ssdeep":"","tlshash":"9d600008200a08020880a000a20082002000a002002008282880008083002000888800","first_seen":"2023-09-22T06:12:14Z","last_seen":"2026-04-30T07:35:25.136292Z","times_seen":2401,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/jserror?type=banner_static\u0026bavar=0\u0026build=1.0.658\u0026zoneid=\u0026e=Error\u0026m=BCLC\u0026ab=0\u0026trid=\u0026url=https%3A%2F%2Fpahindot.vip%2Fwatch%2Flawayan-mo-bro-para-dumulas-ang-kiffy%2F","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /jserror?type=banner_static\u0026bavar=0\u0026build=1.0.658\u0026zoneid=\u0026e=Error\u0026m=BCLC\u0026ab=0\u0026trid=\u0026url=https%3A%2F%2Fpahindot.vip%2Fwatch%2Flawayan-mo-bro-para-dumulas-ang-kiffy%2F HTTP/1.1\r\nHost: guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nCookie: cart=1; cart_p=2; CHCK=1; PTS=; UID=2601030543f843a59bed6a4d31bcec042177\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:40 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"go.forscprts.com/api/models/vast/?campaignId=25bdc61ed3917811c8f3f36a1e6e0fb40a4bf9db56e01082448f446fc27cc57b\u0026campaignType=smartpop\u0026creativeId=2056950966946db9155d057d128c7bd863011cab629e73419e4ecbe52e177a54\u0026duration=00%3A00%3A30\u0026iterationId=1211211\u0026masterSmartpopId=2683\u0026memberId=0647797fc59b417e2c851b\u0026p1=60690\u0026p2=113256\u0026p3=101783\u0026ruleId=29\u0026skipOffset=00%3A00%3A05\u0026smartpopId=14005\u0026sourceId=103520\u0026tag=girls\u0026trafficType=preroll\u0026usePreroll=true\u0026userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d\u0026variationId=35211\u0026videoType=ol","fqdn":"go.forscprts.com","domain":"forscprts.com","tld":"com"},"ip":{"addr":"104.18.40.50","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ruxella.com/out3.php","date":"2026-01-03T10:43:40.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"go.forscprts.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 17:54:13 GMT","end":"Mon, 09 Feb 2026 18:54:06 GMT"},"fingerprint":{"sha1":"A9:34:72:54:58:38:86:15:C7:34:AC:23:1A:2E:56:A5:A4:9A:86:4E","sha256":"67:A0:7D:FF:B4:45:FD:87:50:16:23:24:24:41:B4:86:A9:A4:F6:6E:B4:4E:DE:BD:4E:32:B1:2F:4D:C9:53:64"}}},"request":{"raw":"GET /api/models/vast/?campaignId=25bdc61ed3917811c8f3f36a1e6e0fb40a4bf9db56e01082448f446fc27cc57b\u0026campaignType=smartpop\u0026creativeId=2056950966946db9155d057d128c7bd863011cab629e73419e4ecbe52e177a54\u0026duration=00%3A00%3A30\u0026iterationId=1211211\u0026masterSmartpopId=2683\u0026memberId=0647797fc59b417e2c851b\u0026p1=60690\u0026p2=113256\u0026p3=101783\u0026ruleId=29\u0026skipOffset=00%3A00%3A05\u0026smartpopId=14005\u0026sourceId=103520\u0026tag=girls\u0026trafficType=preroll\u0026usePreroll=true\u0026userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d\u0026variationId=35211\u0026videoType=ol HTTP/1.1\r\nHost: go.forscprts.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: null\r\nReferer: https://ruxella.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:40 GMT\r\ncontent-type: text/xml; charset=utf-8\r\ncf-ray: 9b81e5844be0569b-OSL\r\naccess-control-allow-origin: null\r\naccess-control-allow-credentials: true\r\nvary: Origin, Accept-Encoding\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2297,"size_decoded":0,"mime_type":"text/xml; charset=utf-8","magic":"XML 1.0 document, ASCII text, with very long lines (2297), with no line terminators","md5":"35e7848dcf6d8cc7118870b97f1b96e3","sha1":"a2d4fcbec966b2bc85b51b99d1fa595274e0778f","sha256":"c410228edd8b1ea44f93ddd99aaaf27afe89661445bebb82a37d1fef9c93b793","sha512":"6c2dcb6ae305cd8a7ad461ad1f2189ade711af5ebd0d792aed7fe723e53bdc7d6a16ce59ab0e5b6509f794ac342378b82364a7777a3f4d2f06b3b7d09ce0c0f4","ssdeep":"","tlshash":"0441b8796132bc3321dbe0bdee6431d53572471b6ae143a8f84889a5ac097da63f1364","first_seen":"2026-01-03T10:44:24.678278Z","last_seen":"2026-01-03T10:44:24.678278Z","times_seen":1,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":36,"dns":4,"connect":1,"send":0,"wait":39,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Futility%2Frobot%2F3%2Fcss%2Fmagic.css\u0026l=45054\u0026fd=544","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 21:42:11 GMT","end":"Wed, 25 Mar 2026 21:42:10 GMT"},"fingerprint":{"sha1":"DD:BF:7F:13:B7:AA:5E:41:65:09:9E:F1:FE:42:C4:9A:00:0B:F4:E6","sha256":"FE:3B:B4:EE:8B:60:30:E2:9F:CB:E9:E2:06:C0:A4:2E:FF:35:D3:22:85:14:1C:B8:13:CD:72:FB:EA:5C:E9:98"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Futility%2Frobot%2F3%2Fcss%2Fmagic.css\u0026l=45054\u0026fd=544 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 10:43:41 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Futility%2Frobot%2F3%2Fcss%2Fstyle.css\u0026l=6387\u0026fd=575","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:41.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 21:42:11 GMT","end":"Wed, 25 Mar 2026 21:42:10 GMT"},"fingerprint":{"sha1":"DD:BF:7F:13:B7:AA:5E:41:65:09:9E:F1:FE:42:C4:9A:00:0B:F4:E6","sha256":"FE:3B:B4:EE:8B:60:30:E2:9F:CB:E9:E2:06:C0:A4:2E:FF:35:D3:22:85:14:1C:B8:13:CD:72:FB:EA:5C:E9:98"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Futility%2Frobot%2F3%2Fcss%2Fstyle.css\u0026l=6387\u0026fd=575 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 10:43:41 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":62,"dns":0,"connect":0,"send":0,"wait":100,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bn.adbestnet.com/abastandart.php?id=3","fqdn":"bn.adbestnet.com","domain":"adbestnet.com","tld":"com"},"ip":{"addr":"104.21.90.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://bn.adbestnet.com/abal.php?id=324","date":"2026-01-03T10:43:41.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"adbestnet.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 00:59:49 GMT","end":"Mon, 02 Mar 2026 01:58:19 GMT"},"fingerprint":{"sha1":"17:9B:31:D7:0F:D7:C3:02:EE:74:3A:82:E3:67:02:B1:D2:41:C7:8F","sha256":"E2:E9:72:B8:71:FE:90:B7:CA:64:92:0A:66:1C:F5:62:4B:2E:30:E0:32:81:03:D9:CB:17:57:7A:D2:6B:DD:FE"}}},"request":{"raw":"GET /abastandart.php?id=3 HTTP/1.1\r\nHost: bn.adbestnet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bn.adbestnet.com/abal.php?id=324\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:41 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: PHP/7.4.33, PleskLin\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Jc3K5b1imaHbhhQgtMjU6E4IWIMAlyU5NncoCyuAKfse5F2%2FMHzVMruy8Nv%2BsdfsW2UWOYHTi%2FlIzcMOvrIBcmpPmxBH%2FFpl16JtT7O9ZK8%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9b81e587dfd12efa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":117,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"de5024c6476798fbd376c9efe43b51d4","sha1":"984eca39441bbbf502d0737a8baaa13ae8795ac4","sha256":"2b49a5e9789403e6b437b753bf24cbae4d3d7480c3fbb2e74d058cf59b6d2888","sha512":"4af4f138214456944e3cdc3e7a71573c4b32e4d926743afda3bcd5ad28624708827005cadebf92ec4f74c7ad67dad2eff74aa0adcc33755d4865fb9a5ba7731c","ssdeep":"","tlshash":"1db092b7a10e260ca6428056a19004894692588ab772e7a0aca16952619122f68a6f4d","first_seen":"2025-10-29T23:07:49.365607Z","last_seen":"2026-01-15T15:27:46.370191Z","times_seen":186,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fp.metricswpsh.com/fp?tag_id=398055","fqdn":"fp.metricswpsh.com","domain":"metricswpsh.com","tld":"com"},"ip":{"addr":"157.90.84.242","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bn.adbestnet.com/fao2.php","date":"2026-01-03T10:43:42.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"notification.tubecup.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 10 Nov 2025 11:47:47 GMT","end":"Sun, 08 Feb 2026 11:47:46 GMT"},"fingerprint":{"sha1":"05:1E:63:2F:40:1F:87:C3:0D:F0:42:C7:EA:E8:B1:D8:6F:76:7C:FC","sha256":"1C:13:0E:F6:58:8A:8C:D7:DE:1F:9F:20:D5:17:50:15:02:D5:C8:8E:39:40:68:3F:01:24:F2:73:14:BA:25:0F"}}},"request":{"raw":"POST /fp?tag_id=398055 HTTP/1.1\r\nHost: fp.metricswpsh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 1804\r\nOrigin: https://bn.adbestnet.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bn.adbestnet.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1804,"data":"{\"timezoneOlson\":\"UTC\",\"incognito\":true,\"fonts\":{\"error\":{\"message\":{\"isTrusted\":true}},\"duration\":28},\"fontPreferences\":{\"error\":{\"message\":{\"isTrusted\":true}},\"duration\":29},\"languages\":{\"value\":[[\"en-US\"],[\"en-US\",\"en\"]],\"duration\":0},\"colorDepth\":{\"value\":24,\"duration\":0},\"deviceMemory\":{\"duration\":0},\"screenResolution\":{\"value\":[1280,1024],\"duration\":0},\"hardwareConcurrency\":{\"value\":48,\"duration\":1},\"timezone\":{\"value\":\"UTC\",\"duration\":20},\"sessionStorage\":{\"value\":true,\"duration\":0},\"localStorage\":{\"value\":true,\"duration\":0},\"indexedDB\":{\"value\":true,\"duration\":0},\"platform\":{\"value\":\"Win32\",\"duration\":0},\"plugins\":{\"value\":[{\"name\":\"PDF Viewer\",\"description\":\"Portable Document Format\",\"mimeTypes\":[{\"type\":\"application/pdf\",\"suffixes\":\"pdf\"},{\"type\":\"text/pdf\",\"suffixes\":\"pdf\"}]},{\"name\":\"Chrome PDF Viewer\",\"description\":\"Portable Document Format\",\"mimeTypes\":[{\"type\":\"application/pdf\",\"suffixes\":\"pdf\"},{\"type\":\"text/pdf\",\"suffixes\":\"pdf\"}]},{\"name\":\"Chromium PDF Viewer\",\"description\":\"Portable Document Format\",\"mimeTypes\":[{\"type\":\"application/pdf\",\"suffixes\":\"pdf\"},{\"type\":\"text/pdf\",\"suffixes\":\"pdf\"}]},{\"name\":\"Microsoft Edge PDF Viewer\",\"description\":\"Portable Document Format\",\"mimeTypes\":[{\"type\":\"application/pdf\",\"suffixes\":\"pdf\"},{\"type\":\"text/pdf\",\"suffixes\":\"pdf\"}]},{\"name\":\"WebKit built-in PDF\",\"description\":\"Portable Document Format\",\"mimeTypes\":[{\"type\":\"application/pdf\",\"suffixes\":\"pdf\"},{\"type\":\"text/pdf\",\"suffixes\":\"pdf\"}]}],\"duration\":0},\"vendor\":{\"value\":\"\",\"duration\":0},\"cookiesEnabled\":{\"value\":false,\"duration\":1},\"colorGamut\":{\"value\":\"srgb\",\"duration\":0},\"rendererUnmasked\":{\"value\":\"\",\"duration\":30},\"brand\":\"\",\"device\":\"\",\"os_type\":\"desktop\",\"os_family\":\"Windows\",\"front_browser_family\":\"Firefox\",\"front_browser_name\":\"Firefox 134\",\"pixel_ratio\":1}"}},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Sat, 03 Jan 2026 10:43:42 GMT\r\nContent-Type: application/json; charset=UTF-8\r\nContent-Length: 60\r\nConnection: keep-alive\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Origin: https://bn.adbestnet.com\r\nSet-Cookie: id=8441972310368093794; Expires=Sun, 03 Jan 2027 10:43:42 GMT; Secure; SameSite=None\r\nVary: Origin\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":60,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"3515acc210a92eaba63c6b4a46a8458e","sha1":"b2dedcedba7a6ab1b200e02bf6783d390fd25f47","sha256":"7812851a4e7e850f7fa96a43a832ca40d06190504002f36071eb6cd10df70361","sha512":"24256c52c245264b97c24614e56d3729fe3b9215f54aa9246b4ac19f615540a250c0bc18061d32abf1aa27ced9bf0fe434500db8561349a9b4c854013dfd27ee","ssdeep":"","tlshash":"90a00220454e0e0cc0200c9ed22682d4a8587b0033c13aef3744414421482206b10823","first_seen":"2025-08-26T14:00:16.586523Z","last_seen":"2026-04-30T07:35:25.114292Z","times_seen":95,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":1,"connect":26,"send":0,"wait":25,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"fp.metricswpsh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.cc/wp-content/plugins/clean-tube-player/public/player-x.php?q=cG9zdF9pZD0wJnR5cGU9dmlkZW8mdGFnPSUzQ3ZpZGVvJTIwaWQlM0QlMjJ3cHN0LXZpZGVvJTIyJTIwY2xhc3MlM0QlMjJ2aWRlby1qcyUyMHZqcy1iaWctcGxheS1jZW50ZXJlZCUyMiUyMGNvbnRyb2xzJTIwcHJlbG9hZCUzRCUyMmF1dG8lMjIlMjB3aWR0aCUzRCUyMjY0MCUyMiUyMGhlaWdodCUzRCUyMjI2NCUyMiUzRSUzQ3NvdXJjZSUyMHNyYyUzRCUyMmh0dHBzJTNBJTJGJTJGY2RuLnBhaGluZG90LmNjJTJGcGFoaW5kb3QlMkZEb3dubG9hZGVkJTJGMjYwMSUyRmxhd2F5YW4tbW8tYnJvLXBhcmEtZHVtdWxhcy1hbmcta2lmZnktMTI5ODQ4OS5tcDQlMjIlMjB0eXBlJTNEJTIydmlkZW8lMkZtcDQlMjIlM0UlM0MlMkZ2aWRlbyUzRQ==","fqdn":"pahindot.cc","domain":"pahindot.cc","tld":"cc"},"ip":{"addr":"104.21.76.236","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Dec 2025 18:52:51 GMT","end":"Sun, 15 Mar 2026 19:50:30 GMT"},"fingerprint":{"sha1":"8C:15:72:F6:6D:F1:1A:AF:36:DE:FC:7D:BE:8E:82:2F:DD:5E:17:7B","sha256":"65:31:4E:AE:A9:A8:76:AC:49:40:25:89:AB:CF:25:9C:5B:0F:3D:76:16:D1:AE:7B:E2:C0:7A:C6:66:CE:0B:AD"}}},"request":{"raw":"GET /wp-content/plugins/clean-tube-player/public/player-x.php?q=cG9zdF9pZD0wJnR5cGU9dmlkZW8mdGFnPSUzQ3ZpZGVvJTIwaWQlM0QlMjJ3cHN0LXZpZGVvJTIyJTIwY2xhc3MlM0QlMjJ2aWRlby1qcyUyMHZqcy1iaWctcGxheS1jZW50ZXJlZCUyMiUyMGNvbnRyb2xzJTIwcHJlbG9hZCUzRCUyMmF1dG8lMjIlMjB3aWR0aCUzRCUyMjY0MCUyMiUyMGhlaWdodCUzRCUyMjI2NCUyMiUzRSUzQ3NvdXJjZSUyMHNyYyUzRCUyMmh0dHBzJTNBJTJGJTJGY2RuLnBhaGluZG90LmNjJTJGcGFoaW5kb3QlMkZEb3dubG9hZGVkJTJGMjYwMSUyRmxhd2F5YW4tbW8tYnJvLXBhcmEtZHVtdWxhcy1hbmcta2lmZnktMTI5ODQ4OS5tcDQlMjIlMjB0eXBlJTNEJTIydmlkZW8lMkZtcDQlMjIlM0UlM0MlMkZ2aWRlbyUzRQ== HTTP/1.1\r\nHost: pahindot.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\ncontent-length: 0\r\nlocation: https://pahindot.vip/wp-content/plugins/clean-tube-player/public/player-x.php?q=cG9zdF9pZD0wJnR5cGU9dmlkZW8mdGFnPSUzQ3ZpZGVvJTIwaWQlM0QlMjJ3cHN0LXZpZGVvJTIyJTIwY2xhc3MlM0QlMjJ2aWRlby1qcyUyMHZqcy1iaWctcGxheS1jZW50ZXJlZCUyMiUyMGNvbnRyb2xzJTIwcHJlbG9hZCUzRCUyMmF1dG8lMjIlMjB3aWR0aCUzRCUyMjY0MCUyMiUyMGhlaWdodCUzRCUyMjI2NCUyMiUzRSUzQ3NvdXJjZSUyMHNyYyUzRCUyMmh0dHBzJTNBJTJGJTJGY2RuLnBhaGluZG90LmNjJTJGcGFoaW5kb3QlMkZEb3dubG9hZGVkJTJGMjYwMSUyRmxhd2F5YW4tbW8tYnJvLXBhcmEtZHVtdWxhcy1hbmcta2lmZnktMTI5ODQ4OS5tcDQlMjIlMjB0eXBlJTNEJTIydmlkZW8lMkZtcDQlMjIlM0UlM0MlMkZ2aWRlbyUzRQ==\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hVOul4gXjDGapMhJHhOMn3e%2FUGDmnWy01oHFnBYy0eUQfwetuCr%2FFd65wuQ9Glku8u2VClYvOAsjPtvjS2W8lXgZmrB5tkDzaomD\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9b81e5734a9a4e4c-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6786,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":81,"timings":{"blocked":32,"dns":20,"connect":1,"send":0,"wait":6,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bid.onclcktg.com/tags/398055?version_name=c\u0026domain=bn.adbestnet.com","fqdn":"bid.onclcktg.com","domain":"onclcktg.com","tld":"com"},"ip":{"addr":"45.133.44.24","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bn.adbestnet.com/fao2.php","date":"2026-01-03T10:43:41.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bid.onclcktg.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 02 Dec 2025 02:33:50 GMT","end":"Mon, 02 Mar 2026 02:33:49 GMT"},"fingerprint":{"sha1":"E3:6C:CD:C6:63:40:D0:51:9A:D3:2A:02:9D:29:5E:CD:35:9C:93:FA","sha256":"88:9C:4B:69:B6:A8:EB:EC:E1:B5:11:AA:68:88:80:A2:3A:47:E1:14:E0:10:58:15:F9:0A:AF:51:AD:8A:37:F5"}}},"request":{"raw":"GET /tags/398055?version_name=c\u0026domain=bn.adbestnet.com HTTP/1.1\r\nHost: bid.onclcktg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://bn.adbestnet.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bn.adbestnet.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:42 GMT\r\ncontent-type: application/json\r\nserver: nginx/1.24.0\r\ncache-control: max-age=300, public\r\nx-cdn-host-id: DS5058\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1266,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"5412616b6e94676a3abb62581d8f0559","sha1":"289de4fb80298abe9668d9a97e0a1fed9b7d02c6","sha256":"3775e7e109c1a210ac0abc50b452ad99fd262643ed3ba78230cc3c7d08f72a65","sha512":"fe225739177ef553133f98ace94d4ddd6d16529732fe8a49a38276f0cdd9ddcd0d5943f21386b3043cb4afbbf4af50e16d4faac10f9cac3145f54e9846b3f0f8","ssdeep":"","tlshash":"0621326cca6840ff41e10ac69248720a15023547b1e8b15af8ec8dbc328f6e51a6731f","first_seen":"2025-12-21T09:57:52.252263Z","last_seen":"2026-01-03T10:44:24.694167Z","times_seen":5,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":57,"dns":4,"connect":20,"send":0,"wait":20,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LdA2QEsAAAAAId6Kd8IJcsUKYIoPp2P7frTZ0Sd\u0026co=aHR0cHM6Ly9wYWhpbmRvdC52aXA6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=sbvp19oauwdi","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:39.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"47:99:FB:97:02:C2:03:A6:B6:60:07:03:D3:B7:37:4B:99:D1:7F:1F","sha256":"01:72:D6:C3:FA:E5:7E:F5:EF:15:83:1F:EE:A5:BF:37:4C:78:02:B4:CD:BF:8D:EF:62:9F:53:B1:B3:1A:B6:EB"}}},"request":{"raw":"GET /recaptcha/api2/anchor?ar=1\u0026k=6LdA2QEsAAAAAId6Kd8IJcsUKYIoPp2P7frTZ0Sd\u0026co=aHR0cHM6Ly9wYWhpbmRvdC52aXA6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=sbvp19oauwdi HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=utf-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-embedder-policy: require-corp\r\nreport-to: {\"group\":\"recaptcha\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha\"}]}, {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 03 Jan 2026 10:43:39 GMT\r\ncontent-security-policy: script-src 'nonce-7ddfvCoMSHTZG2igewlr0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":92617,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (47233)","md5":"4630fcadc07602abf9b973cc194217da","sha1":"9b03f1671b181e9df627d0b437e31a6d5a86004e","sha256":"e54177f88c13688afb21203d2572756a0dcf28dbf9039190925fda81fe01c0e1","sha512":"af10f2e16876a16dd6bd740b11b92732bce7bffed38296e8fc02dc71b15d7c08420d48998aa88e5ac7b95d9ef6e68d7eea3d866535984c7b3ee8331b2ee2fb59","ssdeep":"1536:y+kMKfSRUnYQ9PJhV9NoisRBKtJmfqAlKnPswMo6YlPxejkP1vR9fSElWdGo:y+kM0hJ4d4tnsYl5eQPntw","tlshash":"0093ae2255176486cfab8e8117caaf74f23e9104310780e42bff07d39eaad87527839c","first_seen":"2026-01-03T10:44:24.698614Z","last_seen":"2026-01-03T10:44:24.698614Z","times_seen":1,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/get/1990309?id=1990309\u0026pid=__clb-spot_1990309_bew_7\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=3\u0026uf=0\u0026freq=0","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /get/1990309?id=1990309\u0026pid=__clb-spot_1990309_bew_7\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=3\u0026uf=0\u0026freq=0 HTTP/1.1\r\nHost: guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nCookie: cart=1; cart_p=2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-route-id: config\r\nset-cookie: UID=260103054330627b57c11048beaaec347dbf; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\nCHCK=1; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\nPTS=; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\r\ncontent-encoding: gzip\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6125,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (6125), with no line terminators","md5":"9faccf742c2ff2be13e06c5ee071361c","sha1":"0911771b22a11783d9501da25096f7d3662d891e","sha256":"56ece365b6d4efea3e3325aa7b16aaf9863b3aac908e6dbb4bf136e9040b7822","sha512":"8e834e5040dd89847961ae46a707f9178018da0665933303421aae9c8d9abeb83c59667c3c134f66444ac45ca0126869b5e30d6f0c5c250b9017c6153dc5f5ba","ssdeep":"96:O9IjVVKdw8r9IjVVKdw8p9IjVVKdw8o8/9IjVVKdw8sxQBk3N+y74o:HjVyajVykjVyoHjVysGmVUo","tlshash":"2cc1fbe84106abe74287fd8137ba4adbb984f112cdbb643d0950f972455c53d383f652","first_seen":"2026-01-03T10:44:24.701019Z","last_seen":"2026-01-03T10:44:24.701019Z","times_seen":1,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/jserror?type=banner_static\u0026bavar=0\u0026build=1.0.658\u0026zoneid=\u0026e=Error\u0026m=BCLC\u0026ab=0\u0026trid=\u0026url=https%3A%2F%2Fpahindot.vip%2Fwatch%2Flawayan-mo-bro-para-dumulas-ang-kiffy%2F","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /jserror?type=banner_static\u0026bavar=0\u0026build=1.0.658\u0026zoneid=\u0026e=Error\u0026m=BCLC\u0026ab=0\u0026trid=\u0026url=https%3A%2F%2Fpahindot.vip%2Fwatch%2Flawayan-mo-bro-para-dumulas-ang-kiffy%2F HTTP/1.1\r\nHost: guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nCookie: cart=1; cart_p=2; CHCK=1; PTS=; UID=2601030543f843a59bed6a4d31bcec042177\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:40 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/utility/robot/3/css/magic.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.446Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/interstitial/utility/robot/3/css/magic.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pahindot.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:40 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Thu, 04 Sep 2025 10:55:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"68b9703c-affe\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8KnS5HWyfeoXJkvrwFYeKUR%2BCzdIvDGWEAlIuQHdtcOXNmCkkUZUYT8eQ01Btilqjtkb4rokHGkUQ2yHX7VsWMiget4SfG2klTAgIGhj\"}]}\r\ncf-ray: 9b81e5820d7eb4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45054,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"bcd1967f8c2604f55f57197de0ae895e","sha1":"c31a10c3ecde74b50450a0a1ad21aa474ff05e7d","sha256":"787eac5d9417257a04de7b18ef21f5ec887de3aee642ceba9a7d56a8209eea2a","sha512":"b37f1a61bbe740bc29308e664227701366ac978d4fbed081f13c47200edd74a792ab980559a236cff39ae27d3fda3ffffef3f1ac2dc420612b616496b44e9df8","ssdeep":"384:lQLl1pRp0itimTKDbObwHuHXFlF7FPFSWRyYyRZZZaZjZPfbfUO3OipypE:GpRp0itiFbObwHuHXFlF7FPFSWX","tlshash":"b913276b2dd2114086564365a3fe6b2c261c85c31c6becfab3a218ce8f1567c53db61f","first_seen":"2025-06-11T18:18:27.729381Z","last_seen":"2026-04-28T00:03:58.889179Z","times_seen":5653,"resource_available":false,"data":null}},"time_used":564,"timings":{"blocked":42,"dns":5,"connect":1,"send":0,"wait":471,"receive":0,"ssl":42},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2024/09/logo.png","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.438Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2024/09/logo.png HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 07 Jan 2026 12:01:09 GMT\r\netag: \"43b1-6909cdc6-9c7a6c;;;\"\r\nlast-modified: Tue, 04 Nov 2025 09:56:22 GMT\r\ncontent-type: image/png\r\ncontent-length: 17329\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\nage: 254547\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=leQex%2FSz5MI%2BaL45CG3O6K1%2FOw8JB%2F1h4%2FyjbV0A9lb%2BsuMIsCj%2B7rAihly%2FIXT%2F28nfPXkKNyes8OhPXJx3m%2Fp983f5JAFgKvM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e56ec8bd5697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17329,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 245 x 47, 8-bit/color RGBA, non-interlaced","md5":"3ad0aca2d9f3b2ac9a40f38130dbc899","sha1":"c639901daccd1db8f685b643534b9f9d80f2c25c","sha256":"9b4bf94512b5bff9e13660811caec34afd93ccef26a4d40a62610639faea65e5","sha512":"235f47f90d3b3fdce474a72b6aebda7bdb7be520d0435028e3005ac80694f7565b87e0a2cf1db6dedda2f3a0ede81d0cc3f6f401d25cd3ebf183345c9c6ca33d","ssdeep":"384:xRqJG1W4Xr02gEXLXRGZ30wo3tcBLG2TCZiPdVx2ZwzIc:yx4Xr5jL4to3t7JQPdVx2Zrc","tlshash":"3e72d00f70e7937ee9e365e719120082ee0114b7621424a03e5fb73e52fad95a29ee71","first_seen":"2025-11-25T17:58:24.498079Z","last_seen":"2026-01-03T10:44:24.7055Z","times_seen":2,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crossingshare.com/sbar.json?key=b5c5807ccbf0ff617c5a4fedf124acd8","fqdn":"crossingshare.com","domain":"crossingshare.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"crossingshare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 12 Nov 2025 21:18:09 GMT","end":"Tue, 10 Feb 2026 21:18:08 GMT"},"fingerprint":{"sha1":"BE:66:C4:96:C5:2D:CB:A2:6B:65:41:51:47:60:19:CC:6C:69:FE:F0","sha256":"90:63:89:D0:F2:25:F0:CF:30:61:9A:6D:D1:DD:41:94:AC:D0:52:A4:ED:60:01:C7:51:0D:37:99:0A:A4:6D:28"}}},"request":{"raw":"GET /sbar.json?key=b5c5807ccbf0ff617c5a4fedf124acd8 HTTP/1.1\r\nHost: crossingshare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pahindot.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 10:43:39 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4433\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://pahindot.vip\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: pdhtkv=true; expires=Sun, 04 Jan 2026 10:43:39 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Sun, 04 Jan 2026 10:43:39 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Sun, 04 Jan 2026 10:43:39 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Sun, 04 Jan 2026 10:43:39 GMT; path=/; secure; SameSite=None\nu_pl27836202=1; expires=Sun, 04 Jan 2026 10:43:39 GMT; path=/; secure; SameSite=None\nslecb5c5807ccbf0ff617c5a4fedf124acd8=[6308898]; expires=Sat, 03 Jan 2026 10:43:44 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 216\r\nHost: crossingshare.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ffe3b4c76a0c2534f664c9e0e1840b13\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5705,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"84ccc10f0165d2c6e30761760daed214","sha1":"1bf06a8befdfb33ea5b60920a2a03a5d7240680d","sha256":"96da09e7f6380df771413bf3fe7d7f7dec48e552ef1612ea44e7cc201d15b1f0","sha512":"74c20a82d3b5c8108275cf52b545b49f9aea7b58e1dbe9a920bddf66e4e08a943ef53ebb40e756d4b29707e188e611ae6a0e3b572c50819d1f533f444fe6b24b","ssdeep":"96:9ude1MOsKoleO525VXcszN9qhESE0wLwE+4SzZyd8CJkIgePft2ig+vfmF9vWd+F:9HvoYxPcuqhz3zZyfJkIrnvuFNdF","tlshash":"95c18f9bc2451ac62d57619acf02affc5942481f52047f2df4bdfb8d842f4158641d85","first_seen":"2026-01-03T10:44:24.707927Z","last_seen":"2026-01-03T10:44:24.707927Z","times_seen":1,"resource_available":false,"data":null}},"time_used":310,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":309,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"crossingshare.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"crossingshare.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"playhubconnect.com/bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4","fqdn":"playhubconnect.com","domain":"playhubconnect.com","tld":"com"},"ip":{"addr":"104.18.15.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:39.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"playhubconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 04:50:46 GMT","end":"Wed, 11 Feb 2026 05:50:34 GMT"},"fingerprint":{"sha1":"08:40:B9:AE:36:A1:74:E1:BA:0F:75:D5:97:DA:7B:24:68:4A:EC:AF","sha256":"A8:FB:61:7B:C9:91:75:23:4D:3A:56:E0:47:39:85:A1:36:66:5A:69:9F:F6:18:D0:70:9B:87:10:19:BC:7D:0D"}}},"request":{"raw":"GET /bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4 HTTP/1.1\r\nHost: playhubconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Sat, 03 Jan 2026 10:43:39 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 893503\r\ncf-ray: 9b81e57c0c0d0b55-OSL\r\nx-amz-id-2: 0svUZMc2Lq98EidBfw11PA0pOn1dXWaJC9u2gDLhYO6s/F9aa4y+qroXCZh/f1zqATK9vuZj0752fl3VU8Z2WPvEPHq9tjC5mZULWoMqGP4=\r\nx-amz-request-id: 7CMMWS4G41P7PJXS\r\nlast-modified: Thu, 15 May 2025 12:07:44 GMT\r\netag: \"df7722471047d1868385d3c71b777260\"\r\nx-amz-server-side-encryption: AES256\r\ncf-cache-status: HIT\r\nage: 1489374\r\nexpires: Tue, 03 Feb 2026 10:43:39 GMT\r\ncache-control: public, max-age=2678400\r\ncontent-range: bytes 0-893502/893503\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":893503,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"df7722471047d1868385d3c71b777260","sha1":"ba936a047c1b983e1a14a47eba40bfb48ae2dbc5","sha256":"6eef643ed38be4036db1bb4f2447f35c886d8ece2b4aff0922598e413216d1fa","sha512":"20792c2370847b7100e0d18d5168319beae0bd8190459df32b456a72fcd32e2739fdff6533d31b50e0727e290229800424482ba450ba632ddcc2b4cc4afcc155","ssdeep":"24576:1rRxYA0lJEwTkVvqWGL4jByMfI8doc/TKA+rj:T+A0lJEwMmL4jByYo8Ts/","tlshash":"251522b312c11c6be6286b3798e716d763d9cd6561328e02b44d70311bf49ea2f2bdd4","first_seen":"2025-05-09T01:45:52.872445Z","last_seen":"2026-04-24T07:04:07.90058Z","times_seen":2320,"resource_available":false,"data":null}},"time_used":407,"timings":{"blocked":59,"dns":3,"connect":1,"send":0,"wait":22,"receive":258,"ssl":58},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"playhubconnect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"playhubconnect.com/bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4","fqdn":"playhubconnect.com","domain":"playhubconnect.com","tld":"com"},"ip":{"addr":"104.18.15.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:39.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"playhubconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 04:50:46 GMT","end":"Wed, 11 Feb 2026 05:50:34 GMT"},"fingerprint":{"sha1":"08:40:B9:AE:36:A1:74:E1:BA:0F:75:D5:97:DA:7B:24:68:4A:EC:AF","sha256":"A8:FB:61:7B:C9:91:75:23:4D:3A:56:E0:47:39:85:A1:36:66:5A:69:9F:F6:18:D0:70:9B:87:10:19:BC:7D:0D"}}},"request":{"raw":"GET /bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4 HTTP/1.1\r\nHost: playhubconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Sat, 03 Jan 2026 10:43:39 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 893503\r\ncf-ray: 9b81e57c0c0b0b55-OSL\r\nx-amz-id-2: 0svUZMc2Lq98EidBfw11PA0pOn1dXWaJC9u2gDLhYO6s/F9aa4y+qroXCZh/f1zqATK9vuZj0752fl3VU8Z2WPvEPHq9tjC5mZULWoMqGP4=\r\nx-amz-request-id: 7CMMWS4G41P7PJXS\r\nlast-modified: Thu, 15 May 2025 12:07:44 GMT\r\netag: \"df7722471047d1868385d3c71b777260\"\r\nx-amz-server-side-encryption: AES256\r\ncf-cache-status: HIT\r\nage: 1489374\r\nexpires: Tue, 03 Feb 2026 10:43:39 GMT\r\ncache-control: public, max-age=2678400\r\ncontent-range: bytes 0-893502/893503\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":893503,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"df7722471047d1868385d3c71b777260","sha1":"ba936a047c1b983e1a14a47eba40bfb48ae2dbc5","sha256":"6eef643ed38be4036db1bb4f2447f35c886d8ece2b4aff0922598e413216d1fa","sha512":"20792c2370847b7100e0d18d5168319beae0bd8190459df32b456a72fcd32e2739fdff6533d31b50e0727e290229800424482ba450ba632ddcc2b4cc4afcc155","ssdeep":"24576:1rRxYA0lJEwTkVvqWGL4jByMfI8doc/TKA+rj:T+A0lJEwMmL4jByYo8Ts/","tlshash":"251522b312c11c6be6286b3798e716d763d9cd6561328e02b44d70311bf49ea2f2bdd4","first_seen":"2025-05-09T01:45:52.872445Z","last_seen":"2026-04-24T07:04:07.90058Z","times_seen":2320,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":53,"dns":0,"connect":0,"send":0,"wait":22,"receive":106,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"playhubconnect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/jserror?type=banner_static\u0026bavar=0\u0026build=1.0.658\u0026zoneid=\u0026e=Error\u0026m=BCLC\u0026ab=0\u0026trid=\u0026url=https%3A%2F%2Fpahindot.vip%2Fwatch%2Flawayan-mo-bro-para-dumulas-ang-kiffy%2F","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /jserror?type=banner_static\u0026bavar=0\u0026build=1.0.658\u0026zoneid=\u0026e=Error\u0026m=BCLC\u0026ab=0\u0026trid=\u0026url=https%3A%2F%2Fpahindot.vip%2Fwatch%2Flawayan-mo-bro-para-dumulas-ang-kiffy%2F HTTP/1.1\r\nHost: guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nCookie: cart=1; cart_p=2; CHCK=1; PTS=; UID=2601030543f843a59bed6a4d31bcec042177\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:40 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/api2/bframe?hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026k=6LdA2QEsAAAAAId6Kd8IJcsUKYIoPp2P7frTZ0Sd\u0026bft=0dAFcWeA5YRc4cvXOvicv8bzEC6ibAAjgLeTbsQCxBetmgBaUKyIJuyZrcmtCqHFXa5k5XGw2Vbr9LZ17YkHC4JUKaykfmF3RWLQ","date":"2026-01-03T10:43:41.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 362552\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 30 Dec 2025 13:09:27 GMT\r\nexpires: Wed, 30 Dec 2026 13:09:27 GMT\r\ncache-control: public, max-age=31536000\r\nage: 336854\r\nlast-modified: Mon, 08 Dec 2025 05:00:52 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":849529,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (553)","md5":"ca956219876073e2f13e8fd63f0b9d26","sha1":"230a172e1fcf2036687131567200dee5fd200a09","sha256":"392c00d030e58635abc9339f903f23a2ebf2cc0ac6371363105549689dfe0206","sha512":"4bbbd3cd9f929185245ca260e7a2521763d3d90b47bbb1d1205819b40b84918e552d482ad8db91c9258e2504891a91efa190041d210c5290c63f38014adbf53c","ssdeep":"6144:QmhF4MqL/nL5k0wmjxRqyFF83/p50YFqrnMI74ggRLXal17bRc0wMwVmbIyWHVEI:zlqT1qyOEnMKabwBRIm0Epzax4XssBQ","tlshash":"040528d8b15278a2a332f4f14467241da77f966ed4084d1df29899f03fb4409a0bbeb7","first_seen":"2025-12-11T19:34:34.525691Z","last_seen":"2026-04-28T23:51:59.987409Z","times_seen":49446,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Futility%2Frobot%2F3%2Fjs%2Fscript.js\u0026l=8051\u0026fd=491","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:41.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 21:42:11 GMT","end":"Wed, 25 Mar 2026 21:42:10 GMT"},"fingerprint":{"sha1":"DD:BF:7F:13:B7:AA:5E:41:65:09:9E:F1:FE:42:C4:9A:00:0B:F4:E6","sha256":"FE:3B:B4:EE:8B:60:30:E2:9F:CB:E9:E2:06:C0:A4:2E:FF:35:D3:22:85:14:1C:B8:13:CD:72:FB:EA:5C:E9:98"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Futility%2Frobot%2F3%2Fjs%2Fscript.js\u0026l=8051\u0026fd=491 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 10:43:41 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/litespeed/css/e3a8343ddbc2a786951ce6b7cb8a2f8e.css?ver=a2f8e","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/litespeed/css/e3a8343ddbc2a786951ce6b7cb8a2f8e.css?ver=a2f8e HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 10 Jan 2026 10:43:37 GMT\r\netag: \"32f-6958f2d7-7ae184;br\"\r\nlast-modified: Sat, 03 Jan 2026 10:43:35 GMT\r\ncontent-type: text/css\r\ncontent-length: 272\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QQwlT6uH8sTm1RwMVr%2FWAu%2FvO9PcznXiETRrnM03h5toh%2B%2F8M8AAVhU5AhrrwR76iqg%2FblM0KbP%2FOAlXICQslMGEJpuSgPABXhg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9b81e56eb8ba5697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":815,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (815), with no line terminators","md5":"27fa14302689f7f32e20359095766e4d","sha1":"1f3db901d6f8746008838a7e5f2be30feeaeef83","sha256":"968ab8ae6f33119ee267a11ce60920934e0d5e9d4714a3eb6b47cb9f05e42a0f","sha512":"72a1731e0b1280ab92fc988a67aa54d1f44874fe5d3be8eb7333e0f17bfec6951058928cb40a3419a47950b82b851c3cf18e9f6cb84e0765656ff4263d4baeec","ssdeep":"","tlshash":"5b0104f12d1a12bcc1a6a309bd98d2bc73a66435ddd2c806e33e953dc18b72625f6464","first_seen":"2023-04-06T10:08:02Z","last_seen":"2026-04-30T15:01:18.631892Z","times_seen":5133,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/bn.js","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /bn.js HTTP/1.1\r\nHost: guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Wed, 24 Dec 2025 12:35:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"694bde26-29ad2\"\r\nexpires: Sat, 10 Jan 2026 10:43:37 GMT\r\ncache-control: max-age=604800\r\nx-js-ab: current\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":170706,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"2d158e92e83d6c8a70cc928e23060ce7","sha1":"a3bfddb1307774261e73ab9d2486438504b35084","sha256":"44f722d75c727be078a5931dd3497aacf652ba8c6eb3097176599d06aac160a9","sha512":"1d4c7db82aed070da74c04af696f6ff716b1de4097cdb46ff681926e43691f1a72279569b98dab6562736b6c1c167ea2a20b3a6d0dfe1b8543c9037f1312cd22","ssdeep":"3072:YY3td0G485lbLLPY0QkWGENs6kmJNdRVJG:9d05QlbLTofgg/dVG","tlshash":"caf3c7deb74528361156b0390f2fdf34a6a5e8d2b88d8474e0e3c0ec787c996e193b65","first_seen":"2025-12-24T15:48:22.966068Z","last_seen":"2026-01-11T23:52:13.961648Z","times_seen":225,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":14,"dns":1,"connect":18,"send":0,"wait":35,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/11/Ginawang-Lollipop-ang-Burat.jpg","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/Ginawang-Lollipop-ang-Burat.jpg HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 08 Jan 2026 03:27:58 GMT\r\netag: \"483d-690a601f-11ea2e7;;;\"\r\nlast-modified: Tue, 04 Nov 2025 20:20:47 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 18493\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N4fqGJ7KWbsOMP2jFKBalOqiNLhnqnLvGg0MFUouzaiGuB6Je6KRVaGQiFQxJJIyy3fDnrSeBcRSsXxxhAYsBa2FbAe8xWjgaC0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e56ee8d05697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":18493,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 168x168, segment length 16, comment: \"Lavc59.37.100\", baseline, precision 8, 640x360, components 3","md5":"9ccbacb476988b171a4ebccefd0838dc","sha1":"e5b97530dbd283d9c96c7e905fe719d450035200","sha256":"6d1d92ab9373674a2469243274cee4d71cb26ffed7a488362977ba8d8c73e7b0","sha512":"4d3e7a4fa199f88e9b736b4d7b5425ceee18a90e375aa34d9b849e2bac5a3ea017faa32e18c468c8b26b7153c8daf4872d88039817150973d9e4f546e73ea0da","ssdeep":"384:MyvTltX+bMVUuAa/xCLyVokNp7I+xe/LPTIVhWj0RHCTvUMXbnv85oI3pL22bV:xTldRyuAAx8mH7bMAjWj0ZCTv5rnv85n","tlshash":"d382d0c0032244e4cf58797b9132eed0a48ff66449a649f5a843e138bb64b17cfced08","first_seen":"2026-01-03T10:44:24.714301Z","last_seen":"2026-01-03T10:44:24.714301Z","times_seen":1,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/jserror?type=banner_static\u0026bavar=0\u0026build=1.0.658\u0026zoneid=\u0026e=Error\u0026m=BCLC\u0026ab=0\u0026trid=\u0026url=https%3A%2F%2Fpahindot.vip%2Fwatch%2Flawayan-mo-bro-para-dumulas-ang-kiffy%2F","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /jserror?type=banner_static\u0026bavar=0\u0026build=1.0.658\u0026zoneid=\u0026e=Error\u0026m=BCLC\u0026ab=0\u0026trid=\u0026url=https%3A%2F%2Fpahindot.vip%2Fwatch%2Flawayan-mo-bro-para-dumulas-ang-kiffy%2F HTTP/1.1\r\nHost: guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nCookie: cart=1; cart_p=2; CHCK=1; PTS=; UID=2601030543f843a59bed6a4d31bcec042177\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:40 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":56,"timings":{"blocked":39,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crossingshare.com/pixel/sbs?c=1","fqdn":"crossingshare.com","domain":"crossingshare.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:41.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"crossingshare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 12 Nov 2025 21:18:09 GMT","end":"Tue, 10 Feb 2026 21:18:08 GMT"},"fingerprint":{"sha1":"BE:66:C4:96:C5:2D:CB:A2:6B:65:41:51:47:60:19:CC:6C:69:FE:F0","sha256":"90:63:89:D0:F2:25:F0:CF:30:61:9A:6D:D1:DD:41:94:AC:D0:52:A4:ED:60:01:C7:51:0D:37:99:0A:A4:6D:28"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: crossingshare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27836202=1; slecb5c5807ccbf0ff617c5a4fedf124acd8=[6308898]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 10:43:41 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: crossingshare.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"crossingshare.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"crossingshare.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bid.onclckstr.com/vast?spot_id=6094864","fqdn":"bid.onclckstr.com","domain":"onclckstr.com","tld":"com"},"ip":{"addr":"62.122.173.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bn.adbestnet.com/fao.php?id=3","date":"2026-01-03T10:43:41.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bid.onclckstr.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 06 Nov 2025 10:40:07 GMT","end":"Wed, 04 Feb 2026 10:40:06 GMT"},"fingerprint":{"sha1":"D6:80:E4:F6:E1:19:E9:40:58:1C:D7:74:C2:D3:E2:26:52:DB:3C:B5","sha256":"99:91:09:F1:89:70:D9:C4:71:A1:35:07:C5:F6:4E:92:A2:C5:74:AD:DF:F5:0F:8D:F9:F5:2F:51:17:42:83:AA"}}},"request":{"raw":"GET /vast?spot_id=6094864 HTTP/1.1\r\nHost: bid.onclckstr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bn.adbestnet.com/\r\nOrigin: https://bn.adbestnet.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.20.1\r\ndate: Sat, 03 Jan 2026 10:43:41 GMT\r\ncontent-type: text/xml;charset=UTF-8\r\ncontent-length: 7\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nvary: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://bn.adbestnet.com\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,\r\naccess-control-expose-headers: Content-Length,Content-Range\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7,"size_decoded":0,"mime_type":"text/xml; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"3f2600013bdbcf98ed96740e89a1a234","sha1":"9edbad613a8a3ec3f72509ad6aa1770978178c44","sha256":"093777a16300e4bfada4768dee58e25a3d45de477682d97ea21d728210853801","sha512":"2c7434df6f813e122f714e674e4cc8447b73c87e2be775085ec65ce0cf44ae7783990fc1cd43a111eb042c05f220b6b2475c93ff4a30b6967530ec95b5118704","ssdeep":"","tlshash":"964000000300000000c030000000000300c03000000300000000000000000000003000","first_seen":"2023-05-07T17:42:53Z","last_seen":"2026-03-28T06:57:50.404855Z","times_seen":252,"resource_available":true,"data":null}},"time_used":166,"timings":{"blocked":72,"dns":4,"connect":21,"send":0,"wait":22,"receive":0,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=838\u0026rd=838\u0026fd=565\u0026bv=25.12.4806\u0026tmpl=70","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:11:03 GMT","end":"Sun, 29 Mar 2026 00:11:02 GMT"},"fingerprint":{"sha1":"93:86:61:9F:2D:73:66:D5:37:73:1C:FE:70:C8:9F:23:B1:C8:8A:D6","sha256":"9D:5E:D7:81:B8:B1:D7:5F:1F:E3:92:85:57:6C:B5:66:34:D6:DE:4F:AA:6C:8B:E9:92:36:D1:CC:BF:CC:45:D3"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=838\u0026rd=838\u0026fd=565\u0026bv=25.12.4806\u0026tmpl=70 HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 10:43:38 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":681,"timings":{"blocked":290,"dns":13,"connect":92,"send":0,"wait":94,"receive":0,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/11/First-Time-Mo-Lang-Sumubo-Pero-Bakit-Parang-ang-Husay-Husay-Mo-300x169.jpg","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.448Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/First-Time-Mo-Lang-Sumubo-Pero-Bakit-Parang-ang-Husay-Husay-Mo-300x169.jpg HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 07 Jan 2026 12:02:22 GMT\r\netag: \"1a51-690a7bfc-1201d48;;;\"\r\nlast-modified: Tue, 04 Nov 2025 22:19:40 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 6737\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\nage: 254474\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wJLhH5i8DWTrtklcJKQNVc1pkTuf6HQ1YEWdVJk0mV%2BuuxIQ2mYWH2zDJAIHCXjjp4jZzGqVq7oELzBTSFOyww54WqGbWTJnqzU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e56ec8c35697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6737,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 144x144, segment length 16, comment: \"Lavc59.37.100\", baseline, precision 8, 300x169, components 3","md5":"dca6a3cefe2d1e1f86e1c027b60ec811","sha1":"79a709be81315e99ba2ebabeb30c8a1a2dbb70f3","sha256":"b57ffdb656d241b43959b692339f8f20eb67bcc7921452cfe7abe30193670642","sha512":"68a2957837ea3d33dfd10f11a4763cffefa4a2e0af37710120c6c6b8d726373c6b3862ba0df6efde07ea61332ea5ea1f897aeaf3eae624cab86058bffaae32a6","ssdeep":"192:nMYXUVwJXqXQt17lPdw3quSAN9TRUQmN+JGu6gPx5:YC8XQ7Xp6RB+aGza5","tlshash":"77d17e3eba600151ec43fcaa57ad67996b602f3032e29add5b70dc461dba4c9cac4407","first_seen":"2026-01-03T10:44:24.72218Z","last_seen":"2026-01-03T10:44:24.72218Z","times_seen":1,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/11/Nasundot-ang-Nota-ni-Basya.jpg","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/Nasundot-ang-Nota-ni-Basya.jpg HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 07 Jan 2026 16:38:08 GMT\r\netag: \"3451-690a6e8c-11f6f7a;;;\"\r\nlast-modified: Tue, 04 Nov 2025 21:22:20 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 13393\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=upYzyZ9bcvUuBPOxQCvw6LcUUNCWY2qjTpryU32MIVeF5DSOjsBnRADCCrQwsZtor1ihGo9NH1VVOICBBRMiH9Gd3YPiemkL8Cs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e56ee8d35697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":13393,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 144x144, segment length 16, comment: \"Lavc59.37.100\", baseline, precision 8, 640x360, components 3","md5":"6c00926878d64a7986080e2899963e0e","sha1":"acf1b103fe8537eae0b618c503ae6d6703ffc104","sha256":"76121cad01bd8b285466b8a1525b1415064431221fa75aa93c4d25308d36ee7e","sha512":"867c3d5f61ae6702f3bfe9ad601d4327fddced85af63909b59ec38d2d1620659dceca02a8389e3663c48dd5f62e4b874880163cc1570488cfbbe203dde3dfdf6","ssdeep":"384:RwI60gk8DSm+gSskAcklARCnUIc5NGT4lTKqxEtWAZ4r:z+DdOAzlo/8uEtWAs","tlshash":"0052cf038601b784fc5ea6fc8d28f75dbf567dbc23c41c624ab4222176bad6863bc114","first_seen":"2026-01-03T10:44:24.72717Z","last_seen":"2026-01-03T10:44:24.72717Z","times_seen":1,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"protrafficinspector.com/stats","fqdn":"protrafficinspector.com","domain":"protrafficinspector.com","tld":"com"},"ip":{"addr":"3.120.91.143","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"traffinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 19 Nov 2025 00:00:00 GMT","end":"Fri, 18 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"11:9F:BE:35:27:7B:7B:85:C9:B3:FF:0E:CA:F6:0D:13:B0:A9:A0:BB","sha256":"81:A4:38:32:0D:BC:66:C8:7B:6D:08:BC:93:91:76:73:A2:BD:D0:53:3C:BF:2F:FD:B8:87:00:C6:EC:3B:6C:77"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: protrafficinspector.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pahindot.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://pahindot.vip\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=886a8e94-c32f-4eb0-84c6-b1030d2f02f2:1:1; expires=Tue, 01 Jan 2036 10:43:38 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"61bd7878d25b2f2cbe373a85328a2edb","sha1":"45830da3ef1fe2a759679ae4eed9843d24bc24bd","sha256":"678331640857bb71625fc9827a64b7579a69b59469547114d0b29384c9b83101","sha512":"572e0d561bf85a89e0a6ad656ca3a109a9e7b011dd18ec94352c39fa9dd192970077112f742da4501f9f034d73f669f1652b207080244b871d666511c877bafa","ssdeep":"","tlshash":"fc900414501077113fd014010440714430df11c1c47cc4411d0d5d454f0100041d4330","first_seen":"2026-01-03T10:44:24.731613Z","last_seen":"2026-01-03T10:44:24.731613Z","times_seen":1,"resource_available":false,"data":null}},"time_used":508,"timings":{"blocked":241,"dns":11,"connect":21,"send":0,"wait":22,"receive":0,"ssl":209},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/12/cropped-icon-192x192.png","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/12/cropped-icon-192x192.png HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 07 Jan 2026 12:01:05 GMT\r\netag: \"1289-6947c6ce-9d774c;;;\"\r\nlast-modified: Sun, 21 Dec 2025 10:07:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 4745\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=6,i=?0\r\nage: 254553\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uhiBu4Mlr4cmXiFyKt8FH9U3NsYvfy1kROf372GDPH4GiVlk0u0NOEcTa3%2FxLA3RGIBdoQsOPlEAtZu3NjiLOYOrzfL2rzIvKTA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e575a90a5697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":4745,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGB, non-interlaced","md5":"e14c827a0670fd62307ca80b761025de","sha1":"ffadd1c0f37b23542a6ed683c8fd2edf2335788f","sha256":"12df9164231cb8521b413cacb80c10aad2122e2b31144caa4552d9b6c2f9950c","sha512":"103dc299d53c9a76be027a209bd6ce955e8a2c00ae39c852d43caa3f8e2672841c7d863385b9ff7e540fb54c4e21c8a1a2932a41cfca179ec7677d93baeabf7a","ssdeep":"96:kPzC86TOgSnM2uV/rQTqX9es2DG37j93rr6OShLM/ie2h0ta:OC86TOgSCOTIJ37R3rr1HU","tlshash":"95a17c4ae9d2e57287745c4583ec010688f362a5912c0f823fd7ad76f4a2836a87ce5d","first_seen":"2026-01-03T10:44:24.734111Z","last_seen":"2026-01-03T10:44:24.734111Z","times_seen":1,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/get/1890614?id=1890614\u0026pid=__clb-spot_1890614_ddu_5\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=1\u0026uf=0\u0026freq=0","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.878Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /get/1890614?id=1890614\u0026pid=__clb-spot_1890614_ddu_5\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=1\u0026uf=0\u0026freq=0 HTTP/1.1\r\nHost: guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nCookie: cart=1; cart_p=2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-route-id: config\r\nset-cookie: PTS=; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\nUID=26010305434476e2a5080844b983b2e57442; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\nCHCK=1; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\r\ncontent-encoding: gzip\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6143,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (6143), with no line terminators","md5":"8f15e02fe52775e80bfa412aa7a30f24","sha1":"d6e861ef8eeceeb983e6f52e673305945c78662a","sha256":"9303c6190fd19ae0d6bdcd9f8abf4e297b338a82a2fcb7691cda276ea003f96b","sha512":"c40984d6c8d5a551f44b85fefef09acbffe1b1f34a7cb2bb158476901cb02f0e2d9096ad5124a3de3d67e3027d0e8763dac76aa934d4c59fd122ceadd9282bbe","ssdeep":"96:SvMT7cHr/efjCntSdGzzvkW7cHr/efjCntSdGzUvwW7cHr/efjCntSdGzv3vyW7R:SvMEr/poGzzvir/poGzUvmr/poGzvvs2","tlshash":"8fc11b18a503db482fdca30354d929da953a95686f2a1243901bfc2526fcfa3e67fd05","first_seen":"2026-01-03T10:44:24.736678Z","last_seen":"2026-01-03T10:44:24.736678Z","times_seen":1,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-creative1.com/sb/interstitial/utility/robot/3/index.html","fqdn":"cdn.show-creative1.com","domain":"show-creative1.com","tld":"com"},"ip":{"addr":"104.21.15.229","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:39.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-creative1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 05 Dec 2025 21:44:28 GMT","end":"Thu, 05 Mar 2026 22:42:58 GMT"},"fingerprint":{"sha1":"32:E8:D3:D8:57:3D:77:06:14:B5:AE:66:6B:E6:23:35:25:11:2C:25","sha256":"65:65:A6:2D:1D:7A:E9:EF:3F:02:AB:E8:2B:83:22:39:7B:1B:99:BB:3D:AE:E4:D2:5F:AB:C5:32:3B:21:23:C3"}}},"request":{"raw":"GET /sb/interstitial/utility/robot/3/index.html HTTP/1.1\r\nHost: cdn.show-creative1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pahindot.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:40 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Thu, 04 Sep 2025 10:55:55 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y3vJSmezFy2k2%2F9hpwRW3uhf7s18%2FxlGKrjMBUFCycJHaE%2BHXJGz1OnJrZZ8uXy8bhlkaZoxZRgwhZx9g31ujE71VV9G06N5cncAKBOX9cVzU88Z\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b81e57e5b3956b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1524,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"9dc0a25dabbe4de856fe02152e69ab75","sha1":"d8a184a181424a51a758b262927e6c0aba7b2b15","sha256":"8c71a26417b0ad5884462cf96135d8aaf1012b9ead37bdf5b505e51dcfd3d173","sha512":"c28042db79a340dea9f66b3c4ed465fa38ea7b152549cd518ee00415109f70eb28602dee1fd4ca9b8ce4810354fe7fc7bfa1ec271cb8cfbe59c2efc58a0de182","ssdeep":"","tlshash":"a231495529fccb26118361e63f702f7ba984e943895b8440b2bd4a908be7ec5cd5720b","first_seen":"2025-09-21T13:47:45.272345Z","last_seen":"2026-04-16T12:24:04.626511Z","times_seen":1765,"resource_available":false,"data":null}},"time_used":1225,"timings":{"blocked":360,"dns":6,"connect":7,"send":0,"wait":490,"receive":0,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fp.metricswpsh.com/fp?tag_id=398055","fqdn":"fp.metricswpsh.com","domain":"metricswpsh.com","tld":"com"},"ip":{"addr":"157.90.84.242","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bn.adbestnet.com/fao2.php","date":"2026-01-03T10:43:42.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"notification.tubecup.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 10 Nov 2025 11:47:47 GMT","end":"Sun, 08 Feb 2026 11:47:46 GMT"},"fingerprint":{"sha1":"05:1E:63:2F:40:1F:87:C3:0D:F0:42:C7:EA:E8:B1:D8:6F:76:7C:FC","sha256":"1C:13:0E:F6:58:8A:8C:D7:DE:1F:9F:20:D5:17:50:15:02:D5:C8:8E:39:40:68:3F:01:24:F2:73:14:BA:25:0F"}}},"request":{"raw":"OPTIONS /fp?tag_id=398055 HTTP/1.1\r\nHost: fp.metricswpsh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://bn.adbestnet.com/\r\nOrigin: https://bn.adbestnet.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx/1.20.1\r\nDate: Sat, 03 Jan 2026 10:43:42 GMT\r\nConnection: keep-alive\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Headers: content-type\r\nAccess-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\nAccess-Control-Allow-Origin: https://bn.adbestnet.com\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":82,"dns":0,"connect":25,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"fp.metricswpsh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"protrafficinspector.com/stats","fqdn":"protrafficinspector.com","domain":"protrafficinspector.com","tld":"com"},"ip":{"addr":"3.120.91.143","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"traffinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 19 Nov 2025 00:00:00 GMT","end":"Fri, 18 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"11:9F:BE:35:27:7B:7B:85:C9:B3:FF:0E:CA:F6:0D:13:B0:A9:A0:BB","sha256":"81:A4:38:32:0D:BC:66:C8:7B:6D:08:BC:93:91:76:73:A2:BD:D0:53:3C:BF:2F:FD:B8:87:00:C6:EC:3B:6C:77"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: protrafficinspector.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pahindot.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://pahindot.vip\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=fc452f32-c345-4736-b87a-f9cba0e30227:2:1; expires=Tue, 01 Jan 2036 10:43:38 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"d58352e0d9121f723c027c0d0c678046","sha1":"527f8ae0f98e13b10146b4c05ba52c97974004d4","sha256":"af7c3794d533e077e3f4c31b37aa1a021a4988b722d8e84eae16a733037e3ce2","sha512":"640aef5c5846d22535a5ea97e7767f07744e00358e5e63b517d0f2f1573cbeee5bb1ccba57018e7fb5853a8f0a39ba1aa2f5b194e94b55fd5178b723be8ccaff","ssdeep":"","tlshash":"e9900441f1dcf0500070135c04d4d5f007c447344135354057304434413150575d1f31","first_seen":"2026-01-03T10:44:24.741112Z","last_seen":"2026-01-03T10:44:24.741112Z","times_seen":1,"resource_available":false,"data":null}},"time_used":570,"timings":{"blocked":247,"dns":3,"connect":23,"send":0,"wait":22,"receive":0,"ssl":272},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/loader.gif","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /loader.gif HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 07 Jan 2026 12:01:05 GMT\r\netag: \"12154-690ad787-743173;;;\"\r\nlast-modified: Wed, 05 Nov 2025 04:50:15 GMT\r\ncontent-type: image/gif\r\ncontent-length: 74068\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\nage: 254553\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qKbpQz9EtYkwjsqQdphxLfRmaqtLz918CRen4XPc8kELLSclvOt%2FDK5Rvk8sNojY3iYLbjchvF7bF62%2BZT0voBu52DkDDMx%2BTy0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e57378f05697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":74068,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 150 x 150","md5":"481904ddde9eceb603d376a6800f431a","sha1":"88982d76577f01451d377e5179dad811c1ca84fb","sha256":"82b7db2ab2eca8a37f1b7e4ade0345596321b2e04551615891b4a8acd56db47a","sha512":"2f440d45158c744e6efd57b45e4c1423e474d6f5c7dcdc5fcd7e9db16a35015cb51dec07fc7633278700ce9a20c4f488afa91f3691a35694e4d26af0d6ef73d2","ssdeep":"1536:VbWDX81NWv3iJCEllNb6pUjl4fcb6CksgBHbm5wqZhaHL6ELg5gg5gg5gg5gg55Y:dWLiWv3i/4p8Mso7m5w4sLT","tlshash":"3673c19508ab059cfa16e73d6f14815f422d5ec1fc0dd6b8768cb418f893aea23cc667","first_seen":"2025-11-25T17:58:24.570466Z","last_seen":"2026-01-03T10:44:24.744637Z","times_seen":2,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/plugins/menu-icons/css/fontawesome/webfonts/fa-solid-900.woff2","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/plugins/menu-icons/css/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/wp-content/litespeed/css/59c3e913d4099ac65a7100d2c64b76d9.css?ver=b76d9\r\nCookie: UGVyc2lzdFN0b3JhZ2U=%7B%7D; _pk_id.125.8d89=da0b78d847ed0a92.1767437019.; _pk_ses.125.8d89=1; pp_main_1e4090d2a697a1a126244d851f2129fc=1\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 10 Jan 2026 10:43:38 GMT\r\netag: \"25cd8-68bfde3c-ec54a1;;;\"\r\nlast-modified: Tue, 09 Sep 2025 07:58:52 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 154840\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HZAuJj2Wd0FRmv58PITYFYVy3DNo%2Fj5jyHVreMOSYO1CjLygN2zACpzSzfPPnAwMnNuFnSFlRcJufG3IDJhHXrVLihLsNQj29IU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9b81e577691e5697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":154840,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 154840, version 769.1280","md5":"be4dccbe54eea47a0ad5d7bb60a3c17d","sha1":"1979128e8ba1517d85f5e4ee505abf486c51557c","sha256":"52bbd916956b4ed8b9d71d1784e4008b207814ec506203326fb36052f3451adb","sha512":"7f7b2964cbeca667d4c26a208be85ab5cb77bb0817318fa3b9045643475ad50b0686427f71588ce52f340df9d030a979b12282da36d9cecd02e86962ff21741f","ssdeep":"3072:cHotp2dhjcnP3MuYoRmQPg7mjPrqsA1qHO32raWB8nxDEUNnP2OcsJpJE:3p2d2nkuvzY8pW1EUNP1csJ4","tlshash":"6fe312d40dbb45e0fa24d204633a4e0e0017bdedde6169b9cf34fb8c9314798ea5ba25","first_seen":"2023-04-05T04:43:09Z","last_seen":"2026-04-30T15:21:35.287227Z","times_seen":2140,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":129,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/get/1990311?id=1990311\u0026pid=__clb-spot_1990311_iwb_8\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=3\u0026uf=0\u0026freq=0","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /get/1990311?id=1990311\u0026pid=__clb-spot_1990311_iwb_8\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=3\u0026uf=0\u0026freq=0 HTTP/1.1\r\nHost: guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nCookie: cart=1; cart_p=2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-route-id: config\r\nset-cookie: CHCK=1; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\nPTS=; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\nUID=2601030543583019a0b60f4b04ab8e5b3899; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\r\ncontent-encoding: gzip\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6143,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (6143), with no line terminators","md5":"5c23dfd646cbca2682e393c66dbd2821","sha1":"1344aa6eb1311a3ca7167f0125551141439ba0a7","sha256":"cd0c7761b064c358ca6039d4a38f59131ddd6717c422218222760242fe1cb4ed","sha512":"7f0210dc84d2d80810c5c5a0ef537f89d308581d9b6f7bec72d828e9aac07160eb030eba187c37ddf46ed3c8c0337708545699d5511dd5f002631d5b8628cfdd","ssdeep":"96:K7mDcLgRNhlFjFSsVsgwLgRNhlFjFSsVsguLgRNhlFjFSsVsgFLgRNhlFjFSsVsu:5jFjuYjFjuCjFjuFjFjuJo","tlshash":"ccc13a101f52c1c65543e437f32fe54c8ada329e2eaaf49d934d8e402bfb193a391929","first_seen":"2026-01-03T10:44:24.749716Z","last_seen":"2026-01-03T10:44:24.749716Z","times_seen":1,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/utility/robot/3/img/banner.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/interstitial/utility/robot/3/img/banner.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:40 GMT\r\ncontent-type: image/png\r\ncontent-length: 31747\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Dec 2024 14:36:22 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"675af4e6-7c03\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 7900111\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iNAIwadkPabA5Ixo55icTr8OAZjO%2BpSIVipOGY4UP2na0aslpW4CGBkvkJRD%2FzImu2ncP4vxtWltda4cGnVb12MUCpfjfVKejz3YS2ar\"}]}\r\ncf-ray: 9b81e5836e80b4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31747,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 400, 8-bit/color RGBA, non-interlaced","md5":"8b80e5aaebd2987d46dd0382da97fdc1","sha1":"bccdfd974f19600eac67f10c43a8d3cd92188aff","sha256":"41f23c36cc8dedef9d191f90f7f85c4aebba6012af7794fdfdf30331df5afe05","sha512":"dbc5a79c4e6b8cc0c1a2a20e857a399e84ff155ce6f68a6de65af23c20d57d7075bf93ba40748fa39942ce84001da19cf5dbd22ab2ab5b4bc3df63d220741e88","ssdeep":"768:oUUUUU2mxm90tQeKC4/cDQ+dexqKogEmXoYIQSR/Fiwecp8wwwwwwwwU:oUUUUU2J+s/cDx73jlp/E7+h","tlshash":"b2e2ae13c4d932371c5a9ded9b6b2b847aa225e320401f7bcf1e1078248b4b5fd27d9a","first_seen":"2025-07-04T18:28:09.276271Z","last_seen":"2026-04-28T00:03:58.590892Z","times_seen":3203,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/11/Para-Di-Mainis-ang-Girls-Kainin-Mo-Muna-Bago-Tirahin-300x169.jpg","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.453Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/Para-Di-Mainis-ang-Girls-Kainin-Mo-Muna-Bago-Tirahin-300x169.jpg HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 07 Jan 2026 14:09:04 GMT\r\netag: \"2439-690a7958-11ffc6a;;;\"\r\nlast-modified: Tue, 04 Nov 2025 22:08:24 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 9273\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NbKxmyAcGbHFXu%2FIghgh6RErM3UQfJE1zp0OMh5228F5amJpczjv6wueLG9Si24%2BvniBWhREpN5Qc4IsS1w%2BbB8Xy8VEfVo2kSU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e56ed8c75697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9273,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 144x144, segment length 16, comment: \"Lavc59.37.100\", baseline, precision 8, 300x169, components 3","md5":"369005994737f9472210337d3ef4e9ed","sha1":"88a32e906ed90614c153074585acb80945e18eed","sha256":"fc8154c1cbab663ef3452758b7be0771417fe9e17c41135cef7111dee257547c","sha512":"d17759c82d2e6b55cf4e59ad5e5098cec3fe20a2ba4847180451fc858dbcb61426c58ff893dd59a2e5fbfdd7d1efe559a6a1010509c04863d23d320124f1925a","ssdeep":"192:nM6vtwvm1ABLrwmOsYdYPdELrvW4a7CqW9X6i0QkrSqKAw:Z1smsm/2PW166kXKAw","tlshash":"9f129df9ba38627b5761aef04e3280355ec67a1150146e9542f3dc41f7e00f9ce9261c","first_seen":"2026-01-03T10:44:24.754731Z","last_seen":"2026-01-03T10:44:24.754731Z","times_seen":1,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/litespeed/css/59c3e913d4099ac65a7100d2c64b76d9.css?ver=b76d9","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.425Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/litespeed/css/59c3e913d4099ac65a7100d2c64b76d9.css?ver=b76d9 HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 10 Jan 2026 10:43:37 GMT\r\netag: \"19171-6958f2d7-7ae183;br\"\r\nlast-modified: Sat, 03 Jan 2026 10:43:35 GMT\r\ncontent-type: text/css\r\ncontent-length: 19981\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nUi3g0BOLck3CWVksuv4AbMvUlEfY1eAI3%2Bz14JR7JtDSnKg7dgagtofM84j7Jgu9sj%2BvpxjKuF3x7pQFUGNRd68nJKbFfKX5nA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9b81e56eb8b95697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":102769,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65317)","md5":"eec94688529694df6897ce3b93beb365","sha1":"ae056e157a26dadeb1d919a8b4edacd6ca6952c2","sha256":"ad2f7d7d2e112180c4036436e39e1ade87b7b27aa8bb4bd3ed89ac2cf34798d8","sha512":"1e57e91f0d4b2f360d1abc93950420db783bf151d4f720288b84e12ed206f8e94120ba65c7ae01aa70710ea04f0d091f42083e891f278fdde50f678599a2758c","ssdeep":"1536:RUMVM6MVMkMVM9MVMNMVMispLZdz+WnQcnlFwLb3esCUde7cU:oZdzRQcnlFkesCUY7cU","tlshash":"28a3b8f4e44c05d57732c44bab99b37c65b6f738d9810da9f02f580c1ad26a822c6f7a","first_seen":"2023-08-13T21:24:16Z","last_seen":"2026-04-28T13:40:14.236616Z","times_seen":36,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mat.143flix.com/matomo.js","fqdn":"mat.143flix.com","domain":"143flix.com","tld":"com"},"ip":{"addr":"104.21.14.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"143flix.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Dec 2025 01:29:12 GMT","end":"Thu, 19 Mar 2026 02:28:52 GMT"},"fingerprint":{"sha1":"42:CD:EA:9C:51:C5:C9:F3:AE:E9:12:BB:86:80:40:E3:7A:83:40:BD","sha256":"F8:7D:AE:93:56:C7:B4:2B:28:D4:9D:78:20:01:C9:21:41:B3:0E:8F:97:AE:9F:95:AF:EA:C4:10:AB:4F:D1:E9"}}},"request":{"raw":"GET /matomo.js HTTP/1.1\r\nHost: mat.143flix.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 20646\r\netag: \"102da-64a92d3f-880193f;br\"\r\nlast-modified: Sat, 08 Jul 2023 09:32:47 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nage: 1383\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mtGIDzLEC2OPzHxLHh1nrfSdwZVv5ynhPKVxTep7XgGIF46rzDMc3xLy6MBrFLFCu%2F6JQa11C3DqX2w0Feo%2B2Wk6pJ6gXpbU5C00m7Xk%2FA%3D%3D\"}]}\r\ncf-ray: 9b81e5748d9dc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":66266,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1601)","md5":"3b15a5dfb84f2467de1742e24bc42c4b","sha1":"1175543d4130141bce1b2aa84925d94b40f0d8da","sha256":"b4e85bf817418063c7bef172d47b552bf79e60e32dfe2f8783d487609c4b8b19","sha512":"913547578f5e8b4824fcf45bbb12cd5316dd5ef5bc25021e0e66c41f57a9f0f63d7c0caa60b254ba3f6ff155497f27b69f470ed21c57b6e2f136281b265349a6","ssdeep":"1536:IydsUOQKezcVo9hm8s28Hy2Fyl5mrDKuR8WE1I3TFto7b06:IaHj9hgmutR8RAFG","tlshash":"2253b4cab2c2757a5ace2171507f010bb2faacaa1448c464f12ad4e53d39d0e957bf7c","first_seen":"2023-04-11T03:14:14Z","last_seen":"2026-04-13T07:12:43.973019Z","times_seen":80,"resource_available":true,"data":null}},"time_used":76,"timings":{"blocked":24,"dns":12,"connect":1,"send":0,"wait":14,"receive":3,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"mat.143flix.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.pahindot.cc/pahindot/Downloaded/2601/lawayan-mo-bro-para-dumulas-ang-kiffy-1298489.mp4","fqdn":"cdn.pahindot.cc","domain":"pahindot.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pahindot.vip/wp-content/plugins/clean-tube-player/public/player-x.php?q=cG9zdF9pZD0wJnR5cGU9dmlkZW8mdGFnPSUzQ3ZpZGVvJTIwaWQlM0QlMjJ3cHN0LXZpZGVvJTIyJTIwY2xhc3MlM0QlMjJ2aWRlby1qcyUyMHZqcy1iaWctcGxheS1jZW50ZXJlZCUyMiUyMGNvbnRyb2xzJTIwcHJlbG9hZCUzRCUyMmF1dG8lMjIlMjB3aWR0aCUzRCUyMjY0MCUyMiUyMGhlaWdodCUzRCUyMjI2NCUyMiUzRSUzQ3NvdXJjZSUyMHNyYyUzRCUyMmh0dHBzJTNBJTJGJTJGY2RuLnBhaGluZG90LmNjJTJGcGFoaW5kb3QlMkZEb3dubG9hZGVkJTJGMjYwMSUyRmxhd2F5YW4tbW8tYnJvLXBhcmEtZHVtdWxhcy1hbmcta2lmZnktMTI5ODQ4OS5tcDQlMjIlMjB0eXBlJTNEJTIydmlkZW8lMkZtcDQlMjIlM0UlM0MlMkZ2aWRlbyUzRQ==","date":"2026-01-03T10:43:38.859Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Dec 2025 18:52:51 GMT","end":"Sun, 15 Mar 2026 19:50:30 GMT"},"fingerprint":{"sha1":"8C:15:72:F6:6D:F1:1A:AF:36:DE:FC:7D:BE:8E:82:2F:DD:5E:17:7B","sha256":"65:31:4E:AE:A9:A8:76:AC:49:40:25:89:AB:CF:25:9C:5B:0F:3D:76:16:D1:AE:7B:E2:C0:7A:C6:66:CE:0B:AD"}}},"request":{"raw":"GET /pahindot/Downloaded/2601/lawayan-mo-bro-para-dumulas-ang-kiffy-1298489.mp4 HTTP/1.1\r\nHost: cdn.pahindot.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 95552824\r\nserver: cloudflare\r\nlast-modified: Thu, 01 Jan 2026 09:12:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"69563a74-5b20538\"\r\ncontent-range: bytes 0-95552823/95552824\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oTNBmPKJzXHRIQeAcHNn35Iyc6bxOXB1HEsUa4URaeyw9LxtnVxeM%2Bst1aP8ry1SYFS8QokVBZ0IOf%2FK6WtD19NDmgI9hi1AUzI1fU9dhg%3D%3D\"}]}\r\ncf-ray: 9b81e5782b17723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1867740,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"6e5bf84600a8798fec01e278888eddd5","sha1":"7de1e3de086d8c4f225869eed8299aec3b5cc759","sha256":"1dea44b8167fefc128f2b7b72da6de76919fa5a9a9098298846b3c2cff092cc8","sha512":"7d3b782010b2250ea88d7ccd39451f06adbd7ab6a9be8e6697ba9b1ab063c34e3d4173c9e364b37d50b8fce7a2df3480774699480ed7bbbd3990f6f5f070550f","ssdeep":"24576:Z/GFGtdCQ8TAd7m11NtEuMjNKTanGuKcOs:4vrEd7m11NzNNW","tlshash":"2925f78f3316251bef601770b1c5076a3534d948638743cb6c94a325adaf3db9ab13ea","first_seen":"2026-01-03T10:44:24.761596Z","last_seen":"2026-01-03T10:44:24.761596Z","times_seen":1,"resource_available":false,"data":null}},"time_used":610,"timings":{"blocked":48,"dns":42,"connect":1,"send":0,"wait":72,"receive":428,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.guidepaparazzisurface.com/static/video/bn/24b/e55/095/24be550950a7c6fb20244a506c13acd5ded0f432.mp4","fqdn":"www.guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /static/video/bn/24b/e55/095/24be550950a7c6fb20244a506c13acd5ded0f432.mp4 HTTP/1.1\r\nHost: www.guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:39 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 153602\r\nlast-modified: Mon, 15 Dec 2025 18:52:34 GMT\r\netag: \"694058f2-25802\"\r\nexpires: Wed, 04 Mar 2026 10:43:39 GMT\r\ncache-control: max-age=5184000\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS\r\naccess-control-expose-headers: Last-Modified\r\ncontent-range: bytes 0-153601/153602\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":153602,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"04d2bfd50d9359a53ed9531684e9da96","sha1":"24be550950a7c6fb20244a506c13acd5ded0f432","sha256":"647163abd604e867cca1fed5bdcb521f50121eee154b80596e62c9c37f146a35","sha512":"5e55e24b39958657fa25d6e2707d7c7f3a68e1487041bb7262c91c180eccc3a75a4028b5b7d0f80bc6b1fab9063d99411a5cdb638d428a4230cbb0a83e37a69c","ssdeep":"1536:5KHRxmfOPN5bHRrg7C9UKFethHwr/hYhZ4e3dn:5cmoNzg7ChF0wLh0nn","tlshash":"4ce3e1295ea26882f34cf37e48a1c829caf35363c4d6e14b788f49584f35225476f977","first_seen":"2025-08-25T16:09:43.16385Z","last_seen":"2026-04-28T18:21:54.037303Z","times_seen":333,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/bframe?hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026k=6LdA2QEsAAAAAId6Kd8IJcsUKYIoPp2P7frTZ0Sd\u0026bft=0dAFcWeA5YRc4cvXOvicv8bzEC6ibAAjgLeTbsQCxBetmgBaUKyIJuyZrcmtCqHFXa5k5XGw2Vbr9LZ17YkHC4JUKaykfmF3RWLQ","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:41.276Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"47:99:FB:97:02:C2:03:A6:B6:60:07:03:D3:B7:37:4B:99:D1:7F:1F","sha256":"01:72:D6:C3:FA:E5:7E:F5:EF:15:83:1F:EE:A5:BF:37:4C:78:02:B4:CD:BF:8D:EF:62:9F:53:B1:B3:1A:B6:EB"}}},"request":{"raw":"GET /recaptcha/api2/bframe?hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026k=6LdA2QEsAAAAAId6Kd8IJcsUKYIoPp2P7frTZ0Sd\u0026bft=0dAFcWeA5YRc4cvXOvicv8bzEC6ibAAjgLeTbsQCxBetmgBaUKyIJuyZrcmtCqHFXa5k5XGw2Vbr9LZ17YkHC4JUKaykfmF3RWLQ HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=utf-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-embedder-policy: require-corp\r\nreport-to: {\"group\":\"recaptcha\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha\"}]}, {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 03 Jan 2026 10:43:41 GMT\r\ncontent-security-policy: script-src 'nonce-zsH28GTScwKFKTl3fXN01A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17035,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1572)","md5":"ab84e79976158b693fd603f5f67c5e6e","sha1":"7fc45d16fdb2089c4edf51ae63fd1e0c9a0ab641","sha256":"2aa5acef1c9ad0a50cb53d8fe63291d55522fbe59c044fb0cc28edf7d9bc1629","sha512":"84e340a32261046e04d7d8b2e760d6d5f8780322ad22aaf0da40358412edd34cce34ed4d52cb78d745fa9903b662eae00aca9541bb04d8127dd9f1f6557c1676","ssdeep":"384:EjfZjYjnjbjyEj/qY4WjgjAjzjfCjPjwjkjy7j/qY49jXj3j/jfmjDjUjAjyXj/z:EFkD/OE/hkc3+bsIO7/KbzbK3YcOX/+a","tlshash":"33720e50041754009b835ce223ce7f34fe0e92517242d0b1abfd9b6beedbda6926939d","first_seen":"2026-01-03T10:44:24.763759Z","last_seen":"2026-01-03T10:44:24.763759Z","times_seen":1,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bn.adbestnet.com/abal.php?id=324","fqdn":"bn.adbestnet.com","domain":"adbestnet.com","tld":"com"},"ip":{"addr":"104.21.90.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://bn.adbestnet.com/a33.php?id=34324","date":"2026-01-03T10:43:41.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"adbestnet.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 00:59:49 GMT","end":"Mon, 02 Mar 2026 01:58:19 GMT"},"fingerprint":{"sha1":"17:9B:31:D7:0F:D7:C3:02:EE:74:3A:82:E3:67:02:B1:D2:41:C7:8F","sha256":"E2:E9:72:B8:71:FE:90:B7:CA:64:92:0A:66:1C:F5:62:4B:2E:30:E0:32:81:03:D9:CB:17:57:7A:D2:6B:DD:FE"}}},"request":{"raw":"GET /abal.php?id=324 HTTP/1.1\r\nHost: bn.adbestnet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bn.adbestnet.com/a33.php?id=34324\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:41 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: PHP/7.4.33, PleskLin\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l3r1b3sQSkJltp7O0GUWPqbmSpgTZSP8EO9b%2FiLGZedBP7CcINcJG0o%2BoyjMY7StGUSQUXmDiP78mFINxI6QGjYKUvFGjmNWbOL3%2Fkonnjw%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9b81e586fd9c2efa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":1578,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"98659e401eecff54c2f8b62831cf9e88","sha1":"477756967ae255157f97fa0a4a3441ef453caa82","sha256":"791b0b19b79515fd4c115a262e85d5b535c2a327f6349fd33de1e622fdf53ebc","sha512":"92025f17473f26d3f6fd1ba2f7656270ec2625107eb5c321569642fdba40c0a869fd7347449f2a8c288db61290ca0b2744e926d3385657a10d9a48c1ed846c1a","ssdeep":"","tlshash":"aa3142a305bb201d4a5b106753da0023f58ee80b3a93eac07a4e93143fec61911e7a8e","first_seen":"2025-10-11T13:46:03.510283Z","last_seen":"2026-01-15T16:01:53.650806Z","times_seen":514,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:41.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://pahindot.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 30 Dec 2025 19:22:36 GMT\r\nexpires: Wed, 30 Dec 2026 19:22:36 GMT\r\ncache-control: public, max-age=31536000\r\nage: 314465\r\nlast-modified: Tue, 18 Nov 2025 19:00:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-30T15:35:35.081995Z","times_seen":775447,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/11/Nag-show-First-Bago-Makatikim-ng-Burat.jpg","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/Nag-show-First-Bago-Makatikim-ng-Burat.jpg HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 07 Jan 2026 18:05:49 GMT\r\netag: \"3d67-690a691e-11f2636;;;\"\r\nlast-modified: Tue, 04 Nov 2025 20:59:10 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 15719\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EWjdkaya%2BXy80wqIt9CKBBjJrvOeBHLmXjBaAPoD2191u6pQGbn8Ph0mkrREDfhaHN0P2IrebYSMXTaParkEWz1FRli7sOtCsL0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e56ed8ca5697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":15719,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 120x120, segment length 16, comment: \"Lavc59.37.100\", baseline, precision 8, 640x360, components 3","md5":"7ee77982c8ee1d9900d89fd45d577eae","sha1":"ee8de92e82c1c44c5accdcb099ac15db1b7313f7","sha256":"fdd67023d92480e8464406cd0bbfe6e8547fb2592b3b80fc211cfae5b283f930","sha512":"6ef8b18bce7d766734b68c0a70b40e1d2f48d85dea7e1754e66d00c881de40254180953c81e4441f9c24fd29cec12e96c3ca98b9ee352d817b2589c8879e5e94","ssdeep":"384:JMxkiXKhE2QW3DFZZzi3eXtxJkidx0iWVvkcsur:JMWSj2p5z/RkMWGcDr","tlshash":"9f62d0428c6111d663ca4f34f867477cd6713e61c732a235ee24604d636aa6ed23faca","first_seen":"2026-01-03T10:44:24.77011Z","last_seen":"2026-01-03T10:44:24.77011Z","times_seen":1,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"playhubconnect.com/bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4","fqdn":"playhubconnect.com","domain":"playhubconnect.com","tld":"com"},"ip":{"addr":"104.18.15.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:39.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"playhubconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 04:50:46 GMT","end":"Wed, 11 Feb 2026 05:50:34 GMT"},"fingerprint":{"sha1":"08:40:B9:AE:36:A1:74:E1:BA:0F:75:D5:97:DA:7B:24:68:4A:EC:AF","sha256":"A8:FB:61:7B:C9:91:75:23:4D:3A:56:E0:47:39:85:A1:36:66:5A:69:9F:F6:18:D0:70:9B:87:10:19:BC:7D:0D"}}},"request":{"raw":"GET /bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4 HTTP/1.1\r\nHost: playhubconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Sat, 03 Jan 2026 10:43:39 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 893503\r\ncf-ray: 9b81e57c2c1f0b55-OSL\r\nx-amz-id-2: 0svUZMc2Lq98EidBfw11PA0pOn1dXWaJC9u2gDLhYO6s/F9aa4y+qroXCZh/f1zqATK9vuZj0752fl3VU8Z2WPvEPHq9tjC5mZULWoMqGP4=\r\nx-amz-request-id: 7CMMWS4G41P7PJXS\r\nlast-modified: Thu, 15 May 2025 12:07:44 GMT\r\netag: \"df7722471047d1868385d3c71b777260\"\r\nx-amz-server-side-encryption: AES256\r\ncf-cache-status: HIT\r\nage: 1489374\r\nexpires: Tue, 03 Feb 2026 10:43:39 GMT\r\ncache-control: public, max-age=2678400\r\ncontent-range: bytes 0-893502/893503\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":711895,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"691399d6e73b7b9d9fa384ba6169058b","sha1":"d2fc11d1917df353b95d6483039a53bbc2d9ea07","sha256":"fc5d4aa885e3a3d2c7d440ce3501bce92aa23a7aa302be9ed6d72fc2fae6bbdd","sha512":"bb481ba9a1d226e8e2fd34b1e6e30f0d2561ba458efc40ad73abad7ddac99ff73671d5736eaaba5746930a8a8bb89b697982c1ffa6022a49369f127fb9f97c4d","ssdeep":"12288:1rroUhH4pOe8AFxlOfEEwc6kVvq5yvGJqdQdUCMIKU+yMH/IPondl:1rRxYA0lJEwTkVvqWGL4jByMfI8dl","tlshash":"c8e4127203c11c6be9686b7a98f755e756c8cc6812718f03b88db0315bb49ea2f27dd4","first_seen":"2026-01-03T10:44:24.624235Z","last_seen":"2026-01-03T10:44:24.624235Z","times_seen":1,"resource_available":false,"data":null}},"time_used":503,"timings":{"blocked":76,"dns":3,"connect":6,"send":0,"wait":15,"receive":325,"ssl":61},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"playhubconnect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/chicken.gif?z=1990309\u0026pid=__clb-spot_1990309_bew_7\u0026pb=26142b04917aad57d420a76e34fc11e71767444218\u0026pbc=I_wCMJQUe5T6Dllp\u0026pbi=eKfMrVLtQsb6Dllp\u0026pbu=WAEZKcbIXxH6Dllp\u0026psp=s9dc8-TFw3xojvS84F-VTHWWjJ6Ta2N8j30YCJdSMzXenF5OhrEOEasAG3T4Y4mNiu_JuNOj32aLc8fAAiqwN5T4M56lAvnlUv5xeWwJse9-G2n4gDdAAA_KQk4kp_yUDvBnNPSW5_GA75rWYWWr0aT58fLtILE3atPHFLK5EjfW9q-AAhLh6U8B3Sra3tM8buKpXu3mn4sMAbMrfemvl5QOx0cr67wPdlnQe_FFLQ5FSs5z4yYLUxloC8JiKsB18Y3rwSudvy0MUcBMyMaWUaylTsX82f-2m6YyqLfnN3GYcIGVgzrAg9dByUzHn4yse2HD3KOpqKrS3o0f2G3JTl3H9rpa2NENybPozBzZcqgM2o5NlOtJKJpoWayXNCfOzXf8EQxj_ZsRgUZnruziQYmNCvN9lvk1_pdROWSRj3mDkvCNBqSTR93kksbj9ECd1T0pF9dUwI8fWvPoI5X4jV_mLly4IlIxktd8boNvZDN4LVA2UY_qUkSDEeHYZj9wwiZcXxgyl-79OaaAyr6nJDncZ7Q6OWy-nBPH-lGSBaKaVhmDNAuDoHbiFqKdN21BGgdUblUKT3buZ8wQhAXpH3g-R3pW7G4dnTebxbPhjCJN5h6sBdcLhNWCF9Da0qwFvgWOiopY8Q7s25oIm9Sx_t8XTI2K_TslP6fuz0D7Poc6JK53h55LTMJUc6j-Gd1EdvJrv5cke01BCc_rbqfPEMs95eq6xGXzzvJrbA1Om7izLp21Js-C0moPW8a_gy66hCcmmVNZb4fIIl1qxR81ULKb28hvaeo3AjSA-eFfUNFciuE3XUVAq4bi8N8TfJII9Clq4UchOOPM0r1S2sKFRcR4i7GdX7t6wQYCSfjOUQTGXcMAmhigrBDNonrTJ2PqwveT0jWN22ZNz0nRQlGCWN4zNVuV7Ft7JUvNPCln3D3DGSYeHrZDHX_TLHi4QjC0fsjzSN4eAVOhpmjlrxLR4qxFXbPC2bpS3SZ3C6IAuWsgy15upCkxcNdxsYfBNw82qIFgUVHwr3RACr6Q\u0026freq=0\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=yJ3mb4caHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=7434180147075584\u0026caifrq=ADgxrgAAAAAAAAABADSdIQAAAAAAAAACADPmFgAAAAAAAAAG\u0026eclog=0\u0026snc=0\u0026ssc=2\u0026tp=0\u0026vp=0\u0026pkw=0\u0026pload=3281\u0026rlp=%5B0%2C31%2C167%2C119%2C27870%2C11540%2C3518%2C11603%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026clt=1\u0026pload=1053\u0026bp=3","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.381Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /chicken.gif?z=1990309\u0026pid=__clb-spot_1990309_bew_7\u0026pb=26142b04917aad57d420a76e34fc11e71767444218\u0026pbc=I_wCMJQUe5T6Dllp\u0026pbi=eKfMrVLtQsb6Dllp\u0026pbu=WAEZKcbIXxH6Dllp\u0026psp=s9dc8-TFw3xojvS84F-VTHWWjJ6Ta2N8j30YCJdSMzXenF5OhrEOEasAG3T4Y4mNiu_JuNOj32aLc8fAAiqwN5T4M56lAvnlUv5xeWwJse9-G2n4gDdAAA_KQk4kp_yUDvBnNPSW5_GA75rWYWWr0aT58fLtILE3atPHFLK5EjfW9q-AAhLh6U8B3Sra3tM8buKpXu3mn4sMAbMrfemvl5QOx0cr67wPdlnQe_FFLQ5FSs5z4yYLUxloC8JiKsB18Y3rwSudvy0MUcBMyMaWUaylTsX82f-2m6YyqLfnN3GYcIGVgzrAg9dByUzHn4yse2HD3KOpqKrS3o0f2G3JTl3H9rpa2NENybPozBzZcqgM2o5NlOtJKJpoWayXNCfOzXf8EQxj_ZsRgUZnruziQYmNCvN9lvk1_pdROWSRj3mDkvCNBqSTR93kksbj9ECd1T0pF9dUwI8fWvPoI5X4jV_mLly4IlIxktd8boNvZDN4LVA2UY_qUkSDEeHYZj9wwiZcXxgyl-79OaaAyr6nJDncZ7Q6OWy-nBPH-lGSBaKaVhmDNAuDoHbiFqKdN21BGgdUblUKT3buZ8wQhAXpH3g-R3pW7G4dnTebxbPhjCJN5h6sBdcLhNWCF9Da0qwFvgWOiopY8Q7s25oIm9Sx_t8XTI2K_TslP6fuz0D7Poc6JK53h55LTMJUc6j-Gd1EdvJrv5cke01BCc_rbqfPEMs95eq6xGXzzvJrbA1Om7izLp21Js-C0moPW8a_gy66hCcmmVNZb4fIIl1qxR81ULKb28hvaeo3AjSA-eFfUNFciuE3XUVAq4bi8N8TfJII9Clq4UchOOPM0r1S2sKFRcR4i7GdX7t6wQYCSfjOUQTGXcMAmhigrBDNonrTJ2PqwveT0jWN22ZNz0nRQlGCWN4zNVuV7Ft7JUvNPCln3D3DGSYeHrZDHX_TLHi4QjC0fsjzSN4eAVOhpmjlrxLR4qxFXbPC2bpS3SZ3C6IAuWsgy15upCkxcNdxsYfBNw82qIFgUVHwr3RACr6Q\u0026freq=0\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=yJ3mb4caHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=7434180147075584\u0026caifrq=ADgxrgAAAAAAAAABADSdIQAAAAAAAAACADPmFgAAAAAAAAAG\u0026eclog=0\u0026snc=0\u0026ssc=2\u0026tp=0\u0026vp=0\u0026pkw=0\u0026pload=3281\u0026rlp=%5B0%2C31%2C167%2C119%2C27870%2C11540%2C3518%2C11603%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026clt=1\u0026pload=1053\u0026bp=3 HTTP/1.1\r\nHost: guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: cart=1; cart_p=2; CHCK=1; PTS=; UID=2601030543f843a59bed6a4d31bcec042177\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:40 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nx-route-id: stats.impression\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"28e463819a210071de3b45ebe7633613","sha1":"6dccd571828ec0912629119cf7eabfea9f33ddbc","sha256":"44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84","sha512":"8a82ac5a7883cd9b74bdb561cf825ce86474e259ad8c445e538d697b0003e3f2b1d6edcd3dc6512f4ad16e9074da204a79938257c457ecf68f4329eac0182e67","ssdeep":"","tlshash":"04900003e280e082c3a0c0300e0ccb802b88a2308a28030fb0fc2baefc3a3a20c23000","first_seen":"2023-04-05T09:26:54Z","last_seen":"2026-04-30T14:53:58.428192Z","times_seen":21171,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"crossingshare.com/impr.gif?sid=H4sIAAAAAAAC_1RSz2skRRSu3s1h0YO_Fm_C4Gn9waR7pieZcQ_RuEaDMYnZSIS9WF1VPSlT09VWdU9PBoVoQBa8zF7Eg4fON8nG1SD6B8iuE8FDQLC9GGTDwgqeBH-xFy8yk4HFB_XeK76Cet_3vQ930hNSRUqPl1_TXakUnayV3dKFNRlxndnS4mrJc8vuxdKajKb8i6XOMJn2c17VL7tPlV4WbENPVlzPdT3XK81JI0LdmRyhkPFBwys33LJfKXs1Hx3z_7tNHVjqgLdPyKOQvHjobngFkg0Qtb66JOxGouNnX2qliibaoM3334g2Ip1FaN1vQ-MgjPbHr6FtQcgnZ6Cj_TED6PbukAECWZAzj99GEO2Px0TQ3judNFAQEQL-ILL2AEINIOkATG9D8h8JwDgWlxC1ri9qk9HNU5QO0YJM3PsbMivIxO3ziFpfzirZKV3WKk2kjiw6YQ7ZGUA2B4jTQyRdBzI7BEs-gOQ_kMl7C4hau0tWaUiej9jLcABqHaTDIx2koYM0dtDixyXfrfvMo9WpsMHZtOtT3-cicBv1iuvSBptGyt6H5D0ws4XYbGFD9mDSW7DrOSx3YJOCOK9voc1zZIIgswQZJcgkQZYQZO18jytbsfl1rmwaeONaGddq3tdJc4fu6aQpIgJqejA835XxO3YbLDnb74aW9_Uw0SDJ-zTg-U58Qh4ZquV8dvNpbIjjUlBjtbo7zVgQumE45U2zGvVDwUOv4lPG67Ayh7RnRkJ0ZUFWyHuIZUHO_fwrAnoIqw7B5MOg6ROgWQ66nqMbHcQyopttpZtlxsB1jjiZQLLp7KgT8lh_ZXX21si0ty49CcGOnj_3541_f1MfgZkcscnxtvyOoKmu9ld0RnZXdGbJ10txIluyS4eGXk5oIiY-f1VsZtrw-Uu2d-MFNgSG7cGqsMkCjbiMmpZ8MSs5F2ZOGybIN_N2TQTLqV2fTU2UxgvLL87Nt2IjrJU6GoDKgjzw6TNgsiDnL8yMlrX2zx2weAs2Ppq5Wx0FrCYIYgdKFuSVK3egxNHM972Pv33392ugQQ4r7nMKxNHNP8goduxVNI0DmmwjauVomxxtlYOqHmx6tp_E5mjmp_EfgXL6gTLObqCMunaqlZXHpbAqKsx169NTXrUeCq_qcxbW6n6DT1G3WhVIbCHf_OuX_wIAAP__hQ6qb1MEAAA=","fqdn":"crossingshare.com","domain":"crossingshare.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:41.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"crossingshare.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 12 Nov 2025 21:18:09 GMT","end":"Tue, 10 Feb 2026 21:18:08 GMT"},"fingerprint":{"sha1":"BE:66:C4:96:C5:2D:CB:A2:6B:65:41:51:47:60:19:CC:6C:69:FE:F0","sha256":"90:63:89:D0:F2:25:F0:CF:30:61:9A:6D:D1:DD:41:94:AC:D0:52:A4:ED:60:01:C7:51:0D:37:99:0A:A4:6D:28"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSz2skRRSu3s1h0YO_Fm_C4Gn9waR7pieZcQ_RuEaDMYnZSIS9WF1VPSlT09VWdU9PBoVoQBa8zF7Eg4fON8nG1SD6B8iuE8FDQLC9GGTDwgqeBH-xFy8yk4HFB_XeK76Cet_3vQ930hNSRUqPl1_TXakUnayV3dKFNRlxndnS4mrJc8vuxdKajKb8i6XOMJn2c17VL7tPlV4WbENPVlzPdT3XK81JI0LdmRyhkPFBwys33LJfKXs1Hx3z_7tNHVjqgLdPyKOQvHjobngFkg0Qtb66JOxGouNnX2qliibaoM3334g2Ip1FaN1vQ-MgjPbHr6FtQcgnZ6Cj_TED6PbukAECWZAzj99GEO2Px0TQ3judNFAQEQL-ILL2AEINIOkATG9D8h8JwDgWlxC1ri9qk9HNU5QO0YJM3PsbMivIxO3ziFpfzirZKV3WKk2kjiw6YQ7ZGUA2B4jTQyRdBzI7BEs-gOQ_kMl7C4hau0tWaUiej9jLcABqHaTDIx2koYM0dtDixyXfrfvMo9WpsMHZtOtT3-cicBv1iuvSBptGyt6H5D0ws4XYbGFD9mDSW7DrOSx3YJOCOK9voc1zZIIgswQZJcgkQZYQZO18jytbsfl1rmwaeONaGddq3tdJc4fu6aQpIgJqejA835XxO3YbLDnb74aW9_Uw0SDJ-zTg-U58Qh4ZquV8dvNpbIjjUlBjtbo7zVgQumE45U2zGvVDwUOv4lPG67Ayh7RnRkJ0ZUFWyHuIZUHO_fwrAnoIqw7B5MOg6ROgWQ66nqMbHcQyopttpZtlxsB1jjiZQLLp7KgT8lh_ZXX21si0ty49CcGOnj_3541_f1MfgZkcscnxtvyOoKmu9ld0RnZXdGbJ10txIluyS4eGXk5oIiY-f1VsZtrw-Uu2d-MFNgSG7cGqsMkCjbiMmpZ8MSs5F2ZOGybIN_N2TQTLqV2fTU2UxgvLL87Nt2IjrJU6GoDKgjzw6TNgsiDnL8yMlrX2zx2weAs2Ppq5Wx0FrCYIYgdKFuSVK3egxNHM972Pv33392ugQQ4r7nMKxNHNP8goduxVNI0DmmwjauVomxxtlYOqHmx6tp_E5mjmp_EfgXL6gTLObqCMunaqlZXHpbAqKsx169NTXrUeCq_qcxbW6n6DT1G3WhVIbCHf_OuX_wIAAP__hQ6qb1MEAAA= HTTP/1.1\r\nHost: crossingshare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27836202=1; slecb5c5807ccbf0ff617c5a4fedf124acd8=[6308898]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 10:43:41 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nset-cookie: iprc_l+7e2468735784ab3287b8d0b936baad28=6308898; expires=Sun, 04 Jan 2026 10:43:41 GMT; path=/; secure; SameSite=None\niprc_l:6308898=1; expires=Sun, 04 Jan 2026 10:43:41 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 2\r\nHost: crossingshare.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b2930535f83f0c7c35bb37636f782149\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"crossingshare.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"crossingshare.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"playhubconnect.com/bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4","fqdn":"playhubconnect.com","domain":"playhubconnect.com","tld":"com"},"ip":{"addr":"104.18.15.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:39.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"playhubconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 04:50:46 GMT","end":"Wed, 11 Feb 2026 05:50:34 GMT"},"fingerprint":{"sha1":"08:40:B9:AE:36:A1:74:E1:BA:0F:75:D5:97:DA:7B:24:68:4A:EC:AF","sha256":"A8:FB:61:7B:C9:91:75:23:4D:3A:56:E0:47:39:85:A1:36:66:5A:69:9F:F6:18:D0:70:9B:87:10:19:BC:7D:0D"}}},"request":{"raw":"GET /bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4 HTTP/1.1\r\nHost: playhubconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Sat, 03 Jan 2026 10:43:39 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 893503\r\ncf-ray: 9b81e57c0c090b55-OSL\r\nx-amz-id-2: 0svUZMc2Lq98EidBfw11PA0pOn1dXWaJC9u2gDLhYO6s/F9aa4y+qroXCZh/f1zqATK9vuZj0752fl3VU8Z2WPvEPHq9tjC5mZULWoMqGP4=\r\nx-amz-request-id: 7CMMWS4G41P7PJXS\r\nlast-modified: Thu, 15 May 2025 12:07:44 GMT\r\netag: \"df7722471047d1868385d3c71b777260\"\r\nx-amz-server-side-encryption: AES256\r\ncf-cache-status: HIT\r\nage: 1489374\r\nexpires: Tue, 03 Feb 2026 10:43:39 GMT\r\ncache-control: public, max-age=2678400\r\ncontent-range: bytes 0-893502/893503\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":893503,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"df7722471047d1868385d3c71b777260","sha1":"ba936a047c1b983e1a14a47eba40bfb48ae2dbc5","sha256":"6eef643ed38be4036db1bb4f2447f35c886d8ece2b4aff0922598e413216d1fa","sha512":"20792c2370847b7100e0d18d5168319beae0bd8190459df32b456a72fcd32e2739fdff6533d31b50e0727e290229800424482ba450ba632ddcc2b4cc4afcc155","ssdeep":"24576:1rRxYA0lJEwTkVvqWGL4jByMfI8doc/TKA+rj:T+A0lJEwMmL4jByYo8Ts/","tlshash":"251522b312c11c6be6286b3798e716d763d9cd6561328e02b44d70311bf49ea2f2bdd4","first_seen":"2025-05-09T01:45:52.872445Z","last_seen":"2026-04-24T07:04:07.90058Z","times_seen":2320,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":52,"dns":0,"connect":0,"send":0,"wait":25,"receive":83,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"playhubconnect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bn.adbestnet.com/fao.php?id=3","fqdn":"bn.adbestnet.com","domain":"adbestnet.com","tld":"com"},"ip":{"addr":"104.21.90.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://bn.adbestnet.com/abastandart.php?id=3","date":"2026-01-03T10:43:41.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"adbestnet.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 00:59:49 GMT","end":"Mon, 02 Mar 2026 01:58:19 GMT"},"fingerprint":{"sha1":"17:9B:31:D7:0F:D7:C3:02:EE:74:3A:82:E3:67:02:B1:D2:41:C7:8F","sha256":"E2:E9:72:B8:71:FE:90:B7:CA:64:92:0A:66:1C:F5:62:4B:2E:30:E0:32:81:03:D9:CB:17:57:7A:D2:6B:DD:FE"}}},"request":{"raw":"GET /fao.php?id=3 HTTP/1.1\r\nHost: bn.adbestnet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bn.adbestnet.com/abastandart.php?id=3\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:41 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: PHP/7.4.33, PleskLin\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64\r\naccess-control-allow-credentials: true\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://bn.adbestnet.com\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wEgooonnJeQ1Kf%2Bxql2PRoixkNzVuzyqKjymgT0VfewnIgxj6oKMxOz4%2FZHUWE5jBP2dQYRe%2B8YVHSHU%2BhV7siRBGqFfks7nN6Jn1WPRyjY%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9b81e58869352efa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":8992,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"C++ source, Unicode text, UTF-8 text, with very long lines (747)","md5":"cf52696d95d2879b496c0a6613ec225c","sha1":"61eb56033814d848bd3b6831e7ceea157ba20fad","sha256":"226e20a74e3c6d5c73337a43471af3079c982a6f9122fd88ced6bcc89cec37d4","sha512":"cedba46ac7b98610f5ae2b736003d822330d1bc7c4bcabe460c96bf15cad1b51ef572b2fd636e11b678ab46c459ee5484db8be3f8e7d7a9df1a159d1aa28b3f1","ssdeep":"192:3stQaHyqCNfrckjOcRw8jOAlhzLBtdWxiUGiM6iciVIiEtLriIAi+AitAi4iD:3stQABSjcyOcRw8jH7dWxiUGijici2i1","tlshash":"ea02505626b71031c677108d0fe7462572b4a41f7909ca8e3e6d82996fc4f2692e8ff8","first_seen":"2025-11-01T05:28:47.281128Z","last_seen":"2026-01-15T15:27:46.354526Z","times_seen":181,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.onclckbnr.com/banner-admanager/build.m.js","fqdn":"js.onclckbnr.com","domain":"onclckbnr.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bn.adbestnet.com/fao2.php","date":"2026-01-03T10:43:42.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"js.onclckbnr.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 07 Dec 2025 02:32:05 GMT","end":"Sat, 07 Mar 2026 02:32:04 GMT"},"fingerprint":{"sha1":"F1:8C:CF:4F:67:FF:10:45:D6:D4:C5:E8:2F:34:E9:99:E7:5B:81:2B","sha256":"6C:79:20:23:C9:15:EE:B7:C4:8D:2B:E9:8E:EE:47:CE:AC:D0:F9:F0:BE:61:F8:DA:D8:EE:DF:95:DC:CC:5A:9D"}}},"request":{"raw":"GET /banner-admanager/build.m.js HTTP/1.1\r\nHost: js.onclckbnr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bn.adbestnet.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:42 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx/1.18.0\r\nlast-modified: Thu, 18 Dec 2025 08:18:57 GMT\r\netag: W/\"6943b8f1-14bfe\"\r\ncontent-encoding: gzip\r\nexpires: Sat, 03 Jan 2026 10:48:42 GMT\r\ncache-control: max-age=300\r\nx-cdn-host-id: AH1742\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":84990,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"01903853e3410c57e30e0a7abc3c1f60","sha1":"094aa098801352ae39ce557b293e4eb0fc3eb6d1","sha256":"cf7169f391156797acf11a9da11225701c3ee3c16afebc35eeefa3fb25e8daf3","sha512":"146bd24d76c9a9050a3a68b7a6d85264812fd8b1e41e93c674fd7d80ec01ee246a1302fbb0e37945ec1c53fd67dc86603dea509f5d9464c25e20ece1d3e2ee03","ssdeep":"1536:7aNtpnDTPupIDxZJBpqgiZMZLUyzOBR6mXIEFWDDIYA:709DTP9PpqSL3bmLIE","tlshash":"4b836b843290b4b541e640afa43f430af3392d06b80b9458f16dede67b79e896176f39","first_seen":"2025-12-18T08:41:29.003596Z","last_seen":"2026-04-18T22:35:55.833181Z","times_seen":454,"resource_available":true,"data":null}},"time_used":175,"timings":{"blocked":76,"dns":13,"connect":21,"send":0,"wait":21,"receive":0,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/11/Lakasan-Mo-Pa-ang-Ungol-para-Lalo-Syang-Masarapan-300x169.jpg","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/Lakasan-Mo-Pa-ang-Ungol-para-Lalo-Syang-Masarapan-300x169.jpg HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 08 Jan 2026 19:33:08 GMT\r\netag: \"1c51-690a7b4b-1201586;;;\"\r\nlast-modified: Tue, 04 Nov 2025 22:16:43 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 7249\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sNHdsFnF4lr%2FGymI9hwNRys9b6fr8a8Uj68Xxun6W%2FJ66YUWv%2BLDKUBhr91XsZVZRd%2BkcFkuNwMnca5FcmIWkx%2BETBvuTxfIWeI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e56ec8c55697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7249,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 120x120, segment length 16, comment: \"Lavc59.37.100\", baseline, precision 8, 300x169, components 3","md5":"b4aab5da14fde2c3d8e8a8e0907b7b2b","sha1":"7d3a3434f913b80803fcf7909947c95e93950dbb","sha256":"c86e7d4cbe74c1ff2a218090b7011eb1143a47bafc33e4d3cb93752a22f7dc0d","sha512":"ccd39fa5af8207c21bab2047598776b747c67943871183dcab01d99e5e606ccb31452728e4810ab65678b2f6dc4e49bc796c916a4cb13d0c67861f6a1152c0f8","ssdeep":"192:nMnbVip9ULttKMZJVW16nYvZcsEFJCn/ySJc/3:uxG8HKMvkcnocs96f3","tlshash":"9be19e8e822452d9f8c95f240ea394d2bcd529218b75e6d77ab8dc62a4543f0e798280","first_seen":"2026-01-03T10:44:24.779613Z","last_seen":"2026-01-03T10:44:24.779613Z","times_seen":1,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/11/Sa-Lapag-Lang-Kinantot-Maputi-at-Makinis-na-Syota.jpg","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/Sa-Lapag-Lang-Kinantot-Maputi-at-Makinis-na-Syota.jpg HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 07 Jan 2026 18:45:19 GMT\r\netag: \"3c10-690a798a-11ffea9;;;\"\r\nlast-modified: Tue, 04 Nov 2025 22:09:14 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 15376\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t5QgVx6N%2F8o5PU4iDyUxqiuBkeWxIe29obLIorR2Ws0o8SZzfgZCwjJK9z%2FqlzWINWj9Rv2h6ljC7peRcyQsuuhnV9otdJBEApM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e56ed8ce5697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15376,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 120x120, segment length 16, comment: \"Lavc59.37.100\", baseline, precision 8, 640x360, components 3","md5":"3a29c47e99117d21b1231c08bf5de4da","sha1":"a1f46e2aa25b6c520fc521d563331beee0f62e0c","sha256":"c8d8ac126dbb56f5bcb3b15c010d9de04d5ee087d709cf40c773a15c2eab3590","sha512":"b9fdc7e3534d2e7afe14a44e7aa91c610f9cd2b43c0744248722427f496748f74eb23d2dbe0935047edf87a69bf988cca0cb8434c52ee7abf0b441ec15cde7ec","ssdeep":"384:u+uCMC/UxjDxMkHd0XxVGX9VkS7n/o9U8UUC10:u+nMqUxfGkHSBV+9VkS7Q9U8W10","tlshash":"2762d0482c07d5109af11979b3b635adfbd7403035614af5051faac1db38358acabd5b","first_seen":"2026-01-03T10:44:24.782003Z","last_seen":"2026-01-03T10:44:24.782003Z","times_seen":1,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/check.html","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /check.html HTTP/1.1\r\nHost: guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Mon, 24 Nov 2025 08:42:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69241a69-39e\"\r\nx-js-ab: current\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":926,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"088dba8e97eede53134c93219f7ebbae","sha1":"adb707654d1fe0af7d0d7a9f55660d22bd3625e4","sha256":"6da0120b4c7bc45b63fcbb87595c3c1ea2cdca482b0c48d4d2ab434f9e897aff","sha512":"23a1f87731e8aee4658993cd1ce35ec179fea80b89bf52aca7634488f1bdfcf88b9cabca4859481357a9fee06cbb49df64bbe0878b1dae0e5df4fa34003c6d80","ssdeep":"","tlshash":"6211d04934e1684c1127a6301597a2183c32a40315cbd949fb9cd7301f815a7dc596df","first_seen":"2024-11-22T16:59:41.974716Z","last_seen":"2026-03-04T10:11:28.020186Z","times_seen":13721,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"playhubconnect.com/bn/24b/e55/095/24be550950a7c6fb20244a506c13acd5ded0f432.mp4","fqdn":"playhubconnect.com","domain":"playhubconnect.com","tld":"com"},"ip":{"addr":"104.18.15.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:39.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"playhubconnect.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 04:50:46 GMT","end":"Wed, 11 Feb 2026 05:50:34 GMT"},"fingerprint":{"sha1":"08:40:B9:AE:36:A1:74:E1:BA:0F:75:D5:97:DA:7B:24:68:4A:EC:AF","sha256":"A8:FB:61:7B:C9:91:75:23:4D:3A:56:E0:47:39:85:A1:36:66:5A:69:9F:F6:18:D0:70:9B:87:10:19:BC:7D:0D"}}},"request":{"raw":"GET /bn/24b/e55/095/24be550950a7c6fb20244a506c13acd5ded0f432.mp4 HTTP/1.1\r\nHost: playhubconnect.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Sat, 03 Jan 2026 10:43:39 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 153602\r\ncf-ray: 9b81e57c1c0e0b55-OSL\r\nx-amz-id-2: HjuIOPuHWoHjRvobiLi/Orkx2IjN0KKHfdv3J6Pgx63kDreXGngj79nuD0ttV/n6wKVMxo7LXnc=\r\nx-amz-request-id: 8BDHCMTRR16C8564\r\nlast-modified: Thu, 10 Jul 2025 14:05:43 GMT\r\netag: \"04d2bfd50d9359a53ed9531684e9da96\"\r\nx-amz-server-side-encryption: AES256\r\nage: 707174\r\ncontent-range: bytes 0-153601/153602\r\nexpires: Tue, 03 Feb 2026 10:43:39 GMT\r\ncache-control: public, max-age=2678400\r\ncf-cache-status: HIT\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":153602,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"04d2bfd50d9359a53ed9531684e9da96","sha1":"24be550950a7c6fb20244a506c13acd5ded0f432","sha256":"647163abd604e867cca1fed5bdcb521f50121eee154b80596e62c9c37f146a35","sha512":"5e55e24b39958657fa25d6e2707d7c7f3a68e1487041bb7262c91c180eccc3a75a4028b5b7d0f80bc6b1fab9063d99411a5cdb638d428a4230cbb0a83e37a69c","ssdeep":"1536:5KHRxmfOPN5bHRrg7C9UKFethHwr/hYhZ4e3dn:5cmoNzg7ChF0wLh0nn","tlshash":"4ce3e1295ea26882f34cf37e48a1c829caf35363c4d6e14b788f49584f35225476f977","first_seen":"2025-08-25T16:09:43.16385Z","last_seen":"2026-04-28T18:21:54.037303Z","times_seen":333,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":61,"dns":3,"connect":6,"send":0,"wait":19,"receive":29,"ssl":48},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"playhubconnect.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LdA2QEsAAAAAId6Kd8IJcsUKYIoPp2P7frTZ0Sd\u0026co=aHR0cHM6Ly9wYWhpbmRvdC52aXA6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=sbvp19oauwdi","date":"2026-01-03T10:43:39.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 362552\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 30 Dec 2025 13:09:27 GMT\r\nexpires: Wed, 30 Dec 2026 13:09:27 GMT\r\ncache-control: public, max-age=31536000\r\nage: 336852\r\nlast-modified: Mon, 08 Dec 2025 05:00:52 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":849529,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (553)","md5":"ca956219876073e2f13e8fd63f0b9d26","sha1":"230a172e1fcf2036687131567200dee5fd200a09","sha256":"392c00d030e58635abc9339f903f23a2ebf2cc0ac6371363105549689dfe0206","sha512":"4bbbd3cd9f929185245ca260e7a2521763d3d90b47bbb1d1205819b40b84918e552d482ad8db91c9258e2504891a91efa190041d210c5290c63f38014adbf53c","ssdeep":"6144:QmhF4MqL/nL5k0wmjxRqyFF83/p50YFqrnMI74ggRLXal17bRc0wMwVmbIyWHVEI:zlqT1qyOEnMKabwBRIm0Epzax4XssBQ","tlshash":"040528d8b15278a2a332f4f14467241da77f966ed4084d1df29899f03fb4409a0bbeb7","first_seen":"2025-12-11T19:34:34.525691Z","last_seen":"2026-04-28T23:51:59.987409Z","times_seen":49446,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":75,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ads.quality-traffic.com/nwdagit.php","fqdn":"ads.quality-traffic.com","domain":"quality-traffic.com","tld":"com"},"ip":{"addr":"104.21.2.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:39.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"quality-traffic.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 26 Nov 2025 12:45:12 GMT","end":"Tue, 24 Feb 2026 13:43:43 GMT"},"fingerprint":{"sha1":"65:01:AE:48:44:F2:02:C5:02:24:C6:C7:62:16:90:FC:59:6F:A4:0C","sha256":"27:34:29:39:D9:1A:D3:2E:06:44:C9:5F:6E:2A:F5:69:1C:57:A1:3D:08:A0:D1:7D:81:DA:DF:B1:98:8E:63:A3"}}},"request":{"raw":"GET /nwdagit.php HTTP/1.1\r\nHost: ads.quality-traffic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:39 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: accept-encoding\r\nx-powered-by: PHP/7.4.33, PleskLin\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b81e57b7db1569f-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":249,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"361cdf7b562c010992d8fcce3492d00c","sha1":"5038304384dd70e8a0707214bf64c1149257f281","sha256":"ae83695596b004239cc1ec9b18acd9215daf60e95c1cfede800667445689c20a","sha512":"43eb149d72fbc896cecc15384e1c8bb60a8e2061683ad922d4888853f53b2dd36526104264b03a84ea7079e70d55728d4b5797f16357bfac12d7aa43e7ae45f8","ssdeep":"","tlshash":"63d097b7120b0b05c0a6024659f8214c3a21f80d8771e9f0d1e1a0b3f880e2ecc2337c","first_seen":"2025-11-19T03:03:31.780063Z","last_seen":"2026-03-10T07:47:01.558544Z","times_seen":220,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":32,"dns":13,"connect":3,"send":0,"wait":62,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/jserror?type=banner_static\u0026bavar=0\u0026build=1.0.658\u0026zoneid=\u0026e=Error\u0026m=BCLC\u0026ab=0\u0026trid=\u0026url=https%3A%2F%2Fpahindot.vip%2Fwatch%2Flawayan-mo-bro-para-dumulas-ang-kiffy%2F","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.252Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /jserror?type=banner_static\u0026bavar=0\u0026build=1.0.658\u0026zoneid=\u0026e=Error\u0026m=BCLC\u0026ab=0\u0026trid=\u0026url=https%3A%2F%2Fpahindot.vip%2Fwatch%2Flawayan-mo-bro-para-dumulas-ang-kiffy%2F HTTP/1.1\r\nHost: guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nCookie: cart=1; cart_p=2; CHCK=1; PTS=; UID=2601030543f843a59bed6a4d31bcec042177\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:40 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/utility/robot/3/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.453Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/interstitial/utility/robot/3/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pahindot.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:40 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Thu, 04 Sep 2025 13:25:46 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"68b9935a-18f3\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s%2BvmKAfQupYa5SmKvt0PNwg%2FxAEz4dhMJSVy1KWX1J1jfyUvayPl3GbYVBQN6%2FllvtAsYkkCoqPejhQotSruY9P8R8qxR2rD55xtxI7j\"}]}\r\ncf-ray: 9b81e5821d86b4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6387,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"20b72d2b5d691275f5e1f201c54208eb","sha1":"a8082db410892a8b50274eeb812fe58c04e5e407","sha256":"476950bbfeccfbd5ad93c5ad69d5192e62e9eb9e3e03dfc2447c98c7bb5634e6","sha512":"5702a11b753960144f8debcbbff5ad272f00543b6b8bd71a440fb28945bf4d81bd75cc1a08fa531e10efe8aa8dbcb6305dc882e12b8854ccb6f88b62dbeb934d","ssdeep":"96:1zlzMUmWCfICX6zXXgCfUKOtAYiY5mnM0pfiUpznL4OHBCHL+OCBhEkuCo1cCJ0v:LMZnincKOyXnMsIM0M9X4U4H4vFEa","tlshash":"ebd130a617650204740bd8563d126f17a3688053ef0fd9b86ed2244cceca6ce56f378f","first_seen":"2025-09-21T13:47:45.281723Z","last_seen":"2026-04-16T12:24:04.592408Z","times_seen":1688,"resource_available":false,"data":null}},"time_used":584,"timings":{"blocked":43,"dns":3,"connect":1,"send":0,"wait":495,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=fc452f32-c345-4736-b87a-f9cba0e30227\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=b5c5807ccbf0ff617c5a4fedf124acd8\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=10","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.808Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 22:13:33 GMT","end":"Sat, 28 Mar 2026 22:13:32 GMT"},"fingerprint":{"sha1":"A3:08:82:4A:9A:ED:6E:4C:29:FC:10:0D:1D:8F:8B:68:0E:D0:49:72","sha256":"B4:01:36:5D:F9:70:75:BF:F6:56:67:76:BB:CC:A2:D3:BA:69:61:33:56:FC:C7:21:69:6E:04:BE:95:D7:B2:F5"}}},"request":{"raw":"GET /pxf.gif?uuid=fc452f32-c345-4736-b87a-f9cba0e30227\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=b5c5807ccbf0ff617c5a4fedf124acd8\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=10 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 10:43:41 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 1\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: dea0fd23e226f44f1857b9f4f5656d87\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":704,"timings":{"blocked":288,"dns":2,"connect":94,"send":0,"wait":128,"receive":0,"ssl":185},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"video.sacdnssedge.com/video/ol_8ec9eb7381da66471a177ccfd1abb952.mp4","fqdn":"video.sacdnssedge.com","domain":"sacdnssedge.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://ruxella.com/out3.php","date":"2026-01-03T10:43:41.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1894120159.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 19 Nov 2025 11:12:15 GMT","end":"Tue, 17 Feb 2026 11:12:14 GMT"},"fingerprint":{"sha1":"8B:3E:32:D0:D6:38:B0:7C:60:91:F6:D3:6F:B6:9F:BA:58:A8:98:50","sha256":"21:E0:91:75:BE:B5:3A:EB:F4:36:B2:EC:7D:AF:21:0D:D2:C9:58:AB:BC:4F:F3:08:0D:0B:C8:CC:44:41:94:DE"}}},"request":{"raw":"GET /video/ol_8ec9eb7381da66471a177ccfd1abb952.mp4 HTTP/1.1\r\nHost: video.sacdnssedge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=2326528-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ruxella.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Sat, 03 Jan 2026 10:43:41 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 42990\r\nvary: accept-encoding\r\naccess-control-expose-headers: Content-Disposition\r\ncontent-disposition: inline; filename=\"ol_8ec9eb7381da66471a177ccfd1abb952.mp4\"\r\netag: \"f5eede0149dea2a140e88178c809352b\"\r\nexpires: Sat, 03 Jan 2026 11:43:19 GMT\r\nlast-modified: Sat, 03 Jan 2026 10:43:19 GMT\r\nx-amz-request-id: 182f3e48-6039-491e-b885-b651a0076410\r\nx-seaweedfs-expires-s3: true\r\ncache-control: max-age=7200\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nage: 0\r\ncf-cache-status: HIT\r\ncf-ray: 9b81e5021a5b9b83-FRA\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-77-nzt: EwwBX63NDQH3EgAAAAwBuUwKDAH3AwAAAAwBT3/Y+AG3AAAAAA\r\nx-77-nzt-ray: 2a494a153702478f02f358693c1ca20a\r\nx-77-cache: HIT\r\nx-77-age: 18\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\ncontent-range: bytes 2326528-2369517/2369518\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":42990,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"22df5bdf04eb1260d790f2e0ab2469be","sha1":"c47b59f33942dcf92458d1de4464ee5fdb7e501e","sha256":"6fbe47925a9655a2ff1bf81688f4b7196646e6a97c271ab6a366ad4fcb3df548","sha512":"7133c1c96c21294b465131f8eb4a87c6412349172f81d6ec2768d6bc9cb9edf8a7c3c2d27f7a8bb13fda8653ee3f1f21d7ebb6dda3b15a080f7da22a17fbdcfc","ssdeep":"768:mh96Rl79Q4+y2IWgrBOOa/8ynJWYvxO+dG:mH6RV9QPIWggVK","tlshash":"d5134da1f7241403ea52173594e113207730eab52393474f5ae1b33eedab7ea9e025e6","first_seen":"2026-01-03T10:44:24.805742Z","last_seen":"2026-01-03T10:52:07.524772Z","times_seen":2,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":25,"dns":1,"connect":4,"send":0,"wait":8,"receive":35,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"onclckmetrics.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMzYyNjc2OTY3MDExNDc0NjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIyLjQwLjIiLCJ0YWdfaWQiOjM5ODA1NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjEzLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9","fqdn":"onclckmetrics.com","domain":"onclckmetrics.com","tld":"com"},"ip":{"addr":"138.201.236.216","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bn.adbestnet.com/fao2.php","date":"2026-01-03T10:43:42.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"notification.tubecup.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 10 Nov 2025 11:47:47 GMT","end":"Sun, 08 Feb 2026 11:47:46 GMT"},"fingerprint":{"sha1":"05:1E:63:2F:40:1F:87:C3:0D:F0:42:C7:EA:E8:B1:D8:6F:76:7C:FC","sha256":"1C:13:0E:F6:58:8A:8C:D7:DE:1F:9F:20:D5:17:50:15:02:D5:C8:8E:39:40:68:3F:01:24:F2:73:14:BA:25:0F"}}},"request":{"raw":"GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMzYyNjc2OTY3MDExNDc0NjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIyLjQwLjIiLCJ0YWdfaWQiOjM5ODA1NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjEzLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 HTTP/1.1\r\nHost: onclckmetrics.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://bn.adbestnet.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bn.adbestnet.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sat, 03 Jan 2026 10:43:42 GMT\r\ncontent-length: 0\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":194,"timings":{"blocked":83,"dns":4,"connect":26,"send":0,"wait":25,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api.js?hl=en\u0026ver=696b5afc78c6e1a2be7e52f07257cab4","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:57:20 GMT","end":"Wed, 25 Feb 2026 15:57:19 GMT"},"fingerprint":{"sha1":"13:5B:80:5A:23:15:61:AE:98:37:1B:0A:3C:F6:E2:BD:63:8E:3B:D6","sha256":"22:03:24:94:F7:E3:5F:66:1B:39:CE:18:75:20:3D:01:AC:FE:93:AA:1A:73:8C:D5:34:98:AB:2B:E5:19:37:12"}}},"request":{"raw":"GET /recaptcha/api.js?hl=en\u0026ver=696b5afc78c6e1a2be7e52f07257cab4 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\nexpires: Sat, 03 Jan 2026 10:43:37 GMT\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\ncache-control: private, max-age=300\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\nreport-to: {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1017,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1017), with no line terminators","md5":"b57455c9a0032c8d67868882258a4a19","sha1":"017f1d5e957af25bc7ee498e8e6104da00835773","sha256":"1aa296f8312ecf0d0959f759affc2850e1ed52b321033a51355cc1f37fd5dc89","sha512":"24db4575be8e92cfb7b408e04e6bee7cc5257a22b46488a3f4e9a8dbc05f75c3f4a465fea59e4ea866c1a9f3afb145f50b60fb5969a61ef7c466d572a7197e57","ssdeep":"","tlshash":"581165731a04f0350b3209d1e1ffc7b5e482b01cf12845dca511ea842f79ccbce04589","first_seen":"2025-12-15T23:56:17.122996Z","last_seen":"2026-01-20T22:35:06.74886Z","times_seen":7485,"resource_available":true,"data":null}},"time_used":391,"timings":{"blocked":146,"dns":2,"connect":21,"send":0,"wait":33,"receive":0,"ssl":186},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/11/Isang-Blowjob-Lang-Muna-kay-Tisay.jpg","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.455Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/Isang-Blowjob-Lang-Muna-kay-Tisay.jpg HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 07 Jan 2026 12:15:39 GMT\r\netag: \"5549-690a6253-11ec609;;;\"\r\nlast-modified: Tue, 04 Nov 2025 20:30:11 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 21833\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kPfUQ6t2hPMwLWHiD9wcPLaYPNM1GpXphd5VTZZ%2BeEPd8lio9A7sU6G7Gs6sKar1upmTiMN9hUHTGCjV8LTUWwE%2Bqden8ta9Hwk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e56ed8c85697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":21833,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 144x144, segment length 16, comment: \"Lavc59.37.100\", baseline, precision 8, 640x360, components 3","md5":"a357c4aed3e015678a80bbd047baf4df","sha1":"fab4098623280e63ff6a21e50be1d2e4db7624f5","sha256":"bdbc16b0a4f47da623778779478f000961e3d370c540ed40babc00212b902317","sha512":"1e28881a51352645db1bb4404e28ded5344ee8e5a8d1ebb6ecf5388fe2586ade1b08b5e03c0e51a672583c7e2e9d63a505e708d7ba183ce4378294fb66680b20","ssdeep":"384:8z0fBqj90RkvF7FPzldZIVnIcOZOAzG0xcIgW2+Z67wq1c7LoEr:dfBC0QjPzPZ+IcOQ0xctWVZUwq1cLr","tlshash":"17a2e0647d32e00b3c6c13d704665bddafd82f78420ab92bb5a4ead8c617352c261f66","first_seen":"2026-01-03T10:44:24.810296Z","last_seen":"2026-01-03T10:44:24.810296Z","times_seen":1,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 23:36:36 GMT","end":"Sat, 28 Mar 2026 23:36:35 GMT"},"fingerprint":{"sha1":"0E:EE:1D:ED:80:5A:CA:0C:1E:93:89:94:78:B7:34:91:38:D4:89:51","sha256":"CF:77:1B:FB:04:67:32:02:DF:D9:38:24:27:3D:A5:98:54:0C:4D:BA:C5:1B:62:FD:C1:E1:17:57:6F:63:B3:BF"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 10:43:38 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: f63b81b812eaf1b6e6bf55bb3815f42f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-04-30T15:37:40.405323Z","times_seen":15005,"resource_available":true,"data":null}},"time_used":144,"timings":{"blocked":45,"dns":1,"connect":17,"send":0,"wait":20,"receive":19,"ssl":39},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/jserror?type=banner_static\u0026bavar=0\u0026build=1.0.658\u0026zoneid=\u0026e=Error\u0026m=BCLC\u0026ab=0\u0026trid=\u0026url=https%3A%2F%2Fpahindot.vip%2Fwatch%2Flawayan-mo-bro-para-dumulas-ang-kiffy%2F","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /jserror?type=banner_static\u0026bavar=0\u0026build=1.0.658\u0026zoneid=\u0026e=Error\u0026m=BCLC\u0026ab=0\u0026trid=\u0026url=https%3A%2F%2Fpahindot.vip%2Fwatch%2Flawayan-mo-bro-para-dumulas-ang-kiffy%2F HTTP/1.1\r\nHost: guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nCookie: cart=1; cart_p=2; CHCK=1; PTS=; UID=2601030543f843a59bed6a4d31bcec042177\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:40 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":55,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bn.adbestnet.com/fao2.php","fqdn":"bn.adbestnet.com","domain":"adbestnet.com","tld":"com"},"ip":{"addr":"104.21.90.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://bn.adbestnet.com/fao.php?id=3","date":"2026-01-03T10:43:41.784Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"adbestnet.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 00:59:49 GMT","end":"Mon, 02 Mar 2026 01:58:19 GMT"},"fingerprint":{"sha1":"17:9B:31:D7:0F:D7:C3:02:EE:74:3A:82:E3:67:02:B1:D2:41:C7:8F","sha256":"E2:E9:72:B8:71:FE:90:B7:CA:64:92:0A:66:1C:F5:62:4B:2E:30:E0:32:81:03:D9:CB:17:57:7A:D2:6B:DD:FE"}}},"request":{"raw":"GET /fao2.php HTTP/1.1\r\nHost: bn.adbestnet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bn.adbestnet.com/fao.php?id=3\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:41 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: PHP/7.4.33, PleskLin\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lYNiFqWQal%2FX3u%2FkRE25ZuRGJs9cA4j1DPSQjtyGcKpiOO9EvnJRffHsDdqsCmchDL2LgI1SQqp82vAxaAkRLHDQcfyNjD35rczLPEbFEnQ%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9b81e589fde92efa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":129,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with no line terminators","md5":"6825fb2b3913134c3615d32021ac21ce","sha1":"2dced7f01c64f224844fd1e9783ab2cb25f4aa6f","sha256":"985262e89e1a123be7d0ec9e8eaed39d77ac8feb944e2a0ffe3e017f5bcbee82","sha512":"0174553bc7a2e0ede16ffaa17aa99456fe76321c09e291f73a022fd4791098b7271199d19d56b803604321ef813704a249bd94457f379b2d70bb26ca96ba4b01","ssdeep":"","tlshash":"e1b09be39d1dc16396a389c5d164905e4442f95f4991c48795651d5021846f57945c30","first_seen":"2025-12-21T09:57:52.250539Z","last_seen":"2026-03-09T07:46:08.867076Z","times_seen":9,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/11/Hugasan-Mo-Kasi-Bro-Bago-Mo-Ipasubo-300x169.jpg","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.449Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/Hugasan-Mo-Kasi-Bro-Bago-Mo-Ipasubo-300x169.jpg HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 07 Jan 2026 18:24:14 GMT\r\netag: \"2951-690a7bd0-1201b56;;;\"\r\nlast-modified: Tue, 04 Nov 2025 22:18:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 10577\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\nage: 231563\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LPXmsFGsOdHL8AaBRUyJDa2RtgcLuHaKEadp0cI2Js6OYwQbSuh5ovBC7Oo5hXFNpijlWguSGv4YLhyX9VSu6v4G5smyhdRR7UU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e56ec8c45697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":10577,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 144x144, segment length 16, comment: \"Lavc59.37.100\", baseline, precision 8, 300x169, components 3","md5":"a61466829e1ee73ddf7a888703794fd0","sha1":"3f2fa20f5fa5cc1f23d8cca863489ea01e16bc38","sha256":"7e44d3ce2a867a1bf3d02d7a2d7a0ab593603a180647561824984c77e944bdb0","sha512":"6d729a5f454a00826ebdb61d6e943b324b3d369f3728060826ea4c29e616a97129849a1decaf6a206bbcc6d598d539249f529aac27aadd129f05d009ccda00f3","ssdeep":"192:nME7GCv0PvKWEfe0Jp3vjtMZyJC1cmuxo7aWFGVs8qdC2H+bhCEombpgcEnDc9SZ:j4vKWEfbb/j6Z4mUo6qtH+bhCEZpSwzW","tlshash":"1c22bf3b1e066583c8681e9951bfd819684a5cb7cec2cb2c27b1c4c9e9e39cc7927062","first_seen":"2026-01-03T10:44:24.82193Z","last_seen":"2026-01-03T10:44:24.82193Z","times_seen":1,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/12/hinigop-at-sinubo-ng-buo-pagkatapos-maglaro.png","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/12/hinigop-at-sinubo-ng-buo-pagkatapos-maglaro.png HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 07 Jan 2026 17:01:55 GMT\r\netag: \"13230-693e64d2-9d4132;;;\"\r\nlast-modified: Sun, 14 Dec 2025 07:18:42 GMT\r\ncontent-type: image/png\r\ncontent-length: 78384\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=60%2BzN9sb27UfEJkdplz8XobQD94wYbDU%2FErULo2mWsaIMlmr3KvTQC%2FJeVyT%2FLJpb5htLwxkoJf1OIMlv1ZIM704Zo%2B%2FwWqgzfc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e56ee8d15697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":78384,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 320 x 180, 8-bit/color RGB, non-interlaced","md5":"d1de8cc82dc467f36ebf8c632453e3bc","sha1":"beb56e2b2983708fd82b44bd30051d2a12007faa","sha256":"6bcbb617ac4b0bea1f29c97a93578d2ebd4746126949f8060e5fb30c311d4733","sha512":"c476e6300896cc6eaebe6e66b873ea7035f20788c9c82c5022bb13d334ffd7d1d15d32458c598e593bc89fad142f1758ae85dbeb16994744879cbae6b9cf3e82","ssdeep":"1536:ibjAh2A+7U1PR3eWyR5vhXk2GmxHNwTcSlHuNj8dTPbUOU+YunxVBOe7HzF:ibjAhIIzJuhXKKHNuKiTjtx/p3F","tlshash":"697312fd9c36c3b97c199f12e2e0a850dafb720ea0e353bd16719c3e01463e49151a9e","first_seen":"2026-01-03T10:44:24.824397Z","last_seen":"2026-01-03T10:44:24.824397Z","times_seen":1,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/styles__ltr.css","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.google.com/recaptcha/api2/bframe?hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026k=6LdA2QEsAAAAAId6Kd8IJcsUKYIoPp2P7frTZ0Sd\u0026bft=0dAFcWeA5YRc4cvXOvicv8bzEC6ibAAjgLeTbsQCxBetmgBaUKyIJuyZrcmtCqHFXa5k5XGw2Vbr9LZ17YkHC4JUKaykfmF3RWLQ","date":"2026-01-03T10:43:41.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/styles__ltr.css HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 42555\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 30 Dec 2025 07:38:58 GMT\r\nexpires: Wed, 30 Dec 2026 07:38:58 GMT\r\ncache-control: public, max-age=31536000\r\nage: 356683\r\nlast-modified: Mon, 08 Dec 2025 05:00:52 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":83364,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"1e1e7ef5663f5b92b4516b94446dde2c","sha1":"e986dbaced4170ab6fd5852aa806ba6ed1e8cc14","sha256":"f71a14f41c5875c258dcece1dddf55d50a26b8e5bfb626ea07b948551f40fcad","sha512":"5ef4991a1755e9cdc4d2497050219de08745fb473b7d945f52abf572ae921472a64cba48a5bcd590a0ed63f3f4ae9c456d77db584b8637b65b03a5b45fe5c7f8","ssdeep":"1536:1fGNbFoZJSUYOOaLnAW8+IcTOImIdthXwW5l1Dx7:1GRFauOxLA/+IcTOuLX1","tlshash":"dc838e7338513b39fc2b9b616186b9edf21cc423e5514bfab5497a20c3db19a8253b07","first_seen":"2025-12-11T19:34:34.541785Z","last_seen":"2026-04-25T20:54:43.677056Z","times_seen":44147,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/11/icon-removebg-preview.png","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.442Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/icon-removebg-preview.png HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 07 Jan 2026 12:01:09 GMT\r\netag: \"12bd-6919e125-12401b2;;;\"\r\nlast-modified: Sun, 16 Nov 2025 14:35:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 4797\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\nage: 254547\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aSA8%2FC5jOJ9lswh7DxASclgrWD4Hn5HI0tiVC56Q0ikHXL%2FuxEZkbfeLPkYFRYDcCD7FA1C8hUFA6Lg6KrfhHKOUkimPgZjpOfg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e56ec8be5697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4797,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"8c9e36b52e41c2e8e1f938b90162743f","sha1":"f033783b7f6ab252db0598cd088d536182b6b4b8","sha256":"f1d745e3c27985fa93b1084e8306d5dd839be8fbae5cf23765ab3611476546e8","sha512":"8646a13acaab2650030626d246e4388b464afae0d187f367ed6b4991c79d52e0cbfe8d81e6ff991e9dee468482eb60670ec317100d318a5126f3f59e90ba709f","ssdeep":"96:Ya1/PUutvT9AJcHtB3jqWn2/GyRxlfip9t0nG5IbHyItJJS/g8WG:3/sK9AOB3jhn2uOxw7t0zZa","tlshash":"72a15cf5a14720f1e9e4f803029959f8c4a3ff050af25ec6e5157156b911f98c331759","first_seen":"2025-11-25T17:58:24.534671Z","last_seen":"2026-01-03T10:44:24.827454Z","times_seen":2,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/plugins/clean-tube-player/public/vendors/jquery-3.4.1.slim.min.js?ver=3.4.1","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/wp-content/plugins/clean-tube-player/public/player-x.php?q=cG9zdF9pZD0wJnR5cGU9dmlkZW8mdGFnPSUzQ3ZpZGVvJTIwaWQlM0QlMjJ3cHN0LXZpZGVvJTIyJTIwY2xhc3MlM0QlMjJ2aWRlby1qcyUyMHZqcy1iaWctcGxheS1jZW50ZXJlZCUyMiUyMGNvbnRyb2xzJTIwcHJlbG9hZCUzRCUyMmF1dG8lMjIlMjB3aWR0aCUzRCUyMjY0MCUyMiUyMGhlaWdodCUzRCUyMjI2NCUyMiUzRSUzQ3NvdXJjZSUyMHNyYyUzRCUyMmh0dHBzJTNBJTJGJTJGY2RuLnBhaGluZG90LmNjJTJGcGFoaW5kb3QlMkZEb3dubG9hZGVkJTJGMjYwMSUyRmxhd2F5YW4tbW8tYnJvLXBhcmEtZHVtdWxhcy1hbmcta2lmZnktMTI5ODQ4OS5tcDQlMjIlMjB0eXBlJTNEJTIydmlkZW8lMkZtcDQlMjIlM0UlM0MlMkZ2aWRlbyUzRQ==","date":"2026-01-03T10:43:38.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/plugins/clean-tube-player/public/vendors/jquery-3.4.1.slim.min.js?ver=3.4.1 HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/wp-content/plugins/clean-tube-player/public/player-x.php?q=cG9zdF9pZD0wJnR5cGU9dmlkZW8mdGFnPSUzQ3ZpZGVvJTIwaWQlM0QlMjJ3cHN0LXZpZGVvJTIyJTIwY2xhc3MlM0QlMjJ2aWRlby1qcyUyMHZqcy1iaWctcGxheS1jZW50ZXJlZCUyMiUyMGNvbnRyb2xzJTIwcHJlbG9hZCUzRCUyMmF1dG8lMjIlMjB3aWR0aCUzRCUyMjY0MCUyMiUyMGhlaWdodCUzRCUyMjI2NCUyMiUzRSUzQ3NvdXJjZSUyMHNyYyUzRCUyMmh0dHBzJTNBJTJGJTJGY2RuLnBhaGluZG90LmNjJTJGcGFoaW5kb3QlMkZEb3dubG9hZGVkJTJGMjYwMSUyRmxhd2F5YW4tbW8tYnJvLXBhcmEtZHVtdWxhcy1hbmcta2lmZnktMTI5ODQ4OS5tcDQlMjIlMjB0eXBlJTNEJTIydmlkZW8lMkZtcDQlMjIlM0UlM0MlMkZ2aWRlbyUzRQ==\r\nCookie: UGVyc2lzdFN0b3JhZ2U=%7B%7D; _pk_id.125.8d89=da0b78d847ed0a92.1767437019.; _pk_ses.125.8d89=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"1157d-67438e68-7436c2;br\"\r\nlast-modified: Sun, 24 Nov 2024 20:36:56 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 23778\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9R4AeOtqJwBPOlwUbC27FcW%2FzjGMumJZeX3AhiVLdO%2F7qafLvzmSmxUry3LRHPKlNq%2BancNueiTsaSogILWJOl5In5KdXWFi0Wc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9b81e57689115697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":71037,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65247)","md5":"d9b11ca4d877c327889805b73bb79edd","sha1":"dd15958a3f0f1f3601461f927c4703a56ed59011","sha256":"a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f","sha512":"787598a2bb567b6372c4722263fc18f369cae1194f2030c3483e59bd31eb4e48aaf6d01efbe0c186ae6b0dc0b4db1a87c61d1cb4618c6c72a8b6ab5871881764","ssdeep":"1536:7DFXT6kYFbzDoyZxg6V4BMWzIVzvxuOczHdpc3RvVE+hWtfBPfH2r+rxQ47GKi:BT6gOczHdUC/fHlxQ47GKi","tlshash":"016308dd72c6b07357ab31ba007f610bf136189a6c4d4450f129e4e9bc78a4a827bf6d","first_seen":"2023-03-07T01:06:36Z","last_seen":"2026-04-30T15:36:40.625149Z","times_seen":8461,"resource_available":true,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":131,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:41.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://pahindot.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 30 Dec 2025 19:22:36 GMT\r\nexpires: Wed, 30 Dec 2026 19:22:36 GMT\r\ncache-control: public, max-age=31536000\r\nage: 314465\r\nlast-modified: Tue, 18 Nov 2025 19:00:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-30T15:35:35.081995Z","times_seen":775447,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/litespeed/css/76166142d8405e1b3a6e9e3a39d903d6.css?ver=903d6","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.430Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/litespeed/css/76166142d8405e1b3a6e9e3a39d903d6.css?ver=903d6 HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 10 Jan 2026 10:43:37 GMT\r\netag: \"3d02-6958f2d7-7ae186;br\"\r\nlast-modified: Sat, 03 Jan 2026 10:43:35 GMT\r\ncontent-type: text/css\r\ncontent-length: 1346\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hizlrBJTNjMo%2BbjQCJo3Ak4n4A3dw0qMMy1av%2BYWtstJk0NarzN%2FQvmqU8xaN42NvHclYf48CZwToLFarooRnnquptToc3d6ETc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9b81e56eb8bb5697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":15618,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (15618), with no line terminators","md5":"151fd6f80281818121f56ac2758f500d","sha1":"b29822f4160857600a6114549282468023a2c317","sha256":"48a9d5a3581fc703f95ecbf3f5f2a20ff5a4e0359ecc62de57cb7705bb05e9a3","sha512":"be40d184557d1773e0629015a7d3331e9da6329bcb43d0353b67e5deb5a09efcac666bf1e0408545a5b82b5a1062467ea86a509b16b9a1a96691a2a2f0716e71","ssdeep":"192:BKTDxxXWHpQZpBrMAxt1d0sQQ1DbvlVfB:LpQZpBrMAj0sXfB","tlshash":"b3621f81c45b2d27602de5b662ec74c6837734cebe6d9ed6f9f83c9065d1989003e22b","first_seen":"2025-07-09T09:28:27.92512Z","last_seen":"2026-01-03T10:44:24.834124Z","times_seen":3,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 23:36:36 GMT","end":"Sat, 28 Mar 2026 23:36:35 GMT"},"fingerprint":{"sha1":"0E:EE:1D:ED:80:5A:CA:0C:1E:93:89:94:78:B7:34:91:38:D4:89:51","sha256":"CF:77:1B:FB:04:67:32:02:DF:D9:38:24:27:3D:A5:98:54:0C:4D:BA:C5:1B:62:FD:C1:E1:17:57:6F:63:B3:BF"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 10:43:38 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: c70a9e92fb6d2ce15bb2c345a9ed25eb\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-04-30T15:37:40.405323Z","times_seen":15005,"resource_available":true,"data":null}},"time_used":175,"timings":{"blocked":64,"dns":0,"connect":17,"send":0,"wait":24,"receive":18,"ssl":48},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/plugins/clean-tube-player/public/vendors/fluidplayer-3.0.4.min.js?ver=3.0.4","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/wp-content/plugins/clean-tube-player/public/player-x.php?q=cG9zdF9pZD0wJnR5cGU9dmlkZW8mdGFnPSUzQ3ZpZGVvJTIwaWQlM0QlMjJ3cHN0LXZpZGVvJTIyJTIwY2xhc3MlM0QlMjJ2aWRlby1qcyUyMHZqcy1iaWctcGxheS1jZW50ZXJlZCUyMiUyMGNvbnRyb2xzJTIwcHJlbG9hZCUzRCUyMmF1dG8lMjIlMjB3aWR0aCUzRCUyMjY0MCUyMiUyMGhlaWdodCUzRCUyMjI2NCUyMiUzRSUzQ3NvdXJjZSUyMHNyYyUzRCUyMmh0dHBzJTNBJTJGJTJGY2RuLnBhaGluZG90LmNjJTJGcGFoaW5kb3QlMkZEb3dubG9hZGVkJTJGMjYwMSUyRmxhd2F5YW4tbW8tYnJvLXBhcmEtZHVtdWxhcy1hbmcta2lmZnktMTI5ODQ4OS5tcDQlMjIlMjB0eXBlJTNEJTIydmlkZW8lMkZtcDQlMjIlM0UlM0MlMkZ2aWRlbyUzRQ==","date":"2026-01-03T10:43:38.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/plugins/clean-tube-player/public/vendors/fluidplayer-3.0.4.min.js?ver=3.0.4 HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/wp-content/plugins/clean-tube-player/public/player-x.php?q=cG9zdF9pZD0wJnR5cGU9dmlkZW8mdGFnPSUzQ3ZpZGVvJTIwaWQlM0QlMjJ3cHN0LXZpZGVvJTIyJTIwY2xhc3MlM0QlMjJ2aWRlby1qcyUyMHZqcy1iaWctcGxheS1jZW50ZXJlZCUyMiUyMGNvbnRyb2xzJTIwcHJlbG9hZCUzRCUyMmF1dG8lMjIlMjB3aWR0aCUzRCUyMjY0MCUyMiUyMGhlaWdodCUzRCUyMjI2NCUyMiUzRSUzQ3NvdXJjZSUyMHNyYyUzRCUyMmh0dHBzJTNBJTJGJTJGY2RuLnBhaGluZG90LmNjJTJGcGFoaW5kb3QlMkZEb3dubG9hZGVkJTJGMjYwMSUyRmxhd2F5YW4tbW8tYnJvLXBhcmEtZHVtdWxhcy1hbmcta2lmZnktMTI5ODQ4OS5tcDQlMjIlMjB0eXBlJTNEJTIydmlkZW8lMkZtcDQlMjIlM0UlM0MlMkZ2aWRlbyUzRQ==\r\nCookie: UGVyc2lzdFN0b3JhZ2U=%7B%7D; _pk_id.125.8d89=da0b78d847ed0a92.1767437019.; _pk_ses.125.8d89=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"32825-682cd966-7436c1;br\"\r\nlast-modified: Tue, 20 May 2025 19:35:02 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 42437\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TjrFUeF%2FReK39kQvGbqtsL3C3o9fOj6W14eiwXzppq3EGdgZA53UKK48YybI%2BbyBM2iSXZq9ctMlZOrwZ%2BWELrMtRqVLmbvTXc4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9b81e57689125697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":206885,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (62756)","md5":"2896df93f5e7b6ddd19e3cebcab9e43b","sha1":"7cb28a844bb25b53b841bde95160021eab06c39c","sha256":"6c12348af4b06634411003ecb69f0b3b60cd8674efb1329ee7319ba6cc3d2466","sha512":"36decbdacee87f1ea42cf7b2e36d44bc292804badab0a061f6ea5b92ad9b6e8af1d2e238eb92d960419f84aac64381f2725378c92379d7ca39409f5c8409166a","ssdeep":"6144:eHokyLucaeewSwCGEYwBvZw+oVVNPYI//k0fWqsyB3zonjv35Jmmz+b:CYwBvZwlVVN2yIjv35Jmm6b","tlshash":"7f14f8ce3a549a304cdb6b9fb7efd211323c6509a832712ab417fd8e43ac589d4136d9","first_seen":"2025-07-07T03:23:20.423729Z","last_seen":"2026-01-03T10:44:24.83668Z","times_seen":11,"resource_available":true,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":69,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/get/1923731?id=1923731\u0026pid=__clb-spot_1923731_its_1\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=1\u0026uf=0\u0026freq=0","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.871Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /get/1923731?id=1923731\u0026pid=__clb-spot_1923731_its_1\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=1\u0026uf=0\u0026freq=0 HTTP/1.1\r\nHost: guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nCookie: cart=1; cart_p=2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-route-id: config\r\nset-cookie: CHCK=1; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\nPTS=; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\nUID=2601030543a0cd7ba8960d497d877a739b0e; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\r\ncontent-encoding: gzip\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6146,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (6146), with no line terminators","md5":"dce749d40097fb217345c14ba7e86384","sha1":"39631d6d7aad0ffee993ed775e7faf3abc23f28f","sha256":"56b4b6fd335157f461fba829ef8c925981e638cbb43e71a58ba6e911c33713b7","sha512":"8c8ecc76c0505ff9f4f4ce1e41ff2a7fd8b4d8616ec40f65c8720014faa555399902b81df61776ea04e405268a0b392588f7ff0014694d61ff8276bf5aaa03c4","ssdeep":"192:KNgSif9Vie1GvHaSif9Vie1GvHSSif9Vie1GvHpSif9Vie1GvHn2qo:sgSif9VpGvHaSif9VpGvHSSif9VpGvHT","tlshash":"59c1e7487c6f84fe8b2316eb62eb5c4d15e10ecdc2a61a3a53366b450d21332cfa5657","first_seen":"2026-01-03T10:44:24.842068Z","last_seen":"2026-01-03T10:44:24.842068Z","times_seen":1,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/jserror?type=banner_static\u0026bavar=0\u0026build=1.0.658\u0026zoneid=\u0026e=Error\u0026m=BCLC\u0026ab=0\u0026trid=\u0026url=https%3A%2F%2Fpahindot.vip%2Fwatch%2Flawayan-mo-bro-para-dumulas-ang-kiffy%2F","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /jserror?type=banner_static\u0026bavar=0\u0026build=1.0.658\u0026zoneid=\u0026e=Error\u0026m=BCLC\u0026ab=0\u0026trid=\u0026url=https%3A%2F%2Fpahindot.vip%2Fwatch%2Flawayan-mo-bro-para-dumulas-ang-kiffy%2F HTTP/1.1\r\nHost: guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nCookie: cart=1; cart_p=2; CHCK=1; PTS=; UID=2601030543f843a59bed6a4d31bcec042177\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:40 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ruxella.com/out3.php","fqdn":"ruxella.com","domain":"ruxella.com","tld":"com"},"ip":{"addr":"104.21.22.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://ads.quality-traffic.com/nwdagit.php","date":"2026-01-03T10:43:39.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ruxella.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 12 Dec 2025 15:01:42 GMT","end":"Thu, 12 Mar 2026 16:01:23 GMT"},"fingerprint":{"sha1":"35:67:84:0C:2A:89:A0:71:1F:66:54:7E:E0:A2:6A:3B:FA:93:2F:41","sha256":"DB:21:70:CF:5B:2A:2C:7F:FC:68:D4:76:C6:0B:13:DA:E9:20:86:B4:79:D2:D5:6E:DE:87:50:9D:3A:F4:F5:CB"}}},"request":{"raw":"GET /out3.php HTTP/1.1\r\nHost: ruxella.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ads.quality-traffic.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 10:43:40 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: accept-encoding\r\nx-powered-by: PHP/7.4.33, PleskLin\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64\r\naccess-control-allow-credentials: true\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://ads.quality-traffic.com\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b81e57ee94ab4ed-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9902,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"C++ source, Unicode text, UTF-8 text","md5":"b47afe2edf672d58511760c1955cdb1d","sha1":"88ed53ab9becea384948f2e09b68008bd1d43890","sha256":"673348a3343d3b0c08920bb869691ecced8c154f935bb29927fbf7f577eaf6ed","sha512":"8242a9d7f8d69b5b4db28b4d483d219ed710ebbcad193db9b414dcaa83246eb2ba93831b353d02a8ed6a6f272bb94402e58c9883ccd0b9939d127cf0ef9aa372","ssdeep":"192:56SI5fA2PJt/wKoI/uynlC/f5D535Ax5NN6cilWXC2ifai8iYoi7DkX8zlJjijS6:57UI2xZw79ys5D535Ax5L+lWX5iSi8iZ","tlshash":"c912428516fb1036ca77502d4feb26657274880b7a0acd4c3ead83d44f88a3589b5ff4","first_seen":"2026-01-01T23:17:49.060295Z","last_seen":"2026-01-15T16:01:53.595774Z","times_seen":54,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":0,"dns":5,"connect":1,"send":0,"wait":57,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.guidepaparazzisurface.com/static/video/bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4","fqdn":"www.guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /static/video/bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4 HTTP/1.1\r\nHost: www.guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:39 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 893503\r\nlast-modified: Mon, 15 Dec 2025 18:53:35 GMT\r\netag: \"6940592f-da23f\"\r\nexpires: Wed, 04 Mar 2026 10:43:39 GMT\r\ncache-control: max-age=5184000\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS\r\naccess-control-expose-headers: Last-Modified\r\ncontent-range: bytes 0-893502/893503\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":893503,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"df7722471047d1868385d3c71b777260","sha1":"ba936a047c1b983e1a14a47eba40bfb48ae2dbc5","sha256":"6eef643ed38be4036db1bb4f2447f35c886d8ece2b4aff0922598e413216d1fa","sha512":"20792c2370847b7100e0d18d5168319beae0bd8190459df32b456a72fcd32e2739fdff6533d31b50e0727e290229800424482ba450ba632ddcc2b4cc4afcc155","ssdeep":"24576:1rRxYA0lJEwTkVvqWGL4jByMfI8doc/TKA+rj:T+A0lJEwMmL4jByYo8Ts/","tlshash":"251522b312c11c6be6286b3798e716d763d9cd6561328e02b44d70311bf49ea2f2bdd4","first_seen":"2025-05-09T01:45:52.872445Z","last_seen":"2026-04-24T07:04:07.90058Z","times_seen":2320,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":133,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.guidepaparazzisurface.com/static/video/bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4","fqdn":"www.guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /static/video/bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4 HTTP/1.1\r\nHost: www.guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:39 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 893503\r\nlast-modified: Mon, 15 Dec 2025 18:53:35 GMT\r\netag: \"6940592f-da23f\"\r\nexpires: Wed, 04 Mar 2026 10:43:39 GMT\r\ncache-control: max-age=5184000\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS\r\naccess-control-expose-headers: Last-Modified\r\ncontent-range: bytes 0-893502/893503\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":893503,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"df7722471047d1868385d3c71b777260","sha1":"ba936a047c1b983e1a14a47eba40bfb48ae2dbc5","sha256":"6eef643ed38be4036db1bb4f2447f35c886d8ece2b4aff0922598e413216d1fa","sha512":"20792c2370847b7100e0d18d5168319beae0bd8190459df32b456a72fcd32e2739fdff6533d31b50e0727e290229800424482ba450ba632ddcc2b4cc4afcc155","ssdeep":"24576:1rRxYA0lJEwTkVvqWGL4jByMfI8doc/TKA+rj:T+A0lJEwMmL4jByYo8Ts/","tlshash":"251522b312c11c6be6286b3798e716d763d9cd6561328e02b44d70311bf49ea2f2bdd4","first_seen":"2025-05-09T01:45:52.872445Z","last_seen":"2026-04-24T07:04:07.90058Z","times_seen":2320,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":66,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/plugins/menu-icons/css/fontawesome/webfonts/fa-solid-900.woff2","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/plugins/menu-icons/css/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/wp-content/litespeed/css/59c3e913d4099ac65a7100d2c64b76d9.css?ver=b76d9\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 10 Jan 2026 10:43:38 GMT\r\netag: \"25cd8-68bfde3c-ec54a1;;;\"\r\nlast-modified: Tue, 09 Sep 2025 07:58:52 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 154840\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SM2VnNNvCO9DDRHrCJffZFG5hW4hlfPC6BQGkStxDKRFnX7oeEqzj4dFIks89wACbyxFaB0OsfLIBEbAYJaXcbgJRQiFcnKoBCo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9b81e573e8fc5697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":154840,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 154840, version 769.1280","md5":"be4dccbe54eea47a0ad5d7bb60a3c17d","sha1":"1979128e8ba1517d85f5e4ee505abf486c51557c","sha256":"52bbd916956b4ed8b9d71d1784e4008b207814ec506203326fb36052f3451adb","sha512":"7f7b2964cbeca667d4c26a208be85ab5cb77bb0817318fa3b9045643475ad50b0686427f71588ce52f340df9d030a979b12282da36d9cecd02e86962ff21741f","ssdeep":"3072:cHotp2dhjcnP3MuYoRmQPg7mjPrqsA1qHO32raWB8nxDEUNnP2OcsJpJE:3p2d2nkuvzY8pW1EUNP1csJ4","tlshash":"6fe312d40dbb45e0fa24d204633a4e0e0017bdedde6169b9cf34fb8c9314798ea5ba25","first_seen":"2023-04-05T04:43:09Z","last_seen":"2026-04-30T15:21:35.287227Z","times_seen":2140,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":134,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.guidepaparazzisurface.com/static/video/bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4","fqdn":"www.guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /static/video/bn/ba9/36a/047/ba936a047c1b983e1a14a47eba40bfb48ae2dbc5.mp4 HTTP/1.1\r\nHost: www.guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:39 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 893503\r\nlast-modified: Mon, 15 Dec 2025 18:53:35 GMT\r\netag: \"6940592f-da23f\"\r\nexpires: Wed, 04 Mar 2026 10:43:39 GMT\r\ncache-control: max-age=5184000\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS\r\naccess-control-expose-headers: Last-Modified\r\ncontent-range: bytes 0-893502/893503\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":893503,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"df7722471047d1868385d3c71b777260","sha1":"ba936a047c1b983e1a14a47eba40bfb48ae2dbc5","sha256":"6eef643ed38be4036db1bb4f2447f35c886d8ece2b4aff0922598e413216d1fa","sha512":"20792c2370847b7100e0d18d5168319beae0bd8190459df32b456a72fcd32e2739fdff6533d31b50e0727e290229800424482ba450ba632ddcc2b4cc4afcc155","ssdeep":"24576:1rRxYA0lJEwTkVvqWGL4jByMfI8doc/TKA+rj:T+A0lJEwMmL4jByYo8Ts/","tlshash":"251522b312c11c6be6286b3798e716d763d9cd6561328e02b44d70311bf49ea2f2bdd4","first_seen":"2025-05-09T01:45:52.872445Z","last_seen":"2026-04-24T07:04:07.90058Z","times_seen":2320,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":132,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ad.twinrdengine.com/adraw?zone=01KDVTS5AMB393WKV0Y61EYDAA\u0026kw=COMMA_SEPARATED_KEYWORDS","fqdn":"ad.twinrdengine.com","domain":"twinrdengine.com","tld":"com"},"ip":{"addr":"34.111.67.216","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ruxella.com/out3.php","date":"2026-01-03T10:43:40.366Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ad.twinrdengine.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Dec 2025 15:32:51 GMT","end":"Mon, 23 Mar 2026 16:28:46 GMT"},"fingerprint":{"sha1":"02:0E:19:90:FE:EB:CD:15:18:37:00:35:AD:34:18:E3:6A:DA:D8:A3","sha256":"81:FD:A2:C7:B7:0F:12:79:16:29:FF:78:75:2F:D7:3D:5D:C7:4C:52:D1:27:21:05:6B:C5:69:BD:CA:25:85:2F"}}},"request":{"raw":"GET /adraw?zone=01KDVTS5AMB393WKV0Y61EYDAA\u0026kw=COMMA_SEPARATED_KEYWORDS HTTP/1.1\r\nHost: ad.twinrdengine.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ruxella.com/\r\nOrigin: https://ruxella.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nvary: origin\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://ruxella.com\r\ncontent-type: text/xml\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ndate: Sat, 03 Jan 2026 10:43:40 GMT\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":4585,"size_decoded":0,"mime_type":"text/xml","magic":"XML 1.0 document, ASCII text, with very long lines (1267)","md5":"63bc596025e259ef84163eb082139710","sha1":"03a26d56c6eb38390cd7231b4ebf462dcb9d7d78","sha256":"b0c6a5a7ed6311f4653240c647066c7af6ebff32cf02bc641781b30a2293c70c","sha512":"60e568a74921a5e8e550a061457b8928ecb2b4d30b674fc66ad7036dfd31bce61b0a6777c599251aa6cf03fe1efef183b6eb81ad061ee768cc8efc6cb6e3d652","ssdeep":"48:cJNd0O8xBkJIxClNV2qRoRXvh19Fkhdmk8xBkJIxClNV2qRoRXvh17M+08xBkJI+:xkJIVZ/3khdmkJIVZ/jTkJIVZ/m","tlshash":"4f910a304ef33bd5aae0ee7591910608236a02eb1aebcc5f7b9c1661cf39a745911552","first_seen":"2026-01-03T10:44:24.847404Z","last_seen":"2026-01-03T10:44:24.847404Z","times_seen":1,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":137,"dns":13,"connect":26,"send":0,"wait":64,"receive":0,"ssl":97},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"video.sacdnssedge.com/video/ol_8ec9eb7381da66471a177ccfd1abb952.mp4","fqdn":"video.sacdnssedge.com","domain":"sacdnssedge.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://ruxella.com/out3.php","date":"2026-01-03T10:43:41.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1894120159.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 19 Nov 2025 11:12:15 GMT","end":"Tue, 17 Feb 2026 11:12:14 GMT"},"fingerprint":{"sha1":"8B:3E:32:D0:D6:38:B0:7C:60:91:F6:D3:6F:B6:9F:BA:58:A8:98:50","sha256":"21:E0:91:75:BE:B5:3A:EB:F4:36:B2:EC:7D:AF:21:0D:D2:C9:58:AB:BC:4F:F3:08:0D:0B:C8:CC:44:41:94:DE"}}},"request":{"raw":"GET /video/ol_8ec9eb7381da66471a177ccfd1abb952.mp4 HTTP/1.1\r\nHost: video.sacdnssedge.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ruxella.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Sat, 03 Jan 2026 10:43:41 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 2369518\r\nvary: accept-encoding\r\naccess-control-expose-headers: Content-Disposition\r\ncontent-disposition: inline; filename=\"ol_8ec9eb7381da66471a177ccfd1abb952.mp4\"\r\netag: \"f5eede0149dea2a140e88178c809352b\"\r\nexpires: Sat, 03 Jan 2026 11:43:19 GMT\r\nlast-modified: Sat, 03 Jan 2026 10:43:19 GMT\r\nx-amz-request-id: 182f3e48-6039-491e-b885-b651a0076410\r\nx-seaweedfs-expires-s3: true\r\ncache-control: max-age=7200\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nage: 0\r\ncf-cache-status: HIT\r\ncf-ray: 9b81e5021a5b9b83-FRA\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-77-nzt: EwwBX63NDQH3EgAAAAwBuUwKDAH3AwAAAAwBT3/Y+AG3AAAAAA\r\nx-77-nzt-ray: 2a494a155800f28d02f35869e69b9704\r\nx-77-cache: HIT\r\nx-77-age: 18\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\ncontent-range: bytes 0-2369517/2369518\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1212416,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"963d70f463c7e85b5f3c920da5671532","sha1":"68bf859f9569500033036695b9b5b1ee9d11ab6f","sha256":"386b2ab3bbf134d709936284a6c59014a6048a5363a33b0ce3d8555c6540dcfc","sha512":"298974a0cc5eb0d1207178a9352040e8a15812e8450e28a7794ab4a949155da58d0257b09f0685889dfc8bb09d95cb27a290067527eaac6d1c82dcd7200ffba8","ssdeep":"24576:hzwkY0VnfowUES0fFpROltqrdXzIvRvuzBTwjFROxm:lY0VVjFpIqrdX0JvuzGjKxm","tlshash":"23253375f4321b1ebc1d1138952eb3a71f85cc8e147e6a87ce59ac2221bd8d9af5e840","first_seen":"2026-01-03T10:44:24.849948Z","last_seen":"2026-01-03T10:52:07.5172Z","times_seen":2,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":64,"dns":44,"connect":5,"send":0,"wait":5,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=fc452f32-c345-4736-b87a-f9cba0e30227\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=1e4090d2a697a1a126244d851f2129fc\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=10","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:40.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 22:13:33 GMT","end":"Sat, 28 Mar 2026 22:13:32 GMT"},"fingerprint":{"sha1":"A3:08:82:4A:9A:ED:6E:4C:29:FC:10:0D:1D:8F:8B:68:0E:D0:49:72","sha256":"B4:01:36:5D:F9:70:75:BF:F6:56:67:76:BB:CC:A2:D3:BA:69:61:33:56:FC:C7:21:69:6E:04:BE:95:D7:B2:F5"}}},"request":{"raw":"GET /pxf.gif?uuid=fc452f32-c345-4736-b87a-f9cba0e30227\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=1e4090d2a697a1a126244d851f2129fc\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=10 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 10:43:41 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 1\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 1d08947b69a9dadb2fd761076ba8692d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":704,"timings":{"blocked":288,"dns":3,"connect":94,"send":0,"wait":128,"receive":0,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.328Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:51:40 GMT","end":"Sun, 29 Mar 2026 00:51:39 GMT"},"fingerprint":{"sha1":"F3:CE:FF:C9:F8:70:23:18:40:13:70:96:1A:D1:FD:34:D3:CD:66:FC","sha256":"07:8C:A3:3F:1D:F1:E0:75:3D:26:20:F5:D5:75:64:CE:F7:40:6E:B7:BB:B9:EC:79:33:27:5F:51:2E:B0:12:E7"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 10:43:38 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d4b835eefe148d44469d1bfc1c1858d6\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":158,"timings":{"blocked":70,"dns":1,"connect":21,"send":0,"wait":17,"receive":0,"ssl":44},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/get/1923765?id=1923765\u0026pid=__clb-spot_1923765_hon_3\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=1\u0026uf=0\u0026freq=0","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /get/1923765?id=1923765\u0026pid=__clb-spot_1923765_hon_3\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=1\u0026uf=0\u0026freq=0 HTTP/1.1\r\nHost: guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nCookie: cart=1; cart_p=2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-route-id: config\r\nset-cookie: CHCK=1; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\nPTS=; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\nUID=260103054363eb322c9a4b4677b868ace907; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\r\ncontent-encoding: gzip\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6143,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (6143), with no line terminators","md5":"b4c805bf694d565c856278acd0ffa2d8","sha1":"c886237acd930ee2ccd7ae946969a2c4b840570d","sha256":"787640241eba9c378f56415b86511f76a0595e96c8d40f5e9195843bb140a3c3","sha512":"a65cc8854123c1bb59f80ecabce8e30fe175dfb8d387b8a39f2892a391cfedf8d0be841e86d1152272076cf58e674803f24a61b42e62b7af68efb2d9c96ae6b4","ssdeep":"96:SmhHS0c2rvDPWfSAHSQHS0c2rvDPWfSAHMHS0c2rvDPWfSAHJHS0c2rvDPWfSAHF:Smh7NjDvQ7NjD77NjDE7NjDGJmpo","tlshash":"a6c11aa65083edfe8917b8831b736eb1ed1ac718e8d4e5d160ece9e5508436f860d1c9","first_seen":"2026-01-03T10:44:24.85301Z","last_seen":"2026-01-03T10:44:24.85301Z","times_seen":1,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"guidepaparazzisurface.com/get/1990311?id=1990311\u0026pid=__clb-spot_1990311_qts_9\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=3\u0026uf=0\u0026freq=0","fqdn":"guidepaparazzisurface.com","domain":"guidepaparazzisurface.com","tld":"com"},"ip":{"addr":"94.242.247.33","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:38.882Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"guidepaparazzisurface.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 14:23:05 GMT","end":"Wed, 21 Jan 2026 14:23:04 GMT"},"fingerprint":{"sha1":"5A:BC:92:8A:E0:FC:60:45:05:4A:CC:E1:D7:6B:72:BB:93:32:F6:91","sha256":"19:70:19:D0:ED:4F:FB:6C:FA:AD:84:D8:C0:10:B9:2B:AB:6C:59:25:01:A3:CA:EB:51:EF:AA:79:6F:AF:38:43"}}},"request":{"raw":"GET /get/1990311?id=1990311\u0026pid=__clb-spot_1990311_qts_9\u0026jp=_clwrgllqnjrwswplewcypx\u0026dr=52\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.658-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=7kGuMuBgrdpscETugY\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=2ysCWjZaHR0cHM6Ly9wYWhpbmRvdC52aXAvd2F0Y2gvbGF3YXlhbi1tby1icm8tcGFyYS1kdW11bGFzLWFuZy1raWZmeS8\u0026afid=4619430379838464\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026pkw=0\u0026pload=1442\u0026rlp=%5B0%2C21%2C68%2C43%2C5792%2C6195%2C2467%2C6080%2C0%5D\u0026srw=1280\u0026srh=1024\u0026im=1\u0026noch=1\u0026cs=5\u0026bp=3\u0026uf=0\u0026freq=0 HTTP/1.1\r\nHost: guidepaparazzisurface.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/\r\nCookie: cart=1; cart_p=2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 10:43:38 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-route-id: config\r\nset-cookie: CHCK=1; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\nPTS=; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\nUID=2601030543d4966155b0e34f838fce1146cf; Path=/; Expires=Sat, 06 Feb 2027 10:43:38 GMT; Secure; SameSite=None\r\ncontent-encoding: gzip\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6143,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (6143), with no line terminators","md5":"e561955ceeb97021c6ee41909cc5f36d","sha1":"2648c32a3f331dc9d0f7d4a061eae998d23d2ca2","sha256":"892f848b50ca7613ada4dea618ef42588c857eb7f9c6044cafa5615ca474cfc5","sha512":"acff5886963a77987ae18ebae14d11974e33caf5e28879675e6ef58ebd49a5899b8cd8181ed34f2213bb4cb7dc2921905aa84011a344b3b7c07dfde523e13f0f","ssdeep":"96:ECunz0cxjMUV2a7Z9Z0cxjMUV2a7Z9N0cxjMUV2a7Z970cxjMUV2a7Z9nKivUoxx:tw0QMUtF0QMUtJ0QMUtX0QMUtRUDo","tlshash":"6ac109ca1789d54bc8fffaaf66b95c78d588f884190e88944a4d7b076699e3304e3284","first_seen":"2026-01-03T10:44:24.856252Z","last_seen":"2026-01-03T10:44:24.856252Z","times_seen":1,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LdA2QEsAAAAAId6Kd8IJcsUKYIoPp2P7frTZ0Sd\u0026co=aHR0cHM6Ly9wYWhpbmRvdC52aXA6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=sbvp19oauwdi","date":"2026-01-03T10:43:40.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.google.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 31 Dec 2025 21:35:41 GMT\r\nexpires: Thu, 31 Dec 2026 21:35:41 GMT\r\ncache-control: public, max-age=31536000\r\nage: 220079\r\nlast-modified: Thu, 29 May 2025 23:30:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-30T15:35:35.081995Z","times_seen":775447,"resource_available":false,"data":null}},"time_used":453,"timings":{"blocked":213,"dns":9,"connect":8,"send":0,"wait":10,"receive":9,"ssl":199},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"go.mavrtracktor.com/easy?campaignId=25bdc61ed3917811c8f3f36a1e6e0fb40a4bf9db56e01082448f446fc27cc57b\u0026userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d\u0026memberId=0647797fc59b417e2c851b\u0026sourceId=103520\u0026p1=60690\u0026p2=113256\u0026p3=101783","fqdn":"go.mavrtracktor.com","domain":"mavrtracktor.com","tld":"com"},"ip":{"addr":"104.18.40.50","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ruxella.com/out3.php","date":"2026-01-03T10:43:40.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"go.mavrtracktor.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 06 Nov 2025 15:46:12 GMT","end":"Wed, 04 Feb 2026 16:46:03 GMT"},"fingerprint":{"sha1":"A9:E9:50:C2:81:A5:81:35:46:84:88:91:EA:85:55:92:94:5C:1D:91","sha256":"F1:BD:06:BC:57:FF:A3:9A:23:D2:F3:AA:09:44:BC:DA:D5:40:E2:45:5F:12:F8:8C:EE:DF:04:DE:E0:21:28:9B"}}},"request":{"raw":"GET /easy?campaignId=25bdc61ed3917811c8f3f36a1e6e0fb40a4bf9db56e01082448f446fc27cc57b\u0026userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d\u0026memberId=0647797fc59b417e2c851b\u0026sourceId=103520\u0026p1=60690\u0026p2=113256\u0026p3=101783 HTTP/1.1\r\nHost: go.mavrtracktor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ruxella.com/\r\nOrigin: https://ruxella.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sat, 03 Jan 2026 10:43:40 GMT\r\ncontent-length: 0\r\nlocation: https://go.forscprts.com/api/models/vast/?campaignId=25bdc61ed3917811c8f3f36a1e6e0fb40a4bf9db56e01082448f446fc27cc57b\u0026campaignType=smartpop\u0026creativeId=2056950966946db9155d057d128c7bd863011cab629e73419e4ecbe52e177a54\u0026duration=00%3A00%3A30\u0026iterationId=1211211\u0026masterSmartpopId=2683\u0026memberId=0647797fc59b417e2c851b\u0026p1=60690\u0026p2=113256\u0026p3=101783\u0026ruleId=29\u0026skipOffset=00%3A00%3A05\u0026smartpopId=14005\u0026sourceId=103520\u0026tag=girls\u0026trafficType=preroll\u0026usePreroll=true\u0026userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d\u0026variationId=35211\u0026videoType=ol\r\ncf-ray: 9b81e5839a3375ab-OSL\r\naccess-control-allow-origin: https://ruxella.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2297,"size_decoded":0,"mime_type":"text/xml; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":30,"dns":6,"connect":1,"send":0,"wait":44,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pahindot.vip/wp-content/uploads/2025/11/Isipin-Mo-Nalang-Ikaw-Binato-ng-Panty-Nya-Ano-ang-Gagawin-Mo-300x169.jpg","fqdn":"pahindot.vip","domain":"pahindot.vip","tld":"vip"},"ip":{"addr":"104.21.22.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/","date":"2026-01-03T10:43:37.452Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pahindot.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 25 Nov 2025 13:42:18 GMT","end":"Mon, 23 Feb 2026 14:39:38 GMT"},"fingerprint":{"sha1":"68:A2:13:C1:80:59:FC:AE:EE:28:91:81:61:C3:B6:39:CE:35:96:E2","sha256":"2C:8B:9A:B1:15:F3:10:8B:04:96:B8:0F:8D:26:01:04:35:ED:53:94:40:17:82:F5:32:69:C8:6C:2D:A3:6D:85"}}},"request":{"raw":"GET /wp-content/uploads/2025/11/Isipin-Mo-Nalang-Ikaw-Binato-ng-Panty-Nya-Ano-ang-Gagawin-Mo-300x169.jpg HTTP/1.1\r\nHost: pahindot.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pahindot.vip/watch/lawayan-mo-bro-para-dumulas-ang-kiffy/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 07 Jan 2026 12:02:22 GMT\r\netag: \"1906-690a7a87-1200c9a;;;\"\r\nlast-modified: Tue, 04 Nov 2025 22:13:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 6406\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 10:43:37 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5kVSlvU0%2F9gTuq%2BLJLVEb0hnShs4lIZ2IYuuT8FHttQt9aDZ%2FG4LAJMKCPmvl12zvR06XA4BHa9yLnZaC1JdLs9boec5ExkhA5g%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9b81e56ec8c65697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6406,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 144x144, segment length 16, comment: \"Lavc59.37.100\", baseline, precision 8, 300x169, components 3","md5":"3998ccb8c086c5c7e01a5528145e35b6","sha1":"24e8e87c583457aea8b7ed9abb3eb51116c23b52","sha256":"597aa00ebf1a73ee11526a0d1528d03d38a95629b1431d288984fba8b28f1458","sha512":"7f4699a2ebfe74e816c70bdcb5c700273904d3a8d31684a3d56619a82df2499cc712038244d781d926dfc5d912422eca75542940d419911522c9b1b3441e4182","ssdeep":"192:nMgeToaB9ngVaYbt76y9pgy7n2A6vKwZOpP:BeTr7nlYb16y121CwZgP","tlshash":"6cd17d3ba7e04fd9cd695eb02cd9d05fec16131c50786248ef70c985396a1e23e98a29","first_seen":"2026-01-03T10:44:24.858708Z","last_seen":"2026-01-03T10:44:24.858708Z","times_seen":1,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}