{"report_id":"a9ba6789-f772-4274-8d61-4b662dd372a2","version":6,"status":"done","tags":[],"date":"2025-11-11T22:24:29Z","url":{"schema":"http","addr":"www.lofey.xyz/","fqdn":"www.lofey.xyz","domain":"lofey.xyz","tld":"xyz"},"ip":{"addr":"142.250.74.51","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"www.lofey.xyz/","fqdn":"www.lofey.xyz","domain":"lofey.xyz","tld":"xyz"},"title":"lofey.xyz/","dom":{"size":17968,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4195)","md5":"2df1bf5cf2a7a92889595079a1bca961","sha1":"d4f9dd7fd7f519975150f0c5c8dc2ac97594c838","sha256":"ee4f7836773089fac437eeafe9c91884bf9947f4d6d799f8a73564e637af47d7","sha512":"3f326ed9e23b746222a05501aaf66121dc3f80d22cb8dc354acc4b5f199402533dfe56ebe375e354e9601379c91d00191c82aa99b448bce6c0f15a7add417330","ssdeep":"384:DtZ7/P5Ix0i9iQisihi6Uayrc25FLv9/Os2WdllExmk:D7/Ustho6Cc292Wbk","tlshash":"358219c7a8b78035aa53d4acb7f6ab047296d007e946cc5eb4dd52244f84fcb89573e0","dom_hash":"domhash3bbd55b9bbc70ab74f69d7e37121d157","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"www.lofey.xyz/","fqdn":"www.lofey.xyz","domain":"lofey.xyz","tld":"xyz"},"ip":{"addr":"142.250.74.51","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-16T22:24:29Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":0,"analyzer":2}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-11T22:24:06Z","timestamp":1762899846,"ip_dst":{"addr":"108.181.20.35","port":443,"asn":40676,"as":"AS40676","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.4","port":59036,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed File Sharing Service Download Domain (files .catbox .moe in TLS SNI)","source":"{\"timestamp\":\"2025-11-11T22:24:06.939729+0000\",\"flow_id\":1093042191118328,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":59036,\"dest_ip\":\"108.181.20.35\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2038639,\"rev\":1,\"signature\":\"ET INFO Observed File Sharing Service Download Domain (files .catbox .moe in TLS SNI)\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_08_29\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_08_29\"]}},\"tls\":{\"sni\":\"files.catbox.moe\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"15af977ce25de452b96affa2addb1036\",\"string\":\"771,4866,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":305,\"start\":\"2025-11-11T22:24:06.634872+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-11T22:24:06Z","timestamp":1762899846,"ip_dst":{"addr":"108.181.20.35","port":443,"asn":40676,"as":"AS40676","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.4","port":59036,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ETPRO INFO .moe Domain in TLS SNI","source":"{\"timestamp\":\"2025-11-11T22:24:06.939729+0000\",\"flow_id\":1093042191118328,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":59036,\"dest_ip\":\"108.181.20.35\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2827579,\"rev\":7,\"signature\":\"ETPRO INFO .moe Domain in TLS SNI\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2017_08_17\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Moderate\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"tls\":{\"sni\":\"files.catbox.moe\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"15af977ce25de452b96affa2addb1036\",\"string\":\"771,4866,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":305,\"start\":\"2025-11-11T22:24:06.634872+0000\"}}"}],"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"www.lofey.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"files.catbox.moe","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.lofey.xyz","ip":{"addr":"142.250.74.51","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2025-10-14","domain_rank":0,"first_seen":"2025-10-28T01:10:38.871354Z","last_seen":"2025-10-28T01:10:38.871354Z","alert_count":2,"request_count":2,"received_data":24036,"sent_data":901,"comment":"","tags":null,"fingerprints":[{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-11-09T22:13:41.73664Z","alert_count":0,"request_count":1,"received_data":433319,"sent_data":434,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.blogger.com","ip":{"addr":"142.251.38.105","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1999-06-22","domain_rank":9514,"first_seen":"2012-05-22T07:35:03Z","last_seen":"2025-11-09T22:56:58.995593Z","alert_count":0,"request_count":2,"received_data":179743,"sent_data":905,"comment":"","tags":null,"fingerprints":null},{"fqdn":"d1yei2z3i6k35z.cloudfront.net","ip":{"addr":"54.240.174.128","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2020-12-04T18:06:05Z","last_seen":"2025-11-11T18:55:19.643978Z","alert_count":0,"request_count":2,"received_data":1619308,"sent_data":1097,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"i.scdn.co","ip":{"addr":"23.36.77.105","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2010-08-20","domain_rank":7612,"first_seen":"2017-01-30T05:00:06Z","last_seen":"2025-11-06T05:34:34.822623Z","alert_count":0,"request_count":1,"received_data":91996,"sent_data":463,"comment":"","tags":null,"fingerprints":null},{"fqdn":"files.catbox.moe","ip":{"addr":"108.181.20.35","port":443,"asn":40676,"as":"AS40676","country":"United States","country_code":"US"},"domain_registered":"2015-04-06","domain_rank":519029,"first_seen":"2015-06-29T23:27:11Z","last_seen":"2025-11-05T01:55:05.602492Z","alert_count":1,"request_count":1,"received_data":867035,"sent_data":434,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ipapi.co","ip":{"addr":"172.67.69.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-04-19","domain_rank":7936,"first_seen":"2017-01-31T09:07:01Z","last_seen":"2025-11-10T16:00:04.62695Z","alert_count":0,"request_count":1,"received_data":2470,"sent_data":427,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-11T22:24:06Z","timestamp":1762899846,"ip_dst":{"addr":"108.181.20.35","port":443,"asn":40676,"as":"AS40676","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.4","port":59036,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed File Sharing Service Download Domain (files .catbox .moe in TLS SNI)","source":"{\"timestamp\":\"2025-11-11T22:24:06.939729+0000\",\"flow_id\":1093042191118328,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":59036,\"dest_ip\":\"108.181.20.35\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2038639,\"rev\":1,\"signature\":\"ET INFO Observed File Sharing Service Download Domain (files .catbox .moe in TLS SNI)\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_08_29\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_08_29\"]}},\"tls\":{\"sni\":\"files.catbox.moe\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"15af977ce25de452b96affa2addb1036\",\"string\":\"771,4866,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":305,\"start\":\"2025-11-11T22:24:06.634872+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-11T22:24:06Z","timestamp":1762899846,"ip_dst":{"addr":"108.181.20.35","port":443,"asn":40676,"as":"AS40676","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.4","port":59036,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ETPRO INFO .moe Domain in TLS SNI","source":"{\"timestamp\":\"2025-11-11T22:24:06.939729+0000\",\"flow_id\":1093042191118328,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":59036,\"dest_ip\":\"108.181.20.35\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2827579,\"rev\":7,\"signature\":\"ETPRO INFO .moe Domain in TLS SNI\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2017_08_17\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Moderate\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"tls\":{\"sni\":\"files.catbox.moe\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"15af977ce25de452b96affa2addb1036\",\"string\":\"771,4866,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":305,\"start\":\"2025-11-11T22:24:06.634872+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.lofey.xyz/","fqdn":"www.lofey.xyz","domain":"lofey.xyz","tld":"xyz"},"ip":{"addr":"142.250.74.51","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a72eac82b4dc2343c5cd4a55abad9184","sha1":"b00d88d7a2c236f1e0b444bf92a9ca51cfe61c73","sha256":"82fd10eb95cda8d705f0476c21e6e68b032548fea9ec5b67e61533ed7ed18ebb","sha512":"fef9089b0338923576934043a8828509df36012a7ad643af2f635482dcbe8605ee12a20785076884834365a488f07b2a928a60ad766afce68f747b058a4e763a","ssdeep":"","tlshash":"e5c08c88220a4cb041e626008f3fa600b402322495906922484923044e30e07db88810","size":153,"data":"","first_seen":"2025-11-11T22:24:32.228321Z","last_seen":"2025-11-11T22:24:32.228321Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.lofey.xyz/","fqdn":"www.lofey.xyz","domain":"lofey.xyz","tld":"xyz"},"ip":{"addr":"142.250.74.51","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"dc43b4c055a4f9134664fa06d2628e9e","sha1":"1083c892d308202024510ff281c34de98e2fb2c9","sha256":"ba52c77da8dd575283aa72c762e4b475c99b22e33e7882bfeb2f8c2c50b7b270","sha512":"39dead28444f46af4016ee6f09d5f47c394d7abba5098075f6bbe9685dae958086fe1a0293ed3b626014d2d8836463f528744ed78b36e303f59937aabcb03c76","ssdeep":"","tlshash":"dee0ca8f5041043d87f3745c058e55102f613045bc670c4de924f400404f54f815fdf8","size":422,"data":"","first_seen":"2025-11-11T22:24:32.230212Z","last_seen":"2025-11-11T22:24:32.230212Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.lofey.xyz/","fqdn":"www.lofey.xyz","domain":"lofey.xyz","tld":"xyz"},"ip":{"addr":"142.250.74.51","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"38ee2f6ddbe8a478e5795030e72ba35d","sha1":"d332319b04b273e3b9a93ffa22ba9036d59b8e99","sha256":"97d98978d5864e77cd83bd79a0d31ced40631a6134a154e8f049bcc20f49a319","sha512":"15610a3ce0ff69817776e355c350aebc006a7744a941c1258fe16a2e73445d964fd94885bd4b50bb2e9ea773a5f95bf1aa124fd90a3252ab2769d2870e5fbb95","ssdeep":"","tlshash":"20d02ef7f4d5ac218809a3200865e9083032e6feb3a08de094c0063a488a8ba9306fa0","size":275,"data":"","first_seen":"2023-03-07T01:02:24Z","last_seen":"2026-04-05T06:48:13.261213Z","times_seen":96960,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-4B6MYW60Y8","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e8c3bcf401f413e7d4021a5b1af0713a","sha1":"5f8abfe15959153ddfd691c20433ec2f0f7bb62d","sha256":"c4b96bffae3b62ea88c2597384dba35ff4bdae7a233aeed085fefbf1f891e715","sha512":"09a8018ddd99378b863fb0d157169531964cb838aecf80f047ac2a94e0a89026cd2f4a4e033665fc92fecf6781150108ae3c27d1ae76fcf3cd6f55e3b2988871","ssdeep":"6144:zWJjSz5v5rPQ5s9KP4GFtmJnxeSEUrm3IcRXtUyhjMvU:zoWzh5rY5vP4GbmZm3Iwf","tlshash":"169418ce73d674265396f478502f018ba57b28a2b44cc896f1c9cde02e74a9a4277f7c","size":432715,"data":"","first_seen":"2025-11-11T22:24:32.213824Z","last_seen":"2025-11-11T22:24:32.213824Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.lofey.xyz/","fqdn":"www.lofey.xyz","domain":"lofey.xyz","tld":"xyz"},"ip":{"addr":"142.250.74.51","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"eb6ed33483c38ab5926a1f72088fae1f","sha1":"1960089437439dd052e1fb2e109a65ca4d642039","sha256":"050c68a075c10751eba07739ad2c7ee0cc445c91585027b6f742ec40daf64b3d","sha512":"4703ac36969e761c6880ca7d7c716fb6245d5314566dc1515ed06573fb9e2b5c13e4af8cdb92a577a944ee6814f7519dc071ec779df8a7bae80f56b894f65210","ssdeep":"","tlshash":"a2e02bdd2044883e8eb3b1f9088f284129633116fd4a5c4cf49c791004ada4f815fdf4","size":415,"data":"","first_seen":"2025-11-11T22:24:32.233065Z","last_seen":"2025-11-11T22:24:32.233065Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.lofey.xyz/","fqdn":"www.lofey.xyz","domain":"lofey.xyz","tld":"xyz"},"ip":{"addr":"142.250.74.51","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a7cef8f2b38e9d8419884947ab3f649e","sha1":"24d2255775335b695d786bfe27844fad45eebe43","sha256":"40a6d2d0c136fab8d18bb5087755c8b526c288901e35e77be3308f9eebeb5fa6","sha512":"742d54d19c6df619ff3b58733aa4c42622f2bb1a306b960a2fc31559cf95ac1e08ea4f647cd1a0a853284d3eeaffd3c7513c816c1d7af764605bbeda302924e7","ssdeep":"","tlshash":"47f0e93fb3794b3001fb925377149319373f2205166db7811cead64155e0e8554b02d2","size":479,"data":"","first_seen":"2025-11-11T22:24:32.234893Z","last_seen":"2025-11-11T22:24:32.234893Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.lofey.xyz/","fqdn":"www.lofey.xyz","domain":"lofey.xyz","tld":"xyz"},"ip":{"addr":"142.250.74.51","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a930be9382c80d480ec483d776753001","sha1":"df53e19c450f37f4aedb543af0352c645c79d9f2","sha256":"c69ee478dbe7fcebf48f16a317cc52f383023e80a9f23d31134c166cfecbbf36","sha512":"2d826709e48e225cb89d3449cbcffd65583e9c7da933fe28f3b2d4561d52fe71bfe30921285dff7fb4b42b85aff285f2bfca0c88244c5cb919d172277b95cc15","ssdeep":"","tlshash":"b011ce67726705208b5bc0aa27e617893171210f3c04c5c63c9e86575f64ee261ff5e8","size":1052,"data":"","first_seen":"2025-11-11T22:24:32.236266Z","last_seen":"2025-11-11T22:24:32.236266Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.lofey.xyz/js/cookienotice.js","fqdn":"www.lofey.xyz","domain":"lofey.xyz","tld":"xyz"},"ip":{"addr":"142.250.74.51","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a705132a2174f88e196ec3610d68faa8","sha1":"3bad57a48d973a678fec600d45933010f6edc659","sha256":"068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568","sha512":"e947d33e0e9c5e6516f05e0ea696406e4e09b458f85021bc3a217071ae14879b2251e65aec5d1935ca9af2433d023356298321564e1a41119d41be7c2b2d36d5","ssdeep":"96:q54UPzHFcJZ7haKemb/m2GzrzCXAl/MStzo41Pm+YsttcVcbYhyjcso13EZDjiat:q5rPzHgxm2GzaXeMnuzYstyryPhZD9","tlshash":"4fd1630938a7127d125fa03fb6bf515ab66410238101db08786dfa785fd5f42a8e4ffa","size":6513,"data":"","first_seen":"2023-03-07T01:02:24Z","last_seen":"2026-04-05T06:48:13.1847Z","times_seen":109449,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.lofey.xyz/","fqdn":"www.lofey.xyz","domain":"lofey.xyz","tld":"xyz"},"ip":{"addr":"142.250.74.51","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"43145ea0900d31bb812de1508e5ebe9d","sha1":"908034c20e5938bf848acabbe72530098b2c735d","sha256":"26024f1642ccdaa762ab48b61a40a1543ddd0e66d5f359058c41ef4fae665ce5","sha512":"75ec8166ab32b961eb541c468002c30a48c8f186968b14a486bd987e657cb6178acb8bff4726e00187b0d953c3e91190f4ed33275c3046985cfe3ae83ce85c9b","ssdeep":"","tlshash":"1631bfdf41a22239a9e370b0535631082153b06b7a64ec06b65d8b210f083fb15727e6","size":1590,"data":"","first_seen":"2025-11-11T22:24:32.238076Z","last_seen":"2025-11-11T22:24:32.238076Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.blogger.com/static/v1/widgets/1601900224-widgets.js","fqdn":"www.blogger.com","domain":"blogger.com","tld":"com"},"ip":{"addr":"142.251.38.105","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d1b4ee405b6512766878bf55eb854784","sha1":"d7422e60b47546e68df7ac6d3ba59bc511e7ebb0","sha256":"8eaede2ddba0ec68b0d49993f6f40b54c742c28574f24532e9701e353acf3208","sha512":"1b9e0ba2ce917c52fa7902be5421a23b0c6412416f0b97829f596c0c513fc06eda7a2905452f25a9650f457dd7b29ad48a7514c325d311ad4a05c3956b50a2a5","ssdeep":"1536:FBVF5vRqzF9PwnrQc6MYse/412eRzfoPHd2NrAtSKUnvG1gMBSBZ/6di56D7Sey8:CF9Pnb412exgkNrPKHgz/9veyb0wcfN","tlshash":"5ce3f9d8b79270628373b4b5003f010ff13ab4aae84889acb188d9e57d749695677f7c","size":147718,"data":"","first_seen":"2025-10-20T03:30:49.724306Z","last_seen":"2025-11-30T11:46:00.668265Z","times_seen":6920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.lofey.xyz/","fqdn":"www.lofey.xyz","domain":"lofey.xyz","tld":"xyz"},"ip":{"addr":"142.250.74.51","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f488687f23b8b2ad6f1d05c2d07b2735","sha1":"9fc276898b78f841cb27d76da4f17dbe8c77aefe","sha256":"9153ade8a8e5db45d8092225fe85f04f6af83889149e2f735d1815268a1003c9","sha512":"de641622763436813ae87369ae73c0f2d7123835e07e67005a30b4bc76dccf76f07be9c35b78614275144015af1f491458cf292e060df5ef74cefbeb267e7ce2","ssdeep":"","tlshash":"690189137108e71422a314347b8bba18fd2ac2520895453b391cf5324f07b63ce96be3","size":798,"data":"","first_seen":"2024-02-05T14:31:36Z","last_seen":"2026-04-05T06:48:13.272616Z","times_seen":65923,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"www.lofey.xyz/","fqdn":"www.lofey.xyz","domain":"lofey.xyz","tld":"xyz"},"ip":{"addr":"142.250.74.51","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-11T22:24:05.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.lofey.xyz","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Wed, 22 Oct 2025 17:59:22 GMT","end":"Tue, 20 Jan 2026 18:51:34 GMT"},"fingerprint":{"sha1":"D8:C2:C9:CB:30:B9:FA:64:0A:BB:C2:47:C3:43:97:AB:7D:23:21:45","sha256":"DC:95:61:B4:88:7A:7A:F0:51:AB:31:5F:53:94:B4:51:BF:74:AE:ED:04:D8:DB:74:1A:5E:12:9F:DB:29:0D:02"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.lofey.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nexpires: Tue, 11 Nov 2025 22:24:06 GMT\r\ndate: Tue, 11 Nov 2025 22:24:06 GMT\r\ncache-control: private, max-age=0\r\nlast-modified: Mon, 10 Nov 2025 16:17:58 GMT\r\netag: W/\"126297573b83eaa1a58b04b29d90854adb3a18603f1f886de047fa12cce142fc\"\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 5535\r\nserver: GSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":16442,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4195)","md5":"b939a947c8aee57cd25b66c206912601","sha1":"2fcd6642f1b7783320fdf18e6afa9d00277b7a7d","sha256":"5c5e57cfdf02d06a2051c98e27fd4d975359339b7f16f3265287d8f3bc326582","sha512":"d2dadf27b39e4907a52531414d15bf54abdcb235824abc43b27beb8a4945e88dcbc78f79f840a5b6a47a6683823cde9cb93500a423171bf94d88c807788c4ca6","ssdeep":"384:fPBKGx0i9iQisihi6UayNc21FLv9/Os2WdllExd:3bstho6oc2B2WM","tlshash":"227219c7a8b780346a53d4acb7baaf047257e007ea42cc5db5dc51244f84bcb89677d0","first_seen":"2025-11-11T22:24:32.211875Z","last_seen":"2025-11-11T22:24:32.211875Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1000,"timings":{"blocked":400,"dns":172,"connect":20,"send":0,"wait":194,"receive":6,"ssl":204},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"www.lofey.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-4B6MYW60Y8","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.lofey.xyz/","date":"2025-11-11T22:24:06.625Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:37:33 GMT","end":"Mon, 05 Jan 2026 08:37:32 GMT"},"fingerprint":{"sha1":"6D:B1:20:6C:4E:45:23:88:91:95:5C:C3:FE:0D:A8:1B:29:43:20:6A","sha256":"15:E2:87:29:F5:07:FE:12:A2:58:8F:EE:D0:AD:2A:AC:63:5D:69:08:82:23:F9:BD:90:70:9F:09:AA:7B:57:8B"}}},"request":{"raw":"GET /gtag/js?id=G-4B6MYW60Y8 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.lofey.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 11 Nov 2025 22:24:06 GMT\r\nexpires: Tue, 11 Nov 2025 22:24:06 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 143252\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":432715,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"e8c3bcf401f413e7d4021a5b1af0713a","sha1":"5f8abfe15959153ddfd691c20433ec2f0f7bb62d","sha256":"c4b96bffae3b62ea88c2597384dba35ff4bdae7a233aeed085fefbf1f891e715","sha512":"09a8018ddd99378b863fb0d157169531964cb838aecf80f047ac2a94e0a89026cd2f4a4e033665fc92fecf6781150108ae3c27d1ae76fcf3cd6f55e3b2988871","ssdeep":"6144:zWJjSz5v5rPQ5s9KP4GFtmJnxeSEUrm3IcRXtUyhjMvU:zoWzh5rY5vP4GbmZm3Iwf","tlshash":"169418ce73d674265396f478502f018ba57b28a2b44cc896f1c9cde02e74a9a4277f7c","first_seen":"2025-11-11T22:24:32.213824Z","last_seen":"2025-11-11T22:24:32.213824Z","times_seen":1,"resource_available":true,"data":null}},"time_used":160,"timings":{"blocked":48,"dns":1,"connect":8,"send":0,"wait":34,"receive":25,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.lofey.xyz/js/cookienotice.js","fqdn":"www.lofey.xyz","domain":"lofey.xyz","tld":"xyz"},"ip":{"addr":"142.250.74.51","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.lofey.xyz/","date":"2025-11-11T22:24:06.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.lofey.xyz","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Wed, 22 Oct 2025 17:59:22 GMT","end":"Tue, 20 Jan 2026 18:51:34 GMT"},"fingerprint":{"sha1":"D8:C2:C9:CB:30:B9:FA:64:0A:BB:C2:47:C3:43:97:AB:7D:23:21:45","sha256":"DC:95:61:B4:88:7A:7A:F0:51:AB:31:5F:53:94:B4:51:BF:74:AE:ED:04:D8:DB:74:1A:5E:12:9F:DB:29:0D:02"}}},"request":{"raw":"GET /js/cookienotice.js HTTP/1.1\r\nHost: www.lofey.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.lofey.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"blogger-tech\"\r\nreport-to: {\"group\":\"blogger-tech\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/blogger-tech\"}]}\r\ncontent-length: 2026\r\ndate: Tue, 11 Nov 2025 22:24:06 GMT\r\nexpires: Tue, 18 Nov 2025 22:24:06 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Tue, 11 Nov 2025 11:54:06 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6513,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"a705132a2174f88e196ec3610d68faa8","sha1":"3bad57a48d973a678fec600d45933010f6edc659","sha256":"068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568","sha512":"e947d33e0e9c5e6516f05e0ea696406e4e09b458f85021bc3a217071ae14879b2251e65aec5d1935ca9af2433d023356298321564e1a41119d41be7c2b2d36d5","ssdeep":"96:q54UPzHFcJZ7haKemb/m2GzrzCXAl/MStzo41Pm+YsttcVcbYhyjcso13EZDjiat:q5rPzHgxm2GzaXeMnuzYstyryPhZD9","tlshash":"4fd1630938a7127d125fa03fb6bf515ab66410238101db08786dfa785fd5f42a8e4ffa","first_seen":"2023-03-07T01:02:24Z","last_seen":"2026-04-05T06:48:13.1847Z","times_seen":109449,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"www.lofey.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.blogger.com/static/v1/widgets/1601900224-widgets.js","fqdn":"www.blogger.com","domain":"blogger.com","tld":"com"},"ip":{"addr":"142.251.38.105","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.lofey.xyz/","date":"2025-11-11T22:24:06.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blogger.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:37:18 GMT","end":"Mon, 05 Jan 2026 08:37:17 GMT"},"fingerprint":{"sha1":"53:D6:04:72:15:45:52:04:C4:A6:93:27:0C:81:AB:99:E7:9E:B5:C3","sha256":"6F:04:2D:52:74:8C:3D:49:3B:D3:DB:78:5D:5F:B6:C9:FD:25:24:69:E4:E7:E8:8D:55:92:AE:0E:E9:CA:C3:79"}}},"request":{"raw":"GET /static/v1/widgets/1601900224-widgets.js HTTP/1.1\r\nHost: www.blogger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.lofey.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"blogger-tech\"\r\nreport-to: {\"group\":\"blogger-tech\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/blogger-tech\"}]}\r\ncontent-length: 52222\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 06 Nov 2025 09:53:19 GMT\r\nexpires: Fri, 06 Nov 2026 09:53:19 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 05 Nov 2025 13:55:53 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 477047\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":147718,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (4058)","md5":"d1b4ee405b6512766878bf55eb854784","sha1":"d7422e60b47546e68df7ac6d3ba59bc511e7ebb0","sha256":"8eaede2ddba0ec68b0d49993f6f40b54c742c28574f24532e9701e353acf3208","sha512":"1b9e0ba2ce917c52fa7902be5421a23b0c6412416f0b97829f596c0c513fc06eda7a2905452f25a9650f457dd7b29ad48a7514c325d311ad4a05c3956b50a2a5","ssdeep":"1536:FBVF5vRqzF9PwnrQc6MYse/412eRzfoPHd2NrAtSKUnvG1gMBSBZ/6di56D7Sey8:CF9Pnb412exgkNrPKHgz/9veyb0wcfN","tlshash":"5ce3f9d8b79270628373b4b5003f010ff13ab4aae84889acb188d9e57d749695677f7c","first_seen":"2025-10-20T03:30:49.724306Z","last_seen":"2025-11-30T11:46:00.668265Z","times_seen":6920,"resource_available":true,"data":null}},"time_used":457,"timings":{"blocked":200,"dns":62,"connect":20,"send":0,"wait":22,"receive":25,"ssl":122},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d1yei2z3i6k35z.cloudfront.net/2467993/67a6834d1a699_lv_0_20250207230243.mp4","fqdn":"d1yei2z3i6k35z.cloudfront.net","domain":"d1yei2z3i6k35z.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.240.174.128","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://www.lofey.xyz/","date":"2025-11-11T22:24:07.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /2467993/67a6834d1a699_lv_0_20250207230243.mp4 HTTP/1.1\r\nHost: d1yei2z3i6k35z.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.lofey.xyz/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ncontent-type: video/mp4\r\ncontent-length: 10661992\r\ndate: Sat, 11 Oct 2025 16:14:23 GMT\r\nlast-modified: Fri, 07 Feb 2025 22:03:58 GMT\r\netag: \"12e0a35a14cfb9f047311f5e483ea7ef\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: max-age=31536000, s-maxage=900\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-robots-tag: noindex\r\ncontent-range: bytes 0-10661991/10661992\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: Dk6wd0NK9v40qvc76Wh8IOqYl5ikHP24Vb6Gi99TH115YpgzOoZIYA==\r\nage: 2700585\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":1572864,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"ec70ab3ea00b8ff9c6a825af50d44684","sha1":"a24f1305f88eea3114a3237577f262b6b115b7cd","sha256":"6ba3cc385ef5e94bf1c34338698081c2894215ba3864a15069e8783eaf86377e","sha512":"a6698ee25e3c5c580fac8a9221d5acd53eee1d55f9349ae29b8be05457e814c96311034f0659928fc73536de004317d3f5b2fc3fea13d9d3f5b49241cd619778","ssdeep":"24576:SScJQNUXJKVzM2icM8v1s3usKlcZCluQDejlXaZzI:SScJQUXJJUBTl3DejhN","tlshash":"e02533dde6c15f71db36d810c8da4e13f6e17a6202a743ce172a1611b3cc25d6e0ba6b","first_seen":"2025-11-11T22:24:32.218229Z","last_seen":"2025-11-11T22:24:32.218229Z","times_seen":1,"resource_available":false,"data":null}},"time_used":117,"timings":{"blocked":18,"dns":21,"connect":1,"send":0,"wait":3,"receive":56,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i.scdn.co/image/ab67616d0000b273cbf794f1a7fd99ea84eadfc0","fqdn":"i.scdn.co","domain":"scdn.co","tld":"co"},"ip":{"addr":"23.36.77.105","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.lofey.xyz/","date":"2025-11-11T22:24:07.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.scdn.co","organization":"Spotify AB"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 27 Jun 2025 00:00:00 GMT","end":"Tue, 28 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1F:25:66:57:1B:87:1F:49:8D:C6:86:60:1B:C3:B4:89:84:72:4A:92","sha256":"FB:12:4E:1B:42:51:F1:34:85:E4:29:67:F9:E7:1B:F7:49:7F:01:C8:5A:8F:0D:71:71:38:3C:5B:27:97:49:88"}}},"request":{"raw":"GET /image/ab67616d0000b273cbf794f1a7fd99ea84eadfc0 HTTP/1.1\r\nHost: i.scdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.lofey.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 03 Dec 2024 05:05:38 GMT\r\netag: \"f7242bce7caf4037e82d5811bbc4eb23\"\r\ncontent-type: image/jpeg\r\nx-amz-checksum-crc32c: /QsnJA==\r\naccept-ranges: bytes\r\ncontent-length: 91498\r\nexpires: Tue, 11 Nov 2025 22:24:07 GMT\r\ndate: Tue, 11 Nov 2025 22:24:07 GMT\r\ncache-control: max-age=15780000\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 86400\r\naccess-control-allow-headers: range\r\naccess-control-allow-methods: GET\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":91498,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x640, components 3","md5":"f7242bce7caf4037e82d5811bbc4eb23","sha1":"10867763bdca0dbc1fcfe894fb818322136418c0","sha256":"de9f1f9d5749ec121a67680433664067de0a369421abdc507a98b1ac8dd799e0","sha512":"4ceb0902bac962affa480b777b27df6cb0130e93d3ebefbaa9dc4be638694ae7b0e4e5e2d581aa08c9935beae78a87d2061010729491e73dd0a33ae6714cb5ef","ssdeep":"1536:8mgaqBUeVQiJSI88G94Zzv0HMew/4ErBNRyaM9rEPs8eeidbhGL9yThdzW:8jaqTKivbZzvXqElNRyR9Q01hsL9P","tlshash":"aa93023018eb99e0bbb3a9254f924c4c1ccc5f0121fa99f121d6dd0dafb990a5b85d3b","first_seen":"2025-11-11T22:24:32.219613Z","last_seen":"2025-11-11T22:24:32.219613Z","times_seen":1,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":1,"dns":239,"connect":1,"send":0,"wait":17,"receive":3,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d1yei2z3i6k35z.cloudfront.net/2467993/67a6834d1a699_lv_0_20250207230243.mp4","fqdn":"d1yei2z3i6k35z.cloudfront.net","domain":"d1yei2z3i6k35z.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.240.174.128","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://www.lofey.xyz/","date":"2025-11-11T22:24:07.440Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /2467993/67a6834d1a699_lv_0_20250207230243.mp4 HTTP/1.1\r\nHost: d1yei2z3i6k35z.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=10616832-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.lofey.xyz/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ncontent-type: video/mp4\r\ncontent-length: 45160\r\ndate: Sat, 11 Oct 2025 16:14:23 GMT\r\nlast-modified: Fri, 07 Feb 2025 22:03:58 GMT\r\netag: \"12e0a35a14cfb9f047311f5e483ea7ef\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: max-age=31536000, s-maxage=900\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-robots-tag: noindex\r\ncontent-range: bytes 10616832-10661991/10661992\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: 0IQNzS7cezKgYlZdGXn5aK0F7c22Gw3sXd3IsTv7HOUbFV8ZXxjjAA==\r\nage: 2700585\r\nvary: Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":45160,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"2e1ff146604670d338059a1c5fdb0f12","sha1":"25abbed21f0edef0c1ce2fba7ced2afb06f2cc87","sha256":"27d27566bf397093d4db13317754f27935c1ac55b61dd368e812dbff49798ec0","sha512":"c36f267fda57309590e79ddcd8bb8cbdec8327af5dcc39c055d9b77f652f0003e7a72323acde039a7812f5343af0377bca7fed115b625811b8ab2d75db50d209","ssdeep":"768:YOjw0iuqQ2JKO8eg3xxvmTuo2dG09+Tqhrc4QF9GY3vLq703BA:3j3GKO8bxO6o2dzKv2YfrBA","tlshash":"c413489c33014b83d41d93b140e69b1af37ddbd5f30b279240e66b690ea9fee681a1c5","first_seen":"2025-11-11T22:24:32.221581Z","last_seen":"2025-11-11T22:24:32.221581Z","times_seen":1,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":9,"dns":1,"connect":1,"send":0,"wait":27,"receive":3,"ssl":6},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css","fqdn":"www.blogger.com","domain":"blogger.com","tld":"com"},"ip":{"addr":"142.251.38.105","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.lofey.xyz/","date":"2025-11-11T22:24:06.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blogger.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:37:18 GMT","end":"Mon, 05 Jan 2026 08:37:17 GMT"},"fingerprint":{"sha1":"53:D6:04:72:15:45:52:04:C4:A6:93:27:0C:81:AB:99:E7:9E:B5:C3","sha256":"6F:04:2D:52:74:8C:3D:49:3B:D3:DB:78:5D:5F:B6:C9:FD:25:24:69:E4:E7:E8:8D:55:92:AE:0E:E9:CA:C3:79"}}},"request":{"raw":"GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1\r\nHost: www.blogger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.lofey.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"blogger-tech\"\r\nreport-to: {\"group\":\"blogger-tech\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/blogger-tech\"}]}\r\ncontent-length: 6620\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 06 Nov 2025 10:01:50 GMT\r\nexpires: Fri, 06 Nov 2026 10:01:50 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 05 Nov 2025 13:55:53 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nage: 476536\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30597,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (30596)","md5":"e3f09df1bc175f411d1ec3dfb5afb17b","sha1":"3994ec3efe3c2447e7bbfdd97bb7e190dd1658f9","sha256":"1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617","sha512":"16164d66d452d7d343b1902fe5b864ffdee42811ee90952cbfe9efa9847c58c0403f944c8e29db2bc2384ccd516b629cb8765e5e51de37da6efd75962cf82530","ssdeep":"384:OVysImDyPWquJMpx/SCYW0h8+Rl9yaZwuJ86YKSQCNL/J69nKg93jW1gngRe2Fr/:OnIm6IvW0trVJw1gngRLFr/","tlshash":"1dd2c972a590201df237d726b893fa8d3218d563e7135eeed556b2b8cec56de0023329","first_seen":"2023-04-05T07:30:06Z","last_seen":"2026-03-13T23:53:05.525541Z","times_seen":28033,"resource_available":false,"data":null}},"time_used":350,"timings":{"blocked":162,"dns":65,"connect":20,"send":0,"wait":21,"receive":1,"ssl":78},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"files.catbox.moe/vnfdcj.jpg","fqdn":"files.catbox.moe","domain":"catbox.moe","tld":"moe"},"ip":{"addr":"108.181.20.35","port":443,"asn":40676,"as":"AS40676","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.lofey.xyz/","date":"2025-11-11T22:24:06.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"catbox.moe","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 Aug 2025 22:38:20 GMT","end":"Fri, 14 Nov 2025 22:38:19 GMT"},"fingerprint":{"sha1":"3C:AB:3C:2D:1C:35:C9:9D:9C:C0:6E:EA:95:4B:2C:D4:AB:1F:D4:0B","sha256":"1D:FE:BE:E7:E9:E9:E4:48:51:AD:2A:42:D9:5A:CD:EE:5C:F5:0B:37:7B:D8:81:89:15:E6:97:C5:62:F9:8E:AE"}}},"request":{"raw":"GET /vnfdcj.jpg HTTP/1.1\r\nHost: files.catbox.moe\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.lofey.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 11 Nov 2025 22:24:07 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 866499\r\nlast-modified: Wed, 29 Oct 2025 10:22:40 GMT\r\netag: \"6901eaf0-d38c3\"\r\nx-content-type-options: nosniff\r\ncontent-security-policy: default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":866499,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7], baseline, precision 8, 1080x1985, components 3","md5":"211bd1c2813abd2867ad09e286020cf9","sha1":"76f82c881da0fef7132c6147a320c8ab8e4ea546","sha256":"1eacd131f20b19e0fdf40b19a3d0267093c9432638ea06de74a08371efe46f04","sha512":"40d679777974f8579c5d6d60680aca8c56b6f3c5695e7aa4c4f6851f6990a051bf38ca8e7329371cdd699aa6109d925bf83c16d5bb24d25f02d97cfb4ef260a4","ssdeep":"24576:amFwDGwF4cz6+d/zdoXDFAK92nT7+Pkdtncvd6C53hCIwLyc3O:kG+4P+d/zGDFAKAqPkgf53hCIs+","tlshash":"9c0533fc2abc6516c419579f6e42333653e8d404b108ddb8a9ddbc36cc39a8a93ed04d","first_seen":"2025-11-11T22:24:32.225077Z","last_seen":"2025-11-11T22:24:32.225077Z","times_seen":1,"resource_available":false,"data":null}},"time_used":14103,"timings":{"blocked":630,"dns":14,"connect":147,"send":0,"wait":432,"receive":12405,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-11","alert":"Sinkholed","trigger":"files.catbox.moe","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipapi.co/json/","fqdn":"ipapi.co","domain":"ipapi.co","tld":"co"},"ip":{"addr":"172.67.69.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.lofey.xyz/","date":"2025-11-11T22:24:07.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ipapi.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 21 Oct 2025 08:31:42 GMT","end":"Mon, 19 Jan 2026 09:31:40 GMT"},"fingerprint":{"sha1":"18:54:BC:32:F5:78:9E:49:22:F8:83:70:B5:69:C4:53:F0:B0:C2:36","sha256":"85:63:48:DD:A0:B5:06:15:E8:95:A8:A5:FE:8A:2E:A0:80:42:CE:75:9D:8E:2D:D7:B4:63:F1:93:4C:24:32:59"}}},"request":{"raw":"GET /json/ HTTP/1.1\r\nHost: ipapi.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.lofey.xyz/\r\nOrigin: https://www.lofey.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 11 Nov 2025 22:24:07 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nallow: OPTIONS, OPTIONS, POST, HEAD, GET\r\nx-frame-options: DENY\r\nvary: Host, origin\r\naccess-control-allow-origin: https://www.lofey.xyz\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\ncross-origin-opener-policy: same-origin\r\ncontent-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.stripe.com https://*.paddle.com https://www.google.com https://www.gstatic.com https://maps.gstatic.com https://maps.googleapis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://*.paddle.com https://fonts.gstatic.com https://fonts.googleapis.com; img-src 'self' data: https://ipapi.co https://maps.gstatic.com https://maps.googleapis.com https://*.stripe.com; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com; frame-src 'self' https://www.google.com https://*.stripe.com https://*.paddle.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; connect-src 'self' https://ipapi.co/ https://*.paddle.com https://*.stripe.com https://maps.googleapis.com https://www.google.com/recaptcha/; object-src 'none'; frame-ancestors 'none'; base-uri 'self'; form-action 'self';\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4KPhIB61U4RUrVwMWFWhuAtJNF27QyBsilI2%2Fc4eJ9mHav%2FMIh4jYef3lmfWJiHh%2FWgWGqhGSTL0RJ8jhmt3oCXUO%2FVN\"}]}\r\ncontent-encoding: br\r\ncf-ray: 99d132abefd50b51-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":744,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"40c8e95c69de686d0c156eae339d70c1","sha1":"8d7d7b68d19f0ae679968eedafcf406076020a63","sha256":"1951ac5f1f199d7e85b6b415f6b97d4fdc2eaa14dbca1d383b1344152b363ad3","sha512":"1fd0c3721c99293f399b7a43f2a692403e90c00b241c50de49dddd8be82bdd1af739ce1fb8d6acbd49ae5771af871248ee86c4dd63a1c70200a5ade57727d291","ssdeep":"","tlshash":"ef01df68e4680e7b9cb9135cb42869072274220b5e16358e7bd49b8d0f8e9bf30b574e","first_seen":"2025-11-05T10:12:41.003038Z","last_seen":"2025-11-19T07:36:36.728532Z","times_seen":733,"resource_available":false,"data":null}},"time_used":283,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":242,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}