{"report_id":"a8149332-83fd-4548-be64-e7b6b51ad368","version":6,"status":"done","tags":[],"date":"2025-10-26T01:48:08Z","url":{"schema":"http","addr":"nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","fqdn":"nervital.site","domain":"nervital.site","tld":"site"},"ip":{"addr":"145.223.104.78","port":0,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","fqdn":"nervital.site","domain":"nervital.site","tld":"site"},"title":"NerVital - Restore Your Mental Clarity \u0026 Memory"},"submit":{"url":{"schema":"http","addr":"nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","fqdn":"nervital.site","domain":"nervital.site","tld":"site"},"ip":{"addr":"145.223.104.78","port":0,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-30T01:48:08Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"nervital.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"orders.cartpanda.com","ip":{"addr":"104.18.3.81","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-03-15","domain_rank":0,"first_seen":"2025-06-24T13:11:15.713372Z","last_seen":"2025-10-21T00:11:16.934959Z","alert_count":0,"request_count":2,"received_data":2012,"sent_data":1032,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"go.maxweb.com","ip":{"addr":"172.66.43.113","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"1995-07-17","domain_rank":2989219,"first_seen":"2018-04-27T11:31:31Z","last_seen":"2025-10-20T01:07:55.579128Z","alert_count":0,"request_count":1,"received_data":796,"sent_data":578,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-10-19T22:12:35.4735Z","alert_count":0,"request_count":1,"received_data":13321,"sent_data":476,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"nervital.site","ip":{"addr":"145.223.104.78","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"domain_registered":"2025-10-04","domain_rank":0,"first_seen":"2025-10-26T01:48:02.931948Z","last_seen":"2025-10-26T01:48:02.931948Z","alert_count":12,"request_count":12,"received_data":763401,"sent_data":6309,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"Bootstrap:3.3.7","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-10-19T22:12:30.612025Z","alert_count":0,"request_count":5,"received_data":246835,"sent_data":2765,"comment":"","tags":null,"fingerprints":null},{"fqdn":"assets.mycartpanda.com","ip":{"addr":"104.19.189.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-09-27","domain_rank":4945136,"first_seen":"2022-07-14T11:05:13Z","last_seen":"2025-10-23T12:48:52.768138Z","alert_count":0,"request_count":4,"received_data":101051,"sent_data":2351,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","fqdn":"nervital.site","domain":"nervital.site","tld":"site"},"ip":{"addr":"145.223.104.78","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"2f84515e08870d7d93ac45020b141f3d","sha1":"465c788f16afdebbbcd7fde0f79f1e723158450a","sha256":"4b4a007282805e89cf06d73785ba0fd11563cd4cc5ae4fce4706169e400b40cf","sha512":"f4a165c3b53903b9bdc02704ce153f3a1a557de4b74103476626445040767752cc89a466736f3a2b0ca4fdffb608f3577dd69c73fd13e8d910e2af7c3f50111b","ssdeep":"","tlshash":"f3e022608b0dcd3d01bbd4a8560eff94266d40035441844329188d0cc9dabc6d1399c9","size":375,"data":"","first_seen":"2025-10-21T00:11:23.48811Z","last_seen":"2025-11-06T20:57:31.131988Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nervital.site/1/assets/js/main.js","fqdn":"nervital.site","domain":"nervital.site","tld":"site"},"ip":{"addr":"145.223.104.78","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ece338ceda6dfa93e4e7b0147187490e","sha1":"767f54324f9c7356414f024ae5d96764804a9325","sha256":"da4038b5f516d53e05f014bdd21c7b761e1a23cc9090f51556665d29dbe5f2d0","sha512":"e80bb62adda87cf761731b55eca1d85883bfe33a5b104954e31bdadf71fcf54e542e409981afbe1be0edd062351bcc11225fc9a0ba78e98e9bc15e3c8c9723d4","ssdeep":"192:TJjir6S9XMKPxVk+ZupGtZqiCiN/gjFdo5EaTt6PK2GEy2mPmJ+0Q2:TJjirLpVk+opGtZqiCiyjfhqdREyg809","tlshash":"9df195a1f72c203d06eb212b9e3dd7c4283c10b77d9258eb781ca8582558f1fe6ead54","size":7626,"data":"","first_seen":"2025-10-26T01:48:08.972079Z","last_seen":"2025-10-26T01:48:10.140296Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.mycartpanda.com/cartx-ecomm-ui-assets/js/loader.js","fqdn":"assets.mycartpanda.com","domain":"mycartpanda.com","tld":"com"},"ip":{"addr":"104.19.189.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6992b8e77e555342576b6cebf6c8451d","sha1":"dc150d8fb87c6ef25c302574ecc194eee7f33d23","sha256":"ae49a334c874320092a396b9163719bd2abfe82efe7f35b3cb9e44a70108accf","sha512":"96860065b142131a4727458a69362ec86789ed0effb00ebc4e262882d4a91cb6e74ceca4b4deabf51efac10521b910fb6a6ccda28aa5198ae9cf9d2c60f134b8","ssdeep":"","tlshash":"2351f01ebaf276659357f06c863f8814b230480b049cec007f4cb2b57f1653853b9aba","size":3142,"data":"","first_seen":"2025-06-24T13:11:21.224348Z","last_seen":"2026-06-17T08:22:18.93823Z","times_seen":549,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.mycartpanda.com/cartx-ecomm-ui-assets/js/cartpanda-cpc.js","fqdn":"assets.mycartpanda.com","domain":"mycartpanda.com","tld":"com"},"ip":{"addr":"104.19.189.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b0db21951d38cefe9b98dad4cd1e6ad0","sha1":"b0152862311d49aa0edebbf909e43f02085d3947","sha256":"23ed34c8ed4688b4a54256c2215645f117368209d36af8784c4c5fdd29ca7f33","sha512":"86e582c5a56e70dc0a9bde8d2058198f521cf053ac680f6c0b592568b3fafeeed39537872469580f764daf5f21e546868392f68c5a399ddf8db30169f9fa4b55","ssdeep":"768:PC/AQoTt1M06yi8+ckXZUXkIoHXL0Ja+aVV5uonwi6GBDgo0mMOK1EhdU5ZeTA4H:a/AQoTt1R62RXk3LP3wi1BDgo0mMOK1Y","tlshash":"1c13d81b7f8229349323bfa64bffa805b238f2573957dd007c4c95210f2462465daeae","size":42710,"data":"","first_seen":"2025-06-24T13:11:21.214759Z","last_seen":"2026-06-17T08:22:18.961306Z","times_seen":549,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.mycartpanda.com/cartx-ecomm-ui-assets/js/cartpanda-cpb.js","fqdn":"assets.mycartpanda.com","domain":"mycartpanda.com","tld":"com"},"ip":{"addr":"104.19.189.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7ed92ac3cdfb7e5d11bc7fee0f7991c1","sha1":"1dc361c57aa39c8ba20a7102762a97f098dd67cb","sha256":"d16c4e33c38edd7922a4eb01ab65edc24cd482086cef773d775652e20838be50","sha512":"6e7abd88c94adf5b4256fce4c93559e908e9f115f95e49de96695ca5c962af187e046b3d0419435ca7d0a047699b7799c1a624e651dbb21aca22c60631b0f24b","ssdeep":"768:KiaLp1w2ETdmDaIPQWVRxoqbt7jf3HXL0Ja3EVVaQLufygjkMqUEyhrK7ibfCg3C:KN11w2ETYBPQoxvnLPjZjnqDimg3C","tlshash":"f723d82766c23870a733b9a597ef2c0d3238f29379439e04bd0c55245f169b8a596bec","size":46573,"data":"","first_seen":"2025-06-24T13:11:21.203075Z","last_seen":"2026-06-17T08:22:18.927275Z","times_seen":549,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.mycartpanda.com/cartx-ecomm-ui-assets/js/cpsales.js","fqdn":"assets.mycartpanda.com","domain":"mycartpanda.com","tld":"com"},"ip":{"addr":"104.19.189.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3cf114b3dc5c263397bdc7c4de5778f1","sha1":"b25836b41aa1592a85be6c407d10e2f40e8bd446","sha256":"5f83472da412ec7e798ce57ff4d0a2eef728c8e6633d7d5bd08e3d3a58ed29ac","sha512":"c4f0d3675d20eb1e2d83741bef94dc122d362a3abd646b042fb30b6866c2cf5c78ad34b91a70ce368bb61f21cdbe5c49e8bdc9675d859b8edc44a612f592f14b","ssdeep":"48:5A3r00Zish1XYrJ4RN6BvjyhXvdumnMfA3GjVAp3vVA1KnmEFIFIEUR3IVA1q6wa:i3Ks/dvzrMfBATFrK6eIwsnusVi6","tlshash":"22a1966b98f3552549b791ffa9db1a0ca223700b3c54e859be2c43842f497bf913368d","size":5080,"data":"","first_seen":"2025-10-21T00:11:23.464651Z","last_seen":"2026-06-17T08:22:18.923222Z","times_seen":542,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","fqdn":"nervital.site","domain":"nervital.site","tld":"site"},"ip":{"addr":"145.223.104.78","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"introduction_type":"eventHandler","is_inline":false,"md5":"7c3c3ddeb80438dcbb3d081d2d00e152","sha1":"5a4016732ee72ec77b4f6ab17047bcea6d2ea34d","sha256":"321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187","sha512":"b252f7dc795284fe8ce404711809130d8e16670a8e49b271f9a24b04a542a0fccb7a8c7238c12b37db35fe73a2fbf1cdb374468574db4e6d39975a17dca547a3","ssdeep":"","tlshash":"de6000f0003000000003c30000330cf300000c0f00ccc30cfc0000c000c00000000c03","size":16,"data":"","first_seen":"2023-04-10T15:57:29Z","last_seen":"2026-06-21T02:31:44.772347Z","times_seen":311438,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"nervital.site/1/assets/js/main.js","fqdn":"nervital.site","domain":"nervital.site","tld":"site"},"ip":{"addr":"145.223.104.78","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:45.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nervital.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Oct 2025 21:09:23 GMT","end":"Fri, 02 Jan 2026 21:09:22 GMT"},"fingerprint":{"sha1":"87:60:CB:34:5F:B4:F4:31:98:24:CF:5F:3E:37:55:47:54:EC:4C:64","sha256":"63:4F:75:F2:C8:DF:12:E5:17:9C:C4:CC:E2:05:5C:9B:15:29:9D:1E:2B:2E:9F:1B:23:46:98:22:9F:2F:5E:2C"}}},"request":{"raw":"GET /1/assets/js/main.js HTTP/1.1\r\nHost: nervital.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 02 Nov 2025 01:47:45 GMT\r\ncontent-type: application/x-javascript\r\nlast-modified: Wed, 22 Oct 2025 12:57:00 GMT\r\netag: \"1dca-68f8d49c-79edcdf18e807de0;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2346\r\ndate: Sun, 26 Oct 2025 01:47:45 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":7626,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text","md5":"ece338ceda6dfa93e4e7b0147187490e","sha1":"767f54324f9c7356414f024ae5d96764804a9325","sha256":"da4038b5f516d53e05f014bdd21c7b761e1a23cc9090f51556665d29dbe5f2d0","sha512":"e80bb62adda87cf761731b55eca1d85883bfe33a5b104954e31bdadf71fcf54e542e409981afbe1be0edd062351bcc11225fc9a0ba78e98e9bc15e3c8c9723d4","ssdeep":"192:TJjir6S9XMKPxVk+ZupGtZqiCiN/gjFdo5EaTt6PK2GEy2mPmJ+0Q2:TJjirLpVk+opGtZqiCiyjfhqdREyg809","tlshash":"9df195a1f72c203d06eb212b9e3dd7c4283c10b77d9258eb781ca8582558f1fe6ead54","first_seen":"2025-10-26T01:48:08.972079Z","last_seen":"2025-10-26T01:48:10.140296Z","times_seen":2,"resource_available":true,"data":null}},"time_used":763,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":762,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"nervital.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:45.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 14:34:01 GMT","end":"Wed, 24 Dec 2025 14:34:00 GMT"},"fingerprint":{"sha1":"69:C0:F6:2B:DD:5C:EF:2D:13:DF:E4:02:A5:5A:AE:D0:E8:1D:F6:8A","sha256":"04:A4:17:F9:A5:5F:92:F9:2B:AE:63:97:B2:97:F5:38:94:37:06:AB:1B:75:6E:41:16:74:D5:07:D2:08:E3:6C"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://nervital.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 21 Oct 2025 23:36:12 GMT\r\nexpires: Wed, 21 Oct 2026 23:36:12 GMT\r\ncache-control: public, max-age=31536000\r\nage: 353493\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-21T02:32:18.641586Z","times_seen":215161,"resource_available":false,"data":null}},"time_used":268,"timings":{"blocked":124,"dns":1,"connect":7,"send":0,"wait":13,"receive":3,"ssl":115},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:45.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 14:34:01 GMT","end":"Wed, 24 Dec 2025 14:34:00 GMT"},"fingerprint":{"sha1":"69:C0:F6:2B:DD:5C:EF:2D:13:DF:E4:02:A5:5A:AE:D0:E8:1D:F6:8A","sha256":"04:A4:17:F9:A5:5F:92:F9:2B:AE:63:97:B2:97:F5:38:94:37:06:AB:1B:75:6E:41:16:74:D5:07:D2:08:E3:6C"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://nervital.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 21 Oct 2025 23:36:12 GMT\r\nexpires: Wed, 21 Oct 2026 23:36:12 GMT\r\ncache-control: public, max-age=31536000\r\nage: 353493\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-21T02:32:18.641586Z","times_seen":215161,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":102,"dns":1,"connect":7,"send":0,"wait":8,"receive":10,"ssl":89},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.mycartpanda.com/cartx-ecomm-ui-assets/js/cartpanda-cpc.js","fqdn":"assets.mycartpanda.com","domain":"mycartpanda.com","tld":"com"},"ip":{"addr":"104.19.189.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:45.952Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycartpanda.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 13:43:03 GMT","end":"Tue, 23 Dec 2025 14:43:01 GMT"},"fingerprint":{"sha1":"52:F7:85:1D:22:05:0C:7B:32:67:11:41:79:EE:1F:7B:78:0A:D9:20","sha256":"33:8D:19:F2:D8:A0:47:40:1A:EE:74:67:28:28:A0:54:08:85:8C:32:ED:EF:D2:7A:2A:42:A6:49:47:C3:DF:65"}}},"request":{"raw":"GET /cartx-ecomm-ui-assets/js/cartpanda-cpc.js HTTP/1.1\r\nHost: assets.mycartpanda.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nervital.site/\r\nCookie: __cf_bm=IG5P.0w1vUDnsgCXVH8eN8uM2C4qTQp8yX07LButMFQ-1761443265-1.0.1.1-.8k9xVmgwxYRmzghaubyHE7dei.KYAilBOUt0J_vZTVjnzw9vm3olxkV8EojG0C6BDu6kDT6dN5xbBb3.sM8E2d6Uj.5ukx5wr9mcRJuNMw\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 26 Oct 2025 01:47:46 GMT\r\ncontent-type: application/javascript\r\ncontent-encoding: br\r\nlast-modified: Sat, 25 Oct 2025 04:46:01 GMT\r\nx-amz-version-id: 4Cea528TkvmfuReoQL2BFNnAZec_3H0c\r\netag: W/\"b0db21951d38cefe9b98dad4cd1e6ad0\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 193fe983778f7496cce206a132f2e55a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: u4ajPf1K-3IcAXk9Y5VG8xppv1TruqwClK3WrIf9adk-KfPDvEdCxw==\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nip_user_city: Oslo\r\nip_user_continent: EU\r\nip_user_country: NO\r\nip_user_lat: 59.91273\r\nip_user_lon: 10.74609\r\nip_user_postal_code: 0001\r\nip_user_region: Oslo\r\nip_user_region_code: 03\r\nip_user_timezone: Europe/Oslo\r\nserver: cloudflare\r\ncf-ray: 9946499c3c8956b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":42710,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12112)","md5":"b0db21951d38cefe9b98dad4cd1e6ad0","sha1":"b0152862311d49aa0edebbf909e43f02085d3947","sha256":"23ed34c8ed4688b4a54256c2215645f117368209d36af8784c4c5fdd29ca7f33","sha512":"86e582c5a56e70dc0a9bde8d2058198f521cf053ac680f6c0b592568b3fafeeed39537872469580f764daf5f21e546868392f68c5a399ddf8db30169f9fa4b55","ssdeep":"768:PC/AQoTt1M06yi8+ckXZUXkIoHXL0Ja+aVV5uonwi6GBDgo0mMOK1EhdU5ZeTA4H:a/AQoTt1R62RXk3LP3wi1BDgo0mMOK1Y","tlshash":"1c13d81b7f8229349323bfa64bffa805b238f2573957dd007c4c95210f2462465daeae","first_seen":"2025-06-24T13:11:21.214759Z","last_seen":"2026-06-17T08:22:18.961306Z","times_seen":549,"resource_available":true,"data":null}},"time_used":474,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":255,"receive":218,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"orders.cartpanda.com/api/get-country-details","fqdn":"orders.cartpanda.com","domain":"cartpanda.com","tld":"com"},"ip":{"addr":"104.18.3.81","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:46.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cartpanda.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Sep 2025 09:12:49 GMT","end":"Mon, 22 Dec 2025 10:12:36 GMT"},"fingerprint":{"sha1":"C5:CA:2F:3C:3A:7F:F9:4B:51:E9:3E:0F:53:5F:27:88:31:C4:A5:67","sha256":"EA:C0:AE:2B:CC:50:15:24:FD:E1:95:AD:FA:A7:56:37:0B:DC:6A:FD:6A:5F:95:96:4E:03:2E:2A:AA:CF:2E:B0"}}},"request":{"raw":"GET /api/get-country-details HTTP/1.1\r\nHost: orders.cartpanda.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://nervital.site/\r\nContent-Type: application/json\r\nOrigin: https://nervital.site\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 26 Oct 2025 01:47:46 GMT\r\ncontent-type: application/json\r\ncf-ray: 9946499d6c743181-OSL\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: 1\r\naccess-control-allow-methods: HEAD, GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: \r\nx-ratelimit-limit: 60\r\nx-ratelimit-remaining: 58\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=WMxv_KtAeJ8wpE9e83v9hiHW49.gtWNYjGyD_lfhHUw-1761443266-1.0.1.1-jZLfxvhSvCa8WIb0cMw2407Cri7xjQOe.KVPhoLicfjAkDvRF.Eu.4XUbLFpr_8ENBCOBeDYfRss1jZ2EQkoVUoEh2VaYrmSz2R1ANS1ym0; path=/; expires=Sun, 26-Oct-25 02:17:46 GMT; domain=.cartpanda.com; HttpOnly; Secure; SameSite=None\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nip_user_city: Oslo\r\nip_user_continent: EU\r\nip_user_country: NO\r\nip_user_lat: 59.91273\r\nip_user_lon: 10.74609\r\nip_user_postal_code: 0001\r\nip_user_region: Oslo\r\nip_user_region_code: 03\r\nip_user_timezone: Europe/Oslo\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"6feb014d9e344681a7efc565056eb3ae","sha1":"c29e7d9cd0459868a062564233705706a62db2b0","sha256":"0c7d6381a6da635a82b73dab030569f9793657c57c8cfdcde175a73f6b713f06","sha512":"9bac14ba3c366b51a2bc6dcc08fa88e86ef24005e5efc6a413b9827c1d3ead6eebcb816a72a884a5f7cac422e9f7021d6e618ead8f427c1a45bd51e4d98a0eb0","ssdeep":"","tlshash":"ef80044440134510cc7047043051d5101f7d47310d07534051cc311470101c14005003","first_seen":"2025-10-21T00:11:23.46219Z","last_seen":"2026-06-17T08:22:18.96076Z","times_seen":536,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":138,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","fqdn":"nervital.site","domain":"nervital.site","tld":"site"},"ip":{"addr":"145.223.104.78","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-26T01:47:44.452Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nervital.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Oct 2025 21:09:23 GMT","end":"Fri, 02 Jan 2026 21:09:22 GMT"},"fingerprint":{"sha1":"87:60:CB:34:5F:B4:F4:31:98:24:CF:5F:3E:37:55:47:54:EC:4C:64","sha256":"63:4F:75:F2:C8:DF:12:E5:17:9C:C4:CC:E2:05:5C:9B:15:29:9D:1E:2B:2E:9F:1B:23:46:98:22:9F:2F:5E:2C"}}},"request":{"raw":"GET /1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123 HTTP/1.1\r\nHost: nervital.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Wed, 22 Oct 2025 23:34:15 GMT\r\netag: \"66d1-68f969f7-ad4f391eb9eeb880;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 5513\r\ndate: Sun, 26 Oct 2025 01:47:44 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":26321,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (626)","md5":"c5cea888c23e0034849bb48d837646a0","sha1":"12196409a855faebe4db7726558cdb1db94b713f","sha256":"a9a7f6cb9cf3f0fe754242e8c39050a9876a43fc4daac7233ba1dc00dde58cce","sha512":"8de25a8973782972674e27021481e437bf4f66b8dd6281b2a8fec7d56f4791c11e90a54f9b9ea1e12a3cbc2bed888cb7ed06388f92e34ca5f7cd27af700c5f75","ssdeep":"384:ugWs4nzw/Ug3wGtOiYwD7WXJHtOszwdD2jHtOWxkrsds1Mcx2u6PM6h3jw6Tg6eq:XWs4Sb+ZK+63ofp","tlshash":"35c2416191cd6d7b010342d7b1a17b8a32ef9e30eb2781a1f2bf526853d6c90792752e","first_seen":"2025-10-26T01:48:08.960207Z","last_seen":"2025-10-26T01:48:10.142653Z","times_seen":2,"resource_available":false,"data":null}},"time_used":766,"timings":{"blocked":308,"dns":1,"connect":148,"send":0,"wait":148,"receive":1,"ssl":157},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"nervital.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"assets.mycartpanda.com/cartx-ecomm-ui-assets/js/cpsales.js","fqdn":"assets.mycartpanda.com","domain":"mycartpanda.com","tld":"com"},"ip":{"addr":"104.19.189.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:45.106Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycartpanda.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 13:43:03 GMT","end":"Tue, 23 Dec 2025 14:43:01 GMT"},"fingerprint":{"sha1":"52:F7:85:1D:22:05:0C:7B:32:67:11:41:79:EE:1F:7B:78:0A:D9:20","sha256":"33:8D:19:F2:D8:A0:47:40:1A:EE:74:67:28:28:A0:54:08:85:8C:32:ED:EF:D2:7A:2A:42:A6:49:47:C3:DF:65"}}},"request":{"raw":"GET /cartx-ecomm-ui-assets/js/cpsales.js HTTP/1.1\r\nHost: assets.mycartpanda.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nervital.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 26 Oct 2025 01:47:45 GMT\r\ncontent-type: application/javascript\r\ncontent-encoding: br\r\nlast-modified: Sat, 25 Oct 2025 04:46:01 GMT\r\nx-amz-version-id: yiiaws3HXYm1aYgcf41fYSl7huZ9lwxb\r\netag: W/\"3cf114b3dc5c263397bdc7c4de5778f1\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: owArFKH5h4Xvm8Let2rv2ii4e1CGRPJ9Mi92az1oE1AHi8QCpmixAw==\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=IG5P.0w1vUDnsgCXVH8eN8uM2C4qTQp8yX07LButMFQ-1761443265-1.0.1.1-.8k9xVmgwxYRmzghaubyHE7dei.KYAilBOUt0J_vZTVjnzw9vm3olxkV8EojG0C6BDu6kDT6dN5xbBb3.sM8E2d6Uj.5ukx5wr9mcRJuNMw; path=/; expires=Sun, 26-Oct-25 02:17:45 GMT; domain=.mycartpanda.com; HttpOnly; Secure; SameSite=None\r\nip_user_city: Oslo\r\nip_user_continent: EU\r\nip_user_country: NO\r\nip_user_lat: 59.91273\r\nip_user_lon: 10.74609\r\nip_user_postal_code: 0001\r\nip_user_region: Oslo\r\nip_user_region_code: 03\r\nip_user_timezone: Europe/Oslo\r\nserver: cloudflare\r\ncf-ray: 99464996f88d35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":5080,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (941)","md5":"3cf114b3dc5c263397bdc7c4de5778f1","sha1":"b25836b41aa1592a85be6c407d10e2f40e8bd446","sha256":"5f83472da412ec7e798ce57ff4d0a2eef728c8e6633d7d5bd08e3d3a58ed29ac","sha512":"c4f0d3675d20eb1e2d83741bef94dc122d362a3abd646b042fb30b6866c2cf5c78ad34b91a70ce368bb61f21cdbe5c49e8bdc9675d859b8edc44a612f592f14b","ssdeep":"48:5A3r00Zish1XYrJ4RN6BvjyhXvdumnMfA3GjVAp3vVA1KnmEFIFIEUR3IVA1q6wa:i3Ks/dvzrMfBATFrK6eIwsnusVi6","tlshash":"22a1966b98f3552549b791ffa9db1a0ca223700b3c54e859be2c43842f497bf913368d","first_seen":"2025-10-21T00:11:23.464651Z","last_seen":"2026-06-17T08:22:18.923222Z","times_seen":542,"resource_available":true,"data":null}},"time_used":438,"timings":{"blocked":9,"dns":1,"connect":1,"send":0,"wait":405,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nervital.site/1/assets/images/2-bottles.png","fqdn":"nervital.site","domain":"nervital.site","tld":"site"},"ip":{"addr":"145.223.104.78","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:45.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nervital.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Oct 2025 21:09:23 GMT","end":"Fri, 02 Jan 2026 21:09:22 GMT"},"fingerprint":{"sha1":"87:60:CB:34:5F:B4:F4:31:98:24:CF:5F:3E:37:55:47:54:EC:4C:64","sha256":"63:4F:75:F2:C8:DF:12:E5:17:9C:C4:CC:E2:05:5C:9B:15:29:9D:1E:2B:2E:9F:1B:23:46:98:22:9F:2F:5E:2C"}}},"request":{"raw":"GET /1/assets/images/2-bottles.png HTTP/1.1\r\nHost: nervital.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 02 Nov 2025 01:47:45 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 22 Oct 2025 12:55:58 GMT\r\netag: \"128fe-68f8d45e-2ee853e9c6a52638;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 76030\r\ndate: Sun, 26 Oct 2025 01:47:45 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":76030,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 800 x 608, 8-bit colormap, non-interlaced","md5":"caa8f3361b41f3663512b45dd2c171bf","sha1":"4a0c785f5e2ca28c9da429bcdc853a8327392fa1","sha256":"f9b7b62708e925de3471726f6f4f742d7fdbfcc91a94d7ade0d3ded1b90a4c00","sha512":"1b239a014d3a1246d1ae9c8dc5aa325ccf00cc6045ddb61c7526194166a101711c4905695d7938812bf37f3d594930a0988d4b0a36c2d16a48bb94f3b2255b54","ssdeep":"1536:fpw0r5pZSNVq32/Zx2Rq2WBKi0ua/v3N5WsLzE413dx8wqHnFftbw6vcHAnU0:CGpZSL62B0Rq5T72N5WY2wqhtM6y0","tlshash":"cd73028fe580515b24043adce89151befabb123cc42bff446be9d41d6823de63ad4927","first_seen":"2025-10-26T01:48:08.9661Z","last_seen":"2025-10-26T01:48:10.143764Z","times_seen":2,"resource_available":false,"data":null}},"time_used":338,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":190,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"nervital.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nervital.site/1/assets/images/payment-icons.png","fqdn":"nervital.site","domain":"nervital.site","tld":"site"},"ip":{"addr":"145.223.104.78","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:45.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nervital.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Oct 2025 21:09:23 GMT","end":"Fri, 02 Jan 2026 21:09:22 GMT"},"fingerprint":{"sha1":"87:60:CB:34:5F:B4:F4:31:98:24:CF:5F:3E:37:55:47:54:EC:4C:64","sha256":"63:4F:75:F2:C8:DF:12:E5:17:9C:C4:CC:E2:05:5C:9B:15:29:9D:1E:2B:2E:9F:1B:23:46:98:22:9F:2F:5E:2C"}}},"request":{"raw":"GET /1/assets/images/payment-icons.png HTTP/1.1\r\nHost: nervital.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 02 Nov 2025 01:47:45 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 22 Oct 2025 12:55:58 GMT\r\netag: \"9541-68f8d45e-af1f1596691d588d;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 38209\r\ndate: Sun, 26 Oct 2025 01:47:45 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":38209,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 200, 8-bit colormap, non-interlaced","md5":"f263d1f31a05283ed06ba95b241ea521","sha1":"d4ba6587b07fa449b9a96c692827a3b7367cd133","sha256":"d8feab4b43995678c9b3e887c59b7f1da6c9bea706371a9d255f762f979eae8c","sha512":"352539ff96a2499a957a026a681b6c2f52068fff68798645e4152960d9ac7d53ea505002bb0e50eb90ce5866d0d21f571555babd67315f5fb02b655c6f5f5f7e","ssdeep":"768:iutlTiGlOOc2U8qLEEQEbmssUkCiWMnfEk37DlsbdCqC13BU68qiKzZbFhSOgQ4T:LXGTp8Et5bhsUVRs3KaJRVzZbzzy","tlshash":"6303f28bfaeed906bb3166931710f38417aad551e8c22336af70dc0d2ca7916d9c24dd","first_seen":"2025-10-21T00:11:23.447804Z","last_seen":"2025-11-06T20:57:31.104872Z","times_seen":25,"resource_available":false,"data":null}},"time_used":638,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":620,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"nervital.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123assets/images/money-back-guarantee.svg","fqdn":"nervital.site","domain":"nervital.site","tld":"site"},"ip":{"addr":"145.223.104.78","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:45.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nervital.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Oct 2025 21:09:23 GMT","end":"Fri, 02 Jan 2026 21:09:22 GMT"},"fingerprint":{"sha1":"87:60:CB:34:5F:B4:F4:31:98:24:CF:5F:3E:37:55:47:54:EC:4C:64","sha256":"63:4F:75:F2:C8:DF:12:E5:17:9C:C4:CC:E2:05:5C:9B:15:29:9D:1E:2B:2E:9F:1B:23:46:98:22:9F:2F:5E:2C"}}},"request":{"raw":"GET /1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123assets/images/money-back-guarantee.svg HTTP/1.1\r\nHost: nervital.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html\r\nlast-modified: Wed, 22 Oct 2025 23:34:15 GMT\r\netag: \"66d1-68f969f7-ad4f391eb9eeb880;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 5513\r\ndate: Sun, 26 Oct 2025 01:47:46 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":26321,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (626)","md5":"c5cea888c23e0034849bb48d837646a0","sha1":"12196409a855faebe4db7726558cdb1db94b713f","sha256":"a9a7f6cb9cf3f0fe754242e8c39050a9876a43fc4daac7233ba1dc00dde58cce","sha512":"8de25a8973782972674e27021481e437bf4f66b8dd6281b2a8fec7d56f4791c11e90a54f9b9ea1e12a3cbc2bed888cb7ed06388f92e34ca5f7cd27af700c5f75","ssdeep":"384:ugWs4nzw/Ug3wGtOiYwD7WXJHtOszwdD2jHtOWxkrsds1Mcx2u6PM6h3jw6Tg6eq:XWs4Sb+ZK+63ofp","tlshash":"35c2416191cd6d7b010342d7b1a17b8a32ef9e30eb2781a1f2bf526853d6c90792752e","first_seen":"2025-10-26T01:48:08.960207Z","last_seen":"2025-10-26T01:48:10.142653Z","times_seen":2,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"nervital.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"orders.cartpanda.com/api/get-country-details","fqdn":"orders.cartpanda.com","domain":"cartpanda.com","tld":"com"},"ip":{"addr":"104.18.3.81","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:45.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cartpanda.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Sep 2025 09:12:49 GMT","end":"Mon, 22 Dec 2025 10:12:36 GMT"},"fingerprint":{"sha1":"C5:CA:2F:3C:3A:7F:F9:4B:51:E9:3E:0F:53:5F:27:88:31:C4:A5:67","sha256":"EA:C0:AE:2B:CC:50:15:24:FD:E1:95:AD:FA:A7:56:37:0B:DC:6A:FD:6A:5F:95:96:4E:03:2E:2A:AA:CF:2E:B0"}}},"request":{"raw":"OPTIONS /api/get-country-details HTTP/1.1\r\nHost: orders.cartpanda.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://nervital.site/\r\nOrigin: https://nervital.site\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 26 Oct 2025 01:47:46 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 0\r\ncf-ray: 9946499c8b9d3181-OSL\r\nallow: GET, POST, OPTIONS\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control, x-csrf-token\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=CTO96cZK5Nk4ENAiXGV4u903.ULu2b0knA0XIwheu04-1761443266-1.0.1.1-lGtN_E7hua_5YRV3j.WbD0WNUVar43KLDZioMIY7uZRMYauLs4XO4BFthySlfOe8YUSK.JrC3yyQNsmSUisysqaTAt4e_h1gEwSmB9PxEuM; path=/; expires=Sun, 26-Oct-25 02:17:46 GMT; domain=.cartpanda.com; HttpOnly; Secure; SameSite=None\r\nip_user_city: Oslo\r\nip_user_continent: EU\r\nip_user_country: NO\r\nip_user_lat: 59.91273\r\nip_user_lon: 10.74609\r\nip_user_postal_code: 0001\r\nip_user_region: Oslo\r\nip_user_region_code: 03\r\nip_user_timezone: Europe/Oslo\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-21T02:29:43.67316Z","times_seen":16596636,"resource_available":true,"data":null}},"time_used":254,"timings":{"blocked":53,"dns":0,"connect":1,"send":0,"wait":139,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nervital.site/1/assets/css/main.css","fqdn":"nervital.site","domain":"nervital.site","tld":"site"},"ip":{"addr":"145.223.104.78","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:45.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nervital.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Oct 2025 21:09:23 GMT","end":"Fri, 02 Jan 2026 21:09:22 GMT"},"fingerprint":{"sha1":"87:60:CB:34:5F:B4:F4:31:98:24:CF:5F:3E:37:55:47:54:EC:4C:64","sha256":"63:4F:75:F2:C8:DF:12:E5:17:9C:C4:CC:E2:05:5C:9B:15:29:9D:1E:2B:2E:9F:1B:23:46:98:22:9F:2F:5E:2C"}}},"request":{"raw":"GET /1/assets/css/main.css HTTP/1.1\r\nHost: nervital.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 02 Nov 2025 01:47:45 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 22 Oct 2025 12:55:58 GMT\r\netag: \"4b75-68f8d45e-21d84ce063e294fb;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 4362\r\ndate: Sun, 26 Oct 2025 01:47:45 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":19317,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (19311)","md5":"fa2a07c2422dc321d8f73146368ee174","sha1":"3bf46223031b3ac46dd780e46a354ae786583d93","sha256":"6ad3b6eb4471af32f496cc2dca3a5ed3fd486f19f8319dfa4ba141ffde64fbc8","sha512":"324ef54ea54480499c97eacdb61b39a71abe6707454c20d2b59795011c360a74b1c50b4401aebac125c634f3234af492e16c0b7681097e68663c2b13c9801f7e","ssdeep":"192:v+RYMyGdwVGtxEXlHlg/h8j3b6iQ0pVB73ybwZ2Qm8IatEqDZjkpOuwt6m3TvYbN:vyYMyGAGclgqbtpVBFTEqDZjFHTvYp","tlshash":"4682742582a1633cb51bd5a7e3c4bbde7524e803d62386fae84a6226c5c72f3137174c","first_seen":"2025-10-26T01:48:08.978805Z","last_seen":"2025-10-26T01:48:10.145491Z","times_seen":2,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"nervital.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nervital.site/1/assets/images/guarantee-badge.png","fqdn":"nervital.site","domain":"nervital.site","tld":"site"},"ip":{"addr":"145.223.104.78","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:45.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nervital.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Oct 2025 21:09:23 GMT","end":"Fri, 02 Jan 2026 21:09:22 GMT"},"fingerprint":{"sha1":"87:60:CB:34:5F:B4:F4:31:98:24:CF:5F:3E:37:55:47:54:EC:4C:64","sha256":"63:4F:75:F2:C8:DF:12:E5:17:9C:C4:CC:E2:05:5C:9B:15:29:9D:1E:2B:2E:9F:1B:23:46:98:22:9F:2F:5E:2C"}}},"request":{"raw":"GET /1/assets/images/guarantee-badge.png HTTP/1.1\r\nHost: nervital.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 02 Nov 2025 01:47:45 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 22 Oct 2025 12:55:58 GMT\r\netag: \"3fee3-68f8d45e-9e82c5bc513a91b9;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 261859\r\ndate: Sun, 26 Oct 2025 01:47:45 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":261859,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1080 x 1080, 8-bit colormap, non-interlaced","md5":"57c832138f8041d35b3fab78c95bc9f9","sha1":"b848750aa4ec89ed82c665f9579f27444e9cba30","sha256":"11e4e25e6e1e6b5129d90fd843b333c40f1423d729ae30881d65fcabfc80ab76","sha512":"4a02278d100070e690c35c54187f4f59831ca4cc903afb2c778cd5cb477ee8cc9e1de41d5019418cf31543c271c118cc66e735fef62e801e0f531f22864d0840","ssdeep":"6144:LJ2Q2SXN6AwPfp7qSnI/jCgWUKgKyjzcVU3:0Q2I6XPfpuSncjCgldKyjzJ3","tlshash":"18442358d5a9e5fb88bbe9004045892c387cc30e5b61d17fb81f6d45e2f1d75269223f","first_seen":"2025-10-21T00:11:23.467168Z","last_seen":"2026-05-23T11:32:54.157777Z","times_seen":53,"resource_available":false,"data":null}},"time_used":620,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":332,"receive":288,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"nervital.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nervital.site/1/assets/images/6-bottles.png","fqdn":"nervital.site","domain":"nervital.site","tld":"site"},"ip":{"addr":"145.223.104.78","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:45.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nervital.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Oct 2025 21:09:23 GMT","end":"Fri, 02 Jan 2026 21:09:22 GMT"},"fingerprint":{"sha1":"87:60:CB:34:5F:B4:F4:31:98:24:CF:5F:3E:37:55:47:54:EC:4C:64","sha256":"63:4F:75:F2:C8:DF:12:E5:17:9C:C4:CC:E2:05:5C:9B:15:29:9D:1E:2B:2E:9F:1B:23:46:98:22:9F:2F:5E:2C"}}},"request":{"raw":"GET /1/assets/images/6-bottles.png HTTP/1.1\r\nHost: nervital.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 02 Nov 2025 01:47:45 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 22 Oct 2025 12:55:58 GMT\r\netag: \"12e99-68f8d45e-9339a8e40a1f4bf5;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 77465\r\ndate: Sun, 26 Oct 2025 01:47:45 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":77465,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 900 x 465, 8-bit colormap, non-interlaced","md5":"e942920b6361b5ef6abdd683828a80f7","sha1":"546f6dc2fa6bcb5aaa4e775505da636746d1d48e","sha256":"2c15d62cca01e6b8b4b1bc5f489a747c1375d7ee58dc2b7ac315bef8386ddf34","sha512":"4a498480b1eab5471496722c1513afd514974757bbc23ac5d8e6749c12c2ce98e36fd6ac41b3c540cf7a0ab00af7f63da863a880dd8e9619de8878c6918357b9","ssdeep":"1536:yhdoBuZrTCPrwSvTeGReEg3/SKVZiWiF9fqVNkMxoHSE:vBuZrTCz/MLPpiVF9fYR5E","tlshash":"d573028d45f71ab9087fd4605556fb34a37b492c30126f1c839f6b6ce9ea3c2ba8611c","first_seen":"2025-10-26T01:48:08.950598Z","last_seen":"2025-10-26T01:48:10.14675Z","times_seen":2,"resource_available":false,"data":null}},"time_used":683,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":638,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"nervital.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:45.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 14:34:01 GMT","end":"Wed, 24 Dec 2025 14:34:00 GMT"},"fingerprint":{"sha1":"69:C0:F6:2B:DD:5C:EF:2D:13:DF:E4:02:A5:5A:AE:D0:E8:1D:F6:8A","sha256":"04:A4:17:F9:A5:5F:92:F9:2B:AE:63:97:B2:97:F5:38:94:37:06:AB:1B:75:6E:41:16:74:D5:07:D2:08:E3:6C"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://nervital.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 21 Oct 2025 23:36:12 GMT\r\nexpires: Wed, 21 Oct 2026 23:36:12 GMT\r\ncache-control: public, max-age=31536000\r\nage: 353493\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-21T02:32:18.641586Z","times_seen":215161,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":111,"dns":0,"connect":25,"send":0,"wait":16,"receive":5,"ssl":83},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nervital.site/favicon.ico","fqdn":"nervital.site","domain":"nervital.site","tld":"site"},"ip":{"addr":"145.223.104.78","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:46.393Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nervital.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Oct 2025 21:09:23 GMT","end":"Fri, 02 Jan 2026 21:09:22 GMT"},"fingerprint":{"sha1":"87:60:CB:34:5F:B4:F4:31:98:24:CF:5F:3E:37:55:47:54:EC:4C:64","sha256":"63:4F:75:F2:C8:DF:12:E5:17:9C:C4:CC:E2:05:5C:9B:15:29:9D:1E:2B:2E:9F:1B:23:46:98:22:9F:2F:5E:2C"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: nervital.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-type: text/html\r\nlast-modified: Tue, 22 Apr 2025 07:57:10 GMT\r\netag: \"119f-68074bd6-5acb556adeff7fec;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1626\r\ndate: Sun, 26 Oct 2025 01:47:46 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Bootstrap:3.3.7","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":4511,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (371)","md5":"b16e9097fc7d3af8ebfcfce7aba0a42d","sha1":"2af3c8408b8445fe81d9a7c8d7cc8e8a05bf80f5","sha256":"e7db95c97a5d45787cc3e40cbcb93b748fefc65bc14e162c746e37f979861729","sha512":"53a7a2c276fbc5159231c162eb863504448515f1a078832b81f1bffeedb1c82932810b66748fd4111d1b8fb866622a5cc63e79e497227b611c90886ba45d3f3b","ssdeep":"96:tr+ulojsBwJG8YqVcqHL/GSrrLc1VhrJuzeK:tyoasBwJG8nVjaSeVhrJgeK","tlshash":"0891f88f25f381452603c99037f9b61499554007f685eca8bdee9228cfc4b8a41e3bdc","first_seen":"2025-04-22T08:45:29.599713Z","last_seen":"2026-06-21T02:38:15.393757Z","times_seen":34734,"resource_available":true,"data":null}},"time_used":149,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":148,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"nervital.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go.maxweb.com/conversion/iframe/?a=11783\u0026token=f41342e4e485d69f3c9caf70b24694fd","fqdn":"go.maxweb.com","domain":"maxweb.com","tld":"com"},"ip":{"addr":"172.66.43.113","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:45.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"maxweb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 14 Oct 2025 23:35:56 GMT","end":"Tue, 13 Jan 2026 00:35:54 GMT"},"fingerprint":{"sha1":"F7:1E:A2:1F:A2:15:52:99:BE:64:C2:2A:AA:FC:70:44:4C:CE:EE:51","sha256":"0D:03:6D:0C:E3:B8:1E:16:DF:A8:C7:E2:D3:2F:0D:66:B8:60:FB:11:0A:1C:5F:46:B3:F1:C3:15:09:74:1C:1D"}}},"request":{"raw":"GET /conversion/iframe/?a=11783\u0026token=f41342e4e485d69f3c9caf70b24694fd HTTP/1.1\r\nHost: go.maxweb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nervital.site/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 26 Oct 2025 01:47:45 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nexpires: Sun, 26 Oct 2025 02:47:45 GMT\r\ncache-control: max-age=3600, private\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\nx-server: WEB_6\r\nstrict-transport-security: max-age=31536000;\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cflb=02DiuDvnJbjKdBkxKLVBqBrQP8wYzWkbUKKANUMi7R9MW; SameSite=Lax; path=/; expires=Mon, 27-Oct-25 00:47:45 GMT; HttpOnly\r\nserver: cloudflare\r\ncf-ray: 9946499a3ce856a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-21T02:29:43.67316Z","times_seen":16596636,"resource_available":true,"data":null}},"time_used":213,"timings":{"blocked":24,"dns":1,"connect":1,"send":0,"wait":160,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.mycartpanda.com/cartx-ecomm-ui-assets/js/loader.js","fqdn":"assets.mycartpanda.com","domain":"mycartpanda.com","tld":"com"},"ip":{"addr":"104.19.189.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:45.616Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycartpanda.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 13:43:03 GMT","end":"Tue, 23 Dec 2025 14:43:01 GMT"},"fingerprint":{"sha1":"52:F7:85:1D:22:05:0C:7B:32:67:11:41:79:EE:1F:7B:78:0A:D9:20","sha256":"33:8D:19:F2:D8:A0:47:40:1A:EE:74:67:28:28:A0:54:08:85:8C:32:ED:EF:D2:7A:2A:42:A6:49:47:C3:DF:65"}}},"request":{"raw":"GET /cartx-ecomm-ui-assets/js/loader.js HTTP/1.1\r\nHost: assets.mycartpanda.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nervital.site/\r\nCookie: __cf_bm=IG5P.0w1vUDnsgCXVH8eN8uM2C4qTQp8yX07LButMFQ-1761443265-1.0.1.1-.8k9xVmgwxYRmzghaubyHE7dei.KYAilBOUt0J_vZTVjnzw9vm3olxkV8EojG0C6BDu6kDT6dN5xbBb3.sM8E2d6Uj.5ukx5wr9mcRJuNMw\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 26 Oct 2025 01:47:45 GMT\r\ncontent-type: application/javascript\r\ncontent-encoding: br\r\nlast-modified: Sat, 25 Oct 2025 04:46:01 GMT\r\nx-amz-version-id: JHoRBWjQQOl1V_Xqqxyu4DWba723g4dZ\r\netag: W/\"6992b8e77e555342576b6cebf6c8451d\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 193fe983778f7496cce206a132f2e55a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: ipimVpxUspYAbTJ-Fyq3tkwNJQrgr64ph896c1_1_dGSe8hZjU4vgQ==\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nip_user_city: Oslo\r\nip_user_continent: EU\r\nip_user_country: NO\r\nip_user_lat: 59.91273\r\nip_user_lon: 10.74609\r\nip_user_postal_code: 0001\r\nip_user_region: Oslo\r\nip_user_region_code: 03\r\nip_user_timezone: Europe/Oslo\r\nserver: cloudflare\r\ncf-ray: 9946499a1c0356b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":3142,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"6992b8e77e555342576b6cebf6c8451d","sha1":"dc150d8fb87c6ef25c302574ecc194eee7f33d23","sha256":"ae49a334c874320092a396b9163719bd2abfe82efe7f35b3cb9e44a70108accf","sha512":"96860065b142131a4727458a69362ec86789ed0effb00ebc4e262882d4a91cb6e74ceca4b4deabf51efac10521b910fb6a6ccda28aa5198ae9cf9d2c60f134b8","ssdeep":"","tlshash":"2351f01ebaf276659357f06c863f8814b230480b049cec007f4cb2b57f1653853b9aba","first_seen":"2025-06-24T13:11:21.224348Z","last_seen":"2026-06-17T08:22:18.93823Z","times_seen":549,"resource_available":true,"data":null}},"time_used":284,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":284,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:45.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 14:34:01 GMT","end":"Wed, 24 Dec 2025 14:34:00 GMT"},"fingerprint":{"sha1":"69:C0:F6:2B:DD:5C:EF:2D:13:DF:E4:02:A5:5A:AE:D0:E8:1D:F6:8A","sha256":"04:A4:17:F9:A5:5F:92:F9:2B:AE:63:97:B2:97:F5:38:94:37:06:AB:1B:75:6E:41:16:74:D5:07:D2:08:E3:6C"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://nervital.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 21 Oct 2025 23:36:12 GMT\r\nexpires: Wed, 21 Oct 2026 23:36:12 GMT\r\ncache-control: public, max-age=31536000\r\nage: 353493\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-21T02:32:18.641586Z","times_seen":215161,"resource_available":false,"data":null}},"time_used":426,"timings":{"blocked":204,"dns":1,"connect":9,"send":0,"wait":8,"receive":2,"ssl":197},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:45.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 14:34:01 GMT","end":"Wed, 24 Dec 2025 14:34:00 GMT"},"fingerprint":{"sha1":"69:C0:F6:2B:DD:5C:EF:2D:13:DF:E4:02:A5:5A:AE:D0:E8:1D:F6:8A","sha256":"04:A4:17:F9:A5:5F:92:F9:2B:AE:63:97:B2:97:F5:38:94:37:06:AB:1B:75:6E:41:16:74:D5:07:D2:08:E3:6C"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://nervital.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 21 Oct 2025 23:36:12 GMT\r\nexpires: Wed, 21 Oct 2026 23:36:12 GMT\r\ncache-control: public, max-age=31536000\r\nage: 353493\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-21T02:32:18.641586Z","times_seen":215161,"resource_available":false,"data":null}},"time_used":395,"timings":{"blocked":191,"dns":1,"connect":23,"send":0,"wait":7,"receive":3,"ssl":166},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123assets/images/6-bottles.png","fqdn":"nervital.site","domain":"nervital.site","tld":"site"},"ip":{"addr":"145.223.104.78","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:45.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nervital.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Oct 2025 21:09:23 GMT","end":"Fri, 02 Jan 2026 21:09:22 GMT"},"fingerprint":{"sha1":"87:60:CB:34:5F:B4:F4:31:98:24:CF:5F:3E:37:55:47:54:EC:4C:64","sha256":"63:4F:75:F2:C8:DF:12:E5:17:9C:C4:CC:E2:05:5C:9B:15:29:9D:1E:2B:2E:9F:1B:23:46:98:22:9F:2F:5E:2C"}}},"request":{"raw":"GET /1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123assets/images/6-bottles.png HTTP/1.1\r\nHost: nervital.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html\r\nlast-modified: Wed, 22 Oct 2025 23:34:15 GMT\r\netag: \"66d1-68f969f7-ad4f391eb9eeb880;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 5513\r\ndate: Sun, 26 Oct 2025 01:47:46 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":26321,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (626)","md5":"c5cea888c23e0034849bb48d837646a0","sha1":"12196409a855faebe4db7726558cdb1db94b713f","sha256":"a9a7f6cb9cf3f0fe754242e8c39050a9876a43fc4daac7233ba1dc00dde58cce","sha512":"8de25a8973782972674e27021481e437bf4f66b8dd6281b2a8fec7d56f4791c11e90a54f9b9ea1e12a3cbc2bed888cb7ed06388f92e34ca5f7cd27af700c5f75","ssdeep":"384:ugWs4nzw/Ug3wGtOiYwD7WXJHtOszwdD2jHtOWxkrsds1Mcx2u6PM6h3jw6Tg6eq:XWs4Sb+ZK+63ofp","tlshash":"35c2416191cd6d7b010342d7b1a17b8a32ef9e30eb2781a1f2bf526853d6c90792752e","first_seen":"2025-10-26T01:48:08.960207Z","last_seen":"2025-10-26T01:48:10.142653Z","times_seen":2,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"nervital.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"assets.mycartpanda.com/cartx-ecomm-ui-assets/js/cartpanda-cpb.js","fqdn":"assets.mycartpanda.com","domain":"mycartpanda.com","tld":"com"},"ip":{"addr":"104.19.189.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:46.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycartpanda.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 13:43:03 GMT","end":"Tue, 23 Dec 2025 14:43:01 GMT"},"fingerprint":{"sha1":"52:F7:85:1D:22:05:0C:7B:32:67:11:41:79:EE:1F:7B:78:0A:D9:20","sha256":"33:8D:19:F2:D8:A0:47:40:1A:EE:74:67:28:28:A0:54:08:85:8C:32:ED:EF:D2:7A:2A:42:A6:49:47:C3:DF:65"}}},"request":{"raw":"GET /cartx-ecomm-ui-assets/js/cartpanda-cpb.js HTTP/1.1\r\nHost: assets.mycartpanda.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nervital.site/\r\nCookie: __cf_bm=IG5P.0w1vUDnsgCXVH8eN8uM2C4qTQp8yX07LButMFQ-1761443265-1.0.1.1-.8k9xVmgwxYRmzghaubyHE7dei.KYAilBOUt0J_vZTVjnzw9vm3olxkV8EojG0C6BDu6kDT6dN5xbBb3.sM8E2d6Uj.5ukx5wr9mcRJuNMw\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 26 Oct 2025 01:47:46 GMT\r\ncontent-type: application/javascript\r\ncontent-encoding: br\r\nlast-modified: Sat, 25 Oct 2025 04:46:01 GMT\r\nx-amz-version-id: BIwcl8dJ9yYQfe2avjE4a24PmgoIxN33\r\netag: W/\"7ed92ac3cdfb7e5d11bc7fee0f7991c1\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 193fe983778f7496cce206a132f2e55a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: VC1_KP0zz0bd66bC0Dghu3xsmtoaPN9_zucoUXTSq88NTXs6mZGHCw==\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nip_user_city: Oslo\r\nip_user_continent: EU\r\nip_user_country: NO\r\nip_user_lat: 59.91273\r\nip_user_lon: 10.74609\r\nip_user_postal_code: 0001\r\nip_user_region: Oslo\r\nip_user_region_code: 03\r\nip_user_timezone: Europe/Oslo\r\nserver: cloudflare\r\ncf-ray: 9946499f4d7c56b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":46573,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12016)","md5":"7ed92ac3cdfb7e5d11bc7fee0f7991c1","sha1":"1dc361c57aa39c8ba20a7102762a97f098dd67cb","sha256":"d16c4e33c38edd7922a4eb01ab65edc24cd482086cef773d775652e20838be50","sha512":"6e7abd88c94adf5b4256fce4c93559e908e9f115f95e49de96695ca5c962af187e046b3d0419435ca7d0a047699b7799c1a624e651dbb21aca22c60631b0f24b","ssdeep":"768:KiaLp1w2ETdmDaIPQWVRxoqbt7jf3HXL0Ja3EVVaQLufygjkMqUEyhrK7ibfCg3C:KN11w2ETYBPQoxvnLPjZjnqDimg3C","tlshash":"f723d82766c23870a733b9a597ef2c0d3238f29379439e04bd0c55245f169b8a596bec","first_seen":"2025-06-24T13:11:21.203075Z","last_seen":"2026-06-17T08:22:18.927275Z","times_seen":549,"resource_available":true,"data":null}},"time_used":499,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":278,"receive":221,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:45.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 14:34:04 GMT","end":"Wed, 24 Dec 2025 14:34:03 GMT"},"fingerprint":{"sha1":"5F:D5:F8:10:14:80:32:78:B6:66:AC:25:01:5E:C2:6B:0C:D6:03:BD","sha256":"66:2A:01:C5:DD:28:0B:66:17:E5:8A:2F:4E:52:AF:74:21:21:65:E1:71:72:47:4B:5D:69:50:8D:B4:16:49:C5"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;500;600;700;800\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nervital.site/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 26 Oct 2025 01:47:45 GMT\r\ndate: Sun, 26 Oct 2025 01:47:45 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12635,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"4b1d52c19ccef2398d1de007b3c9a55c","sha1":"c57fa2bcac927a7d60c526cb7ec2b6249019dfe7","sha256":"05f842619ec9f615de0b749034eadaea60e3554d798683fb01ee1eb27abd1e68","sha512":"9dfc4ab3832325eb1438bd85674e15ceb62771b94f06ea8e48a2e286453d571218df3f6727b8df4c1bdfa47218eb5fed0298601da289391a736a76a230d68c3b","ssdeep":"192:9NNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGfNx0NO3kCxHx:vXuM0p2+g7r","tlshash":"1e427892002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-10T22:54:08.549336Z","last_seen":"2026-06-21T02:06:30.749284Z","times_seen":12002,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":113,"dns":1,"connect":21,"send":0,"wait":33,"receive":0,"ssl":101},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nervital.site/1/assets/images/3-bottles.png","fqdn":"nervital.site","domain":"nervital.site","tld":"site"},"ip":{"addr":"145.223.104.78","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:45.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nervital.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Oct 2025 21:09:23 GMT","end":"Fri, 02 Jan 2026 21:09:22 GMT"},"fingerprint":{"sha1":"87:60:CB:34:5F:B4:F4:31:98:24:CF:5F:3E:37:55:47:54:EC:4C:64","sha256":"63:4F:75:F2:C8:DF:12:E5:17:9C:C4:CC:E2:05:5C:9B:15:29:9D:1E:2B:2E:9F:1B:23:46:98:22:9F:2F:5E:2C"}}},"request":{"raw":"GET /1/assets/images/3-bottles.png HTTP/1.1\r\nHost: nervital.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 02 Nov 2025 01:47:45 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 22 Oct 2025 12:55:58 GMT\r\netag: \"197f3-68f8d45e-708a317f3308996d;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 104435\r\ndate: Sun, 26 Oct 2025 01:47:45 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":104435,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 900 x 684, 8-bit colormap, non-interlaced","md5":"e4db0a284ba24f6de861d055df30ac7e","sha1":"779d78a89759148f09eb12fb8549a5d186d4f21e","sha256":"774d5e9fec35b01839c1f4a4c5904d37f4ec837117ef831d7fdb2b377c33a889","sha512":"649eb180ce9f5eebbadf1534c6b1b2dcf01b3b472fc13c0006f150307930f4f3b4a8925dc856acf8c3054cc272fa21462d725b9be67cd52fba13862f5dfcb9fd","ssdeep":"1536:C865MBUeC/b1Q1cgAXbhJmYt5qQ39pp8OM+D9RnLijSl1qhxDltvgOQ+7hJ:ocCD2cg+Pt00M+rnL0Sl1qhdgO3","tlshash":"04a3128b349b691e2857433d28236bf39e6e3d398dd5d3c173db662e6cd686b0250190","first_seen":"2025-10-26T01:48:08.970489Z","last_seen":"2025-10-26T01:48:10.149657Z","times_seen":2,"resource_available":false,"data":null}},"time_used":733,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":682,"receive":51,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"nervital.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nervital.site/1/assets/images/3-bottles-small.png","fqdn":"nervital.site","domain":"nervital.site","tld":"site"},"ip":{"addr":"145.223.104.78","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123","date":"2025-10-26T01:47:45.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nervital.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Oct 2025 21:09:23 GMT","end":"Fri, 02 Jan 2026 21:09:22 GMT"},"fingerprint":{"sha1":"87:60:CB:34:5F:B4:F4:31:98:24:CF:5F:3E:37:55:47:54:EC:4C:64","sha256":"63:4F:75:F2:C8:DF:12:E5:17:9C:C4:CC:E2:05:5C:9B:15:29:9D:1E:2B:2E:9F:1B:23:46:98:22:9F:2F:5E:2C"}}},"request":{"raw":"GET /1/assets/images/3-bottles-small.png HTTP/1.1\r\nHost: nervital.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nervital.site/1/?afid=BRgYAbETVB\u0026cid=11783_sessid20251026014748852\u0026utm_term=123\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 02 Nov 2025 01:47:45 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 22 Oct 2025 12:55:58 GMT\r\netag: \"15f2a-68f8d45e-6a391c1b91f0acd1;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 89898\r\ndate: Sun, 26 Oct 2025 01:47:45 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":89898,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 800 x 608, 8-bit colormap, non-interlaced","md5":"419dea426f65b7f4de90e8d364c1bc89","sha1":"1c93c26744798a648bef47783e85b61a36ef1ac5","sha256":"b0d36a743c5e63e47ace5b0eb4e97ca7c17e708d7bcf5d086b388be3257facf8","sha512":"a93b204b032e4f14a7b67b647e0d4450763f3ad083fd1569a59a17ae5b60c1c45449206dec253f5359061a1b4064cd09fb62bceebcb7532ea7f5cb0728601271","ssdeep":"1536:VHJQll9zCpRUsnIV2qzBzDLURWbmwPTG2d3sgCrCOWuejJiaXakI5/JY9D7f4uD:VpGltUUC4zhfURWHLTBjHuejJiaXakUK","tlshash":"dd9312ff576de37851a7f0f0685a6acb10f86e985ba77e5f188601eb381c90806817dc","first_seen":"2025-10-26T01:48:08.954806Z","last_seen":"2025-10-26T01:48:10.150314Z","times_seen":2,"resource_available":false,"data":null}},"time_used":763,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":733,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"nervital.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}