{"report_id":"b031aa59-b12a-4209-b3cc-c640dad994f2","version":6,"status":"done","tags":[],"date":"2025-09-23T19:14:51Z","url":{"schema":"http","addr":"about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","fqdn":"about.kozak.cx.ua","domain":"kozak.cx.ua","tld":"cx.ua"},"ip":{"addr":"104.21.55.132","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","fqdn":"about.kozak.cx.ua","domain":"kozak.cx.ua","tld":"cx.ua"},"title":"Хто донька Магнето? - Професійні рішення"},"submit":{"url":{"schema":"http","addr":"about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","fqdn":"about.kozak.cx.ua","domain":"kozak.cx.ua","tld":"cx.ua"},"ip":{"addr":"104.21.55.132","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-28T19:14:51Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":10}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"js.wpushsdk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"storage.multstorage.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"js.wpadmngr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"fp.metricswpsh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"ba594324dd.0ca5b8dbfd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"na.nawpush.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"e420a96d53.d0d9f1bb4b.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"js.capndr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"about.kozak.cx.ua","ip":{"addr":"172.67.148.48","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-04-28","domain_rank":0,"first_seen":"2025-09-23T19:14:52.826949Z","last_seen":"2025-09-23T19:14:52.82695Z","alert_count":0,"request_count":13,"received_data":312083,"sent_data":7657,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"js.wpshsdk.com","ip":{"addr":"45.133.44.53","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2021-06-04","domain_rank":343711,"first_seen":"2021-06-04T13:50:00Z","last_seen":"2025-09-22T04:22:57.025948Z","alert_count":0,"request_count":1,"received_data":32018,"sent_data":426,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"static.bookmsg.com","ip":{"addr":"45.133.44.24","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2020-09-15","domain_rank":169473,"first_seen":"2020-11-24T14:56:32Z","last_seen":"2025-09-22T05:42:10.504873Z","alert_count":0,"request_count":4,"received_data":4502,"sent_data":1900,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"js.wpadmngr.com","ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2021-06-02","domain_rank":77954,"first_seen":"2021-06-02T14:43:46Z","last_seen":"2025-09-22T04:22:57.088896Z","alert_count":1,"request_count":1,"received_data":149823,"sent_data":425,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fp.metricswpsh.com","ip":{"addr":"157.90.84.242","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2021-10-29","domain_rank":154722,"first_seen":"2022-04-22T11:20:32Z","last_seen":"2025-09-22T04:22:56.734415Z","alert_count":2,"request_count":2,"received_data":825,"sent_data":1068,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"na.nawpush.com","ip":{"addr":"45.133.44.25","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2020-12-21","domain_rank":175362,"first_seen":"2020-12-23T08:18:12Z","last_seen":"2025-09-22T04:22:56.83506Z","alert_count":1,"request_count":1,"received_data":2782,"sent_data":487,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"e420a96d53.d0d9f1bb4b.com","ip":{"addr":"45.133.44.53","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2025-08-24","domain_rank":0,"first_seen":"2025-09-23T01:57:15.298537Z","last_seen":"2025-09-23T01:57:15.298537Z","alert_count":1,"request_count":1,"received_data":345,"sent_data":845,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"js.capndr.com","ip":{"addr":"45.133.44.53","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2021-08-30","domain_rank":156902,"first_seen":"2021-08-30T12:51:01Z","last_seen":"2025-09-22T04:22:56.451367Z","alert_count":1,"request_count":1,"received_data":399,"sent_data":418,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"storage.multstorage.com","ip":{"addr":"76.223.26.96","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2023-09-22","domain_rank":101055,"first_seen":"2023-09-22T12:56:00Z","last_seen":"2025-09-22T04:22:56.330315Z","alert_count":1,"request_count":1,"received_data":144,"sent_data":541,"comment":"","tags":null,"fingerprints":[{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]}]},{"fqdn":"ntvpforever.com","ip":{"addr":"168.119.25.102","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2021-11-18","domain_rank":18811,"first_seen":"2021-11-19T01:49:18Z","last_seen":"2025-09-22T04:22:55.915312Z","alert_count":0,"request_count":2,"received_data":698,"sent_data":1046,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"nereserv.com","ip":{"addr":"168.119.25.102","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2020-12-21","domain_rank":17097,"first_seen":"2020-12-21T11:07:56Z","last_seen":"2025-09-22T05:20:24.435817Z","alert_count":2,"request_count":1,"received_data":322,"sent_data":611,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ba594324dd.0ca5b8dbfd.com","ip":{"addr":"116.202.249.56","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2025-08-24","domain_rank":0,"first_seen":"2025-09-23T03:57:42.672335Z","last_seen":"2025-09-23T03:57:42.672336Z","alert_count":4,"request_count":4,"received_data":45634,"sent_data":7911,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"js.wpushsdk.com","ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2021-05-07","domain_rank":210235,"first_seen":"2021-05-07T12:03:12Z","last_seen":"2025-09-23T15:40:28.760056Z","alert_count":2,"request_count":2,"received_data":815184,"sent_data":850,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"clickua200.pp.ua","ip":{"addr":"134.209.192.77","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"domain_registered":"2023-09-22","domain_rank":7006641,"first_seen":"2023-09-22T23:00:51Z","last_seen":"2025-09-14T06:12:04.37718Z","alert_count":0,"request_count":1,"received_data":470,"sent_data":437,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"accounts.google.com","ip":{"addr":"64.233.164.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":103,"first_seen":"2012-05-23T06:57:57Z","last_seen":"2025-09-21T22:18:44.028378Z","alert_count":0,"request_count":3,"received_data":6794,"sent_data":1749,"comment":"","tags":null,"fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"js.wpshsdk.com/npc/sdk/push.m.js?v=1","fqdn":"js.wpshsdk.com","domain":"wpshsdk.com","tld":"com"},"ip":{"addr":"45.133.44.53","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d8575fbbf73a8ff30ff1938a43e664d0","sha1":"d2785dd9892fdadb8703f655b056b02dd1cb5b8d","sha256":"50c8fdcb3cc08967158d65ade7da8ac61718b8a1babc00e13b930367e571aedc","sha512":"8c16a650ae6509952a46206931e89d7ab016ce4f534770e2b9e5d2a4b7fc1c2394a2ed5c454f9fb6d6a99f6b423e2775956ce8ec9c88f686b940a450dfc72078","ssdeep":"768:CuKhVWPsJiRx8Useb6uvOdtkp6O4AQet1/:CuKHesJiXWpuvOdtkQLAf","tlshash":"2be21a88b381b2b4479720b2587f6742b336651a7403c540f367ebc0b869e9fd336b69","size":31631,"data":"","first_seen":"2025-09-01T17:49:28.814065Z","last_seen":"2026-02-06T10:34:46.272483Z","times_seen":1059,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.wpushsdk.com/npc/sdk/wpu/npush.m.js","fqdn":"js.wpushsdk.com","domain":"wpushsdk.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d7cd36d087bd2fcb2a81f36ed02bb9d6","sha1":"a8d8d23869914f1d6f3da0e32412b408657303ce","sha256":"b4cfebb0a9145aab8ed4ef298e65ddcc7a72532794b5a9597cf7079b50c54393","sha512":"373aea8b4c35dbddcdd88d7bfd4975e3a954b423d506f6b20f7e51cdbf0ec5f9f3fca7ec9c627bee94e07b29d3196813feca92fd45013f903c702d46abdec16a","ssdeep":"1536:gO4lqELn1iLrPazoEdJWvMrXaGOdDW81uw2lBUM3DrXLiROtVXlhC5jGzIEFmtH8:+dLYeeeMD1uPleM3HXpXqjGz/mGUR4ki","tlshash":"b1245cc9b685343503a7a17a806f020af73c3905751a44acf5b5dee228bad8e6377f71","size":227058,"data":"","first_seen":"2025-09-23T09:04:11.504226Z","last_seen":"2025-09-24T14:22:58.909195Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.wpushsdk.com/skins/nmain.m.js","fqdn":"js.wpushsdk.com","domain":"wpushsdk.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f6501a94365fc110d6eae57f82b00827","sha1":"741cd16b75be76e70c7ceb458983e78f71ce06e5","sha256":"218abc3aa95f216030dde57132c71b47b7f2a81282309985374c992c9af1233b","sha512":"4425e04dbd46a9abe9e5d77082eb4c5785c08f17e13b6e76fe7dbbab9f32400d47cddac018c9d50a69d6ec5abc62db975dcd6a3ae135d8f79dd97ed2b4409c87","ssdeep":"12288:mkCz69xMy6+/Rxvav3SEHgi5KV996C9tSuIiVG+u16XBjIu77cP98y2ohtZJFp8U:7CzsAgEKV9hVN7XBc6qhCctn","tlshash":"46c449212291113db07fc4c6aa662b8e336df207e9134f14f9afaba583d7d54f625384","size":587350,"data":"","first_seen":"2025-09-23T09:04:11.526812Z","last_seen":"2025-10-07T07:54:23.13266Z","times_seen":187,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickua200.pp.ua/?te=g43dmytggy5ha3ddf4ytanjqgi","fqdn":"clickua200.pp.ua","domain":"clickua200.pp.ua","tld":"pp.ua"},"ip":{"addr":"134.209.192.77","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"f495e69f2e9edc75eeae7dd3ea78a747","sha1":"a89e38bbe70fa2de5db9d578975abd4e9dcda52e","sha256":"8bf4c7cf443426b4cd8b5a56d22109b4e70314c1d2b8d0eb68887696722c132c","sha512":"3fd0afcb046ea60710b769bab0a70d6474af6fc6e881277b0b17964c74cb7edb539a758f4b87a689ce9a52a20674cc88fa8cb9c2a337785cd060d8a5bdefa85e","ssdeep":"","tlshash":"1e5000c000003003300003000f00c00000000c00003000000000000000000c00c00000","size":10,"data":"","first_seen":"2023-03-07T01:03:06Z","last_seen":"2026-06-01T09:07:33.605229Z","times_seen":3637,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.wpadmngr.com/static/adManager.js","fqdn":"js.wpadmngr.com","domain":"wpadmngr.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"efd0d8736506eaf15f451fad2872d8f3","sha1":"2b3504b41f849c55de197face6135aad5a022a03","sha256":"fad4c62fc8e3657fcef74aacf53990a46cbf496fce2afb6daa1dfea79a0daef0","sha512":"901b8b7a39b4cf2939a8739e9b84c03bc37e7dd36048b15f57da60366e7f8dd923ebe21f46795c72474f330800c074ee79e8e2aed19e23ae8ed1d945f97e31ad","ssdeep":"1536:Zmc1pgoXEItQyJUGxdxOkxXK37CVBYEvtskaHIOPVKIZivAB5R1NKvfVf3dnCW+0:5UGzxlJKubxvtsH3nivATL8r+da","tlshash":"03e339c9b2d2b47407e75099d43f1206f33a1a16b80c9058f6a6e9c17878ddb9237f7a","size":149435,"data":"","first_seen":"2025-09-22T10:59:39.804812Z","last_seen":"2025-10-02T09:39:22.155066Z","times_seen":250,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"about.kozak.cx.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"about.kozak.cx.ua","domain":"kozak.cx.ua","tld":"cx.ua"},"ip":{"addr":"172.67.148.48","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-01T18:11:37.144444Z","times_seen":357231,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"about.kozak.cx.ua/wp-content/themes/martanda/js/back-to-top.min.js?ver=1.1.3","fqdn":"about.kozak.cx.ua","domain":"kozak.cx.ua","tld":"cx.ua"},"ip":{"addr":"172.67.148.48","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"27936a22cbbfbcb5840aa886b1fc60ec","sha1":"a4c94932ecfb54e37d4246ebfb0827cca0184926","sha256":"c549e8fb734127151d59eb8e5c1616f51aa4b9c043bb074dcccad72ed2b32e8f","sha512":"019608745f66114a0e23861be231b7cdf6b6d8809a69bcbd1244c1d0ecd37e597d54959a74affa2f81fe37088e2fd0b74e6a88420eb6cf2c76c4730f23f8affe","ssdeep":"","tlshash":"f111e3f96111907004bbd69a31afbb45753150f663020421426dcd5596bcddfa5317fa","size":881,"data":"","first_seen":"2025-05-10T19:17:17.961483Z","last_seen":"2026-05-16T13:06:35.513442Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"about.kozak.cx.ua/wp-content/themes/martanda/fonts/JosefinSans-Bold.woff2","fqdn":"about.kozak.cx.ua","domain":"kozak.cx.ua","tld":"cx.ua"},"ip":{"addr":"172.67.148.48","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:28.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kozak.cx.ua","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Sep 2025 20:34:10 GMT","end":"Wed, 17 Dec 2025 21:32:33 GMT"},"fingerprint":{"sha1":"4D:E5:5C:6E:11:3A:C2:EF:50:1C:F2:47:22:F9:FF:9D:8C:2A:AC:80","sha256":"C2:65:08:01:2B:C4:E4:76:07:A9:8E:25:24:C3:CA:3C:AA:63:2E:88:25:FA:E3:95:0F:F6:64:50:0E:39:2D:09"}}},"request":{"raw":"GET /wp-content/themes/martanda/fonts/JosefinSans-Bold.woff2 HTTP/1.1\r\nHost: about.kozak.cx.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html\r\nCookie: se=-; country=NO; 29abed27e59fd322b0663a23e30d1dbc=1\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Sep 2025 19:14:28 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 21564\r\nlast-modified: Mon, 12 May 2025 06:09:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"68219098-543c\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HDeXsbi%2FqlqO7LvAU3ehhi5fbR5oIJ%2FoR52CpKJcvKUer17hlU4acFEaL7OcGH35mq24plTp%2F8ZKThSxCJUPE7o8Cf8IT6j3LF0LobW9eMs4\"}]}\r\nvary: accept-encoding\r\ncf-ray: 983c5d7ffec58deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21564,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 21564, version 1.0","md5":"2c9e5ad11c41f2f1e16498bec792cb08","sha1":"915607f730556fd8bb16bd2600149a3bbc0a2ab8","sha256":"0d690e2d218c9dabf3f74d5a2ece35a224bc25818d076587d610e80102560190","sha512":"a43eade0ab664c04cea05a0165d13d8880d847897f2c26fa79fe0da67c1fa6fa10e5e7f8f6da0ece156f5aa3828200dc419393f455d2bf7c4ef8b2a651974f39","ssdeep":"384:ByvjNhINP6bOTFEluuvTpkcK4/C9BMI33Exb9NdPmmeL4MmHrD9iEfN2orBrho:ByPI96CTFEJvTCX4gR3q4L8939iE7Nrm","tlshash":"47a2e12fb6659731f3649f3e3de8c9dcbc304ae2a17584bb16188442926940d8c9b7db","first_seen":"2025-09-23T19:14:58.953661Z","last_seen":"2026-05-22T10:48:58.272725Z","times_seen":3,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.wpushsdk.com/skins/nmain.m.js","fqdn":"js.wpushsdk.com","domain":"wpushsdk.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:29.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"js.wpushsdk.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Sep 2025 08:32:39 GMT","end":"Tue, 02 Dec 2025 08:32:38 GMT"},"fingerprint":{"sha1":"60:0F:5E:BC:74:09:D9:0B:43:F4:67:D4:E5:3C:8D:6B:66:34:81:96","sha256":"91:ED:2F:10:60:88:EF:A8:60:89:46:1D:A0:EE:FE:F2:2B:45:01:4E:99:DB:7E:CD:D5:3E:A9:E4:08:26:B6:40"}}},"request":{"raw":"GET /skins/nmain.m.js HTTP/1.1\r\nHost: js.wpushsdk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Sep 2025 19:14:29 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx/1.18.0\r\nlast-modified: Tue, 23 Sep 2025 08:58:40 GMT\r\netag: W/\"68d26140-8f656\"\r\ncontent-encoding: gzip\r\nexpires: Tue, 23 Sep 2025 19:19:29 GMT\r\ncache-control: max-age=300\r\nx-cdn-host-id: DS8137\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":587350,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators","md5":"f6501a94365fc110d6eae57f82b00827","sha1":"741cd16b75be76e70c7ceb458983e78f71ce06e5","sha256":"218abc3aa95f216030dde57132c71b47b7f2a81282309985374c992c9af1233b","sha512":"4425e04dbd46a9abe9e5d77082eb4c5785c08f17e13b6e76fe7dbbab9f32400d47cddac018c9d50a69d6ec5abc62db975dcd6a3ae135d8f79dd97ed2b4409c87","ssdeep":"12288:mkCz69xMy6+/Rxvav3SEHgi5KV996C9tSuIiVG+u16XBjIu77cP98y2ohtZJFp8U:7CzsAgEKV9hVN7XBc6qhCctn","tlshash":"46c449212291113db07fc4c6aa662b8e336df207e9134f14f9afaba583d7d54f625384","first_seen":"2025-09-23T09:04:11.526812Z","last_seen":"2025-10-07T07:54:23.13266Z","times_seen":187,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"js.wpushsdk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp","fqdn":"static.bookmsg.com","domain":"bookmsg.com","tld":"com"},"ip":{"addr":"45.133.44.24","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:30.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bookmsg.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 02:32:45 GMT","end":"Mon, 27 Oct 2025 02:32:44 GMT"},"fingerprint":{"sha1":"30:1F:04:06:2B:99:7A:B4:24:F9:4B:DB:29:5F:D7:52:7F:F4:FE:45","sha256":"27:BC:39:2A:E4:27:93:38:6A:79:24:38:E8:BD:2C:D0:7E:10:40:F0:EE:3D:C9:54:7A:0E:39:62:7C:27:AE:FA"}}},"request":{"raw":"GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp HTTP/1.1\r\nHost: static.bookmsg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Sep 2025 19:14:30 GMT\r\ncontent-type: image/webp\r\ncontent-length: 486\r\nserver: nginx/1.24.0\r\nlast-modified: Fri, 31 May 2024 10:56:43 GMT\r\netag: \"6659aceb-1e6\"\r\nexpires: Wed, 23 Sep 2026 19:14:30 GMT\r\ncache-control: max-age=31536000\r\nx-cdn-host-id: DS5058\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":486,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ceeb4e8840c24621c0e0352b42b38a5b","sha1":"03cbceb0134a39267014595938705e2916580644","sha256":"50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3","sha512":"80d4128488580567597ba5eb65dbff2dd4a8efc625c64cac6a027a1bb5c229545206669f04a50a252b54f471bee4fdc892e6bfe8347a50dd216bba67bd671a03","ssdeep":"","tlshash":"9bf00544191cd36c2a3c607afd74eb74a4074aa459226017cce447b08956811e856c1c","first_seen":"2024-02-20T18:30:33Z","last_seen":"2026-06-01T18:04:59.502578Z","times_seen":11404,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":55,"dns":15,"connect":19,"send":0,"wait":19,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"about.kozak.cx.ua/wp-content/themes/martanda/fonts/JosefinSans-Regular.woff2","fqdn":"about.kozak.cx.ua","domain":"kozak.cx.ua","tld":"cx.ua"},"ip":{"addr":"172.67.148.48","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:28.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kozak.cx.ua","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Sep 2025 20:34:10 GMT","end":"Wed, 17 Dec 2025 21:32:33 GMT"},"fingerprint":{"sha1":"4D:E5:5C:6E:11:3A:C2:EF:50:1C:F2:47:22:F9:FF:9D:8C:2A:AC:80","sha256":"C2:65:08:01:2B:C4:E4:76:07:A9:8E:25:24:C3:CA:3C:AA:63:2E:88:25:FA:E3:95:0F:F6:64:50:0E:39:2D:09"}}},"request":{"raw":"GET /wp-content/themes/martanda/fonts/JosefinSans-Regular.woff2 HTTP/1.1\r\nHost: about.kozak.cx.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html\r\nCookie: se=-; country=NO; 29abed27e59fd322b0663a23e30d1dbc=1\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Sep 2025 19:14:28 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 22180\r\nlast-modified: Mon, 12 May 2025 06:09:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"68219098-56a4\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zPcgFGeP%2FNZJMYwpWvwReZuv5PDJLgrWmJQMjhHOu9UeT1KmmCk%2FZy7siWOwtdAEvCi7IxDL7A6Iu0%2BsT5cA4ZAveQ0cdKQPQe%2B%2B5K5uFLCK\"}]}\r\nvary: accept-encoding\r\ncf-ray: 983c5d7ffec48deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22180,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 22180, version 1.0","md5":"c2a264d5ae2d0359c9d9cca454cc217c","sha1":"520163d3a71a59ca708aef1cc59b4820dcdd817b","sha256":"ce10ac6b9fe328fe28f14babe48ccfcf21ddffd7f6f12966dd27c1521104a049","sha512":"e6fb4a09358686a8f6c24dbb3b8a63d393926de2563a5a1a276e212b75a7933ce6c68992eae3c8188140143795b01dbce60163338a4a1ef2dcc23fc620641af7","ssdeep":"384:PSQLFgbOQKq5CeOdbbQap52Sh87OEHQCFkAJDqjyRwgJ2j:PlpAOQZ5CeOd3p5zoxFkY7R8j","tlshash":"7aa2d0842dae1489a7ad7e2b45941be86e019143c41f06e771c02faa9327b87ca5b37d","first_seen":"2025-09-23T19:14:58.957284Z","last_seen":"2025-10-01T02:18:56.615167Z","times_seen":2,"resource_available":false,"data":null}},"time_used":80,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":56,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"storage.multstorage.com/log/count.html","fqdn":"storage.multstorage.com","domain":"multstorage.com","tld":"com"},"ip":{"addr":"76.223.26.96","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:29.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"storage.multstorage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 02:54:50 GMT","end":"Mon, 22 Dec 2025 02:54:49 GMT"},"fingerprint":{"sha1":"A7:F0:92:B0:60:17:0F:89:16:0D:51:27:DB:FE:C6:A0:D9:39:15:0F","sha256":"D8:BB:7C:8D:91:E4:6A:95:F9:86:5F:70:CE:DE:E9:AA:14:7C:0B:84:56:FC:96:09:E6:62:FD:5E:68:8E:E2:11"}}},"request":{"raw":"GET /log/count.html HTTP/1.1\r\nHost: storage.multstorage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 410 Gone\r\nalt-svc: h3=\":50944\"; ma=2592000\r\nserver: Caddy\r\ncontent-length: 0\r\ndate: Tue, 23 Sep 2025 19:14:29 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"410","status_text":"Gone","fingerprints":[{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":580,"timings":{"blocked":278,"dns":225,"connect":1,"send":0,"wait":21,"receive":0,"ssl":52},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"storage.multstorage.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ntvpforever.com/keywords","fqdn":"ntvpforever.com","domain":"ntvpforever.com","tld":"com"},"ip":{"addr":"168.119.25.102","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:29.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 02:36:27 GMT","end":"Tue, 25 Nov 2025 02:36:26 GMT"},"fingerprint":{"sha1":"64:AC:96:73:4F:92:FF:85:D0:1E:15:16:DA:B2:A2:8F:FA:02:1D:05","sha256":"1B:3E:09:8B:67:DE:C9:73:00:B7:68:C4:8A:D7:17:4D:D5:19:A0:85:23:3B:65:9C:31:C6:FB:A5:8E:BA:22:83"}}},"request":{"raw":"OPTIONS /keywords HTTP/1.1\r\nHost: ntvpforever.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://about.kozak.cx.ua/\r\nOrigin: https://about.kozak.cx.ua\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx/1.18.0\r\ndate: Tue, 23 Sep 2025 19:14:29 GMT\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":201,"timings":{"blocked":79,"dns":7,"connect":24,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp","fqdn":"static.bookmsg.com","domain":"bookmsg.com","tld":"com"},"ip":{"addr":"45.133.44.24","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:30.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bookmsg.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 02:32:45 GMT","end":"Mon, 27 Oct 2025 02:32:44 GMT"},"fingerprint":{"sha1":"30:1F:04:06:2B:99:7A:B4:24:F9:4B:DB:29:5F:D7:52:7F:F4:FE:45","sha256":"27:BC:39:2A:E4:27:93:38:6A:79:24:38:E8:BD:2C:D0:7E:10:40:F0:EE:3D:C9:54:7A:0E:39:62:7C:27:AE:FA"}}},"request":{"raw":"GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp HTTP/1.1\r\nHost: static.bookmsg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Sep 2025 19:14:30 GMT\r\ncontent-type: image/webp\r\ncontent-length: 486\r\nserver: nginx/1.24.0\r\nlast-modified: Fri, 31 May 2024 10:56:43 GMT\r\netag: \"6659aceb-1e6\"\r\nexpires: Wed, 23 Sep 2026 19:14:30 GMT\r\ncache-control: max-age=31536000\r\nx-cdn-host-id: DS5058\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":486,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ceeb4e8840c24621c0e0352b42b38a5b","sha1":"03cbceb0134a39267014595938705e2916580644","sha256":"50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3","sha512":"80d4128488580567597ba5eb65dbff2dd4a8efc625c64cac6a027a1bb5c229545206669f04a50a252b54f471bee4fdc892e6bfe8347a50dd216bba67bd671a03","ssdeep":"","tlshash":"9bf00544191cd36c2a3c607afd74eb74a4074aa459226017cce447b08956811e856c1c","first_seen":"2024-02-20T18:30:33Z","last_seen":"2026-06-01T18:04:59.502578Z","times_seen":11404,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":122,"dns":13,"connect":23,"send":0,"wait":19,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"about.kozak.cx.ua/wp-includes/css/dist/block-library/style.min.css?ver=6.8.1","fqdn":"about.kozak.cx.ua","domain":"kozak.cx.ua","tld":"cx.ua"},"ip":{"addr":"172.67.148.48","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:28.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kozak.cx.ua","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Sep 2025 20:34:10 GMT","end":"Wed, 17 Dec 2025 21:32:33 GMT"},"fingerprint":{"sha1":"4D:E5:5C:6E:11:3A:C2:EF:50:1C:F2:47:22:F9:FF:9D:8C:2A:AC:80","sha256":"C2:65:08:01:2B:C4:E4:76:07:A9:8E:25:24:C3:CA:3C:AA:63:2E:88:25:FA:E3:95:0F:F6:64:50:0E:39:2D:09"}}},"request":{"raw":"GET /wp-includes/css/dist/block-library/style.min.css?ver=6.8.1 HTTP/1.1\r\nHost: about.kozak.cx.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html\r\nCookie: se=-; country=NO; 29abed27e59fd322b0663a23e30d1dbc=1\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Sep 2025 19:14:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 08 Jul 2025 10:02:48 GMT\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"686cecc8-1c679\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0pgtCQsFoqIYhgpidUfdohcHDIzXj7xBaBBhbOgAtBUszXOSPV%2FqL8osFjoxn%2BhlwKUOYQKuzjuTpW%2FqnX3HAjkFp1EQNKEgNcFcsZr7uuV6\"}]}\r\ncf-ray: 983c5d7f2ea08deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":116345,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (55654)","md5":"a06b3af98203ddc303997e0e0caaff83","sha1":"04c3e7de74a890d18014588c4e1f077a52d79acc","sha256":"838ede31a58a3cdb411d6dd7f13cbe65d4a26193d9fa31882854e63938f12bac","sha512":"4ce1079b8dc07043b0201dc74f5888b50aa530a4e604eecd7673e225946de62c421b290a707014ddaf4366591f8c4767737b5689bc44d57eb0a11aef905cead9","ssdeep":"3072:seeJu1iQg5MG7x+qehvP0x2pck2qkA3Pu:b1iQg5MG7x+qehvP0x2pck2lA2","tlshash":"34b3615417b4dcf935ffa73a5e4ee248a503aa41c68a57ebe066d190618ca490cf3f0f","first_seen":"2025-07-15T17:03:07.843749Z","last_seen":"2026-06-01T17:58:04.615876Z","times_seen":173547,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":61,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"about.kozak.cx.ua/wp-content/themes/martanda/fonts/JosefinSans-SemiBold.woff2","fqdn":"about.kozak.cx.ua","domain":"kozak.cx.ua","tld":"cx.ua"},"ip":{"addr":"172.67.148.48","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:28.484Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kozak.cx.ua","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Sep 2025 20:34:10 GMT","end":"Wed, 17 Dec 2025 21:32:33 GMT"},"fingerprint":{"sha1":"4D:E5:5C:6E:11:3A:C2:EF:50:1C:F2:47:22:F9:FF:9D:8C:2A:AC:80","sha256":"C2:65:08:01:2B:C4:E4:76:07:A9:8E:25:24:C3:CA:3C:AA:63:2E:88:25:FA:E3:95:0F:F6:64:50:0E:39:2D:09"}}},"request":{"raw":"GET /wp-content/themes/martanda/fonts/JosefinSans-SemiBold.woff2 HTTP/1.1\r\nHost: about.kozak.cx.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html\r\nCookie: se=-; country=NO; 29abed27e59fd322b0663a23e30d1dbc=1\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Sep 2025 19:14:28 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 22144\r\nlast-modified: Mon, 12 May 2025 06:09:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"68219098-5680\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KIHkLp1UztYaXoP6WUs5cJ99Do6bxxLvkcoMAqDceB251zT%2Fwg9PVYpqNWTOKnraLWSuPyi5pD%2Fl40k2jatwuM37kaiT4rowbtRUY5%2BLc4TN\"}]}\r\nvary: accept-encoding\r\ncf-ray: 983c5d800ec68deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22144,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 22144, version 1.0","md5":"23da495b26d5a10964f1bdcce2dde0ed","sha1":"60fc176454a863282c15035fe51aeded8f9690ba","sha256":"7f3e9fbb9920b4c1e6196e0b303d7a22d87c681da3354160e3a4516f530e4215","sha512":"6ead6390eb0c97c465fbc3729f51b1a04bac821839d1428506efa4c3115cefa5f9ffa570fc2e0fca84fabdeb9ed4bff2212067fe487083d84da126a1b407d58a","ssdeep":"384:sWfR3G+KwLuITpcrTESKrqAhrHEOX9I35JSoB3+CHl8n9Cz5/VI:sWfR2+LuK+TESKrqq3X9QS03805tI","tlshash":"3aa2e1d14cb1ac540c27992a6427e6b3760a1b0397cd8cf323b79b5726b89b10e5e53d","first_seen":"2025-09-23T19:14:58.959392Z","last_seen":"2025-10-01T02:18:56.613125Z","times_seen":2,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.wpushsdk.com/npc/sdk/wpu/npush.m.js","fqdn":"js.wpushsdk.com","domain":"wpushsdk.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:29.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"js.wpushsdk.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Sep 2025 08:32:39 GMT","end":"Tue, 02 Dec 2025 08:32:38 GMT"},"fingerprint":{"sha1":"60:0F:5E:BC:74:09:D9:0B:43:F4:67:D4:E5:3C:8D:6B:66:34:81:96","sha256":"91:ED:2F:10:60:88:EF:A8:60:89:46:1D:A0:EE:FE:F2:2B:45:01:4E:99:DB:7E:CD:D5:3E:A9:E4:08:26:B6:40"}}},"request":{"raw":"GET /npc/sdk/wpu/npush.m.js HTTP/1.1\r\nHost: js.wpushsdk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Sep 2025 19:14:29 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx/1.18.0\r\nlast-modified: Tue, 23 Sep 2025 08:58:48 GMT\r\netag: W/\"68d26148-376f2\"\r\ncontent-encoding: gzip\r\nexpires: Tue, 23 Sep 2025 19:19:29 GMT\r\ncache-control: max-age=300\r\nx-cdn-host-id: DS8137\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":227058,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d7cd36d087bd2fcb2a81f36ed02bb9d6","sha1":"a8d8d23869914f1d6f3da0e32412b408657303ce","sha256":"b4cfebb0a9145aab8ed4ef298e65ddcc7a72532794b5a9597cf7079b50c54393","sha512":"373aea8b4c35dbddcdd88d7bfd4975e3a954b423d506f6b20f7e51cdbf0ec5f9f3fca7ec9c627bee94e07b29d3196813feca92fd45013f903c702d46abdec16a","ssdeep":"1536:gO4lqELn1iLrPazoEdJWvMrXaGOdDW81uw2lBUM3DrXLiROtVXlhC5jGzIEFmtH8:+dLYeeeMD1uPleM3HXpXqjGz/mGUR4ki","tlshash":"b1245cc9b685343503a7a17a806f020af73c3905751a44acf5b5dee228bad8e6377f71","first_seen":"2025-09-23T09:04:11.504226Z","last_seen":"2025-09-24T14:22:58.909195Z","times_seen":20,"resource_available":true,"data":null}},"time_used":709,"timings":{"blocked":246,"dns":35,"connect":104,"send":0,"wait":211,"receive":0,"ssl":109},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"js.wpushsdk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ntvpforever.com/keywords","fqdn":"ntvpforever.com","domain":"ntvpforever.com","tld":"com"},"ip":{"addr":"168.119.25.102","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:29.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 02:36:27 GMT","end":"Tue, 25 Nov 2025 02:36:26 GMT"},"fingerprint":{"sha1":"64:AC:96:73:4F:92:FF:85:D0:1E:15:16:DA:B2:A2:8F:FA:02:1D:05","sha256":"1B:3E:09:8B:67:DE:C9:73:00:B7:68:C4:8A:D7:17:4D:D5:19:A0:85:23:3B:65:9C:31:C6:FB:A5:8E:BA:22:83"}}},"request":{"raw":"POST /keywords HTTP/1.1\r\nHost: ntvpforever.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 1327\r\nOrigin: https://about.kozak.cx.ua\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Tue, 23 Sep 2025 19:14:29 GMT\r\ncontent-type: application/json\r\ncontent-length: 32\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"217f98b58423bb4c2390ea3ee4aa83d1","sha1":"dd60f49ffa06f0d8989edc801ab5e37f2010273d","sha256":"c7823e35fada3392027ddfb07f867072b8ebcebc847829ca848fa2c6c3d46995","sha512":"b5dff54e46387877ac6db46e223adcba1e0413c23731c4c9e67c178cc4ade57af12abe75797e2304c95a4b192b56fab5fde3ea081b6078cccabe8a6cd4b41047","ssdeep":"","tlshash":"9e800008320ba83a0cb0b08033008e222222e02aa082ac28e8a000028302320a00888a","first_seen":"2025-09-17T06:41:52.166207Z","last_seen":"2025-10-06T23:07:20.041248Z","times_seen":9,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","fqdn":"about.kozak.cx.ua","domain":"kozak.cx.ua","tld":"cx.ua"},"ip":{"addr":"172.67.148.48","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-23T19:14:27.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kozak.cx.ua","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Sep 2025 20:34:10 GMT","end":"Wed, 17 Dec 2025 21:32:33 GMT"},"fingerprint":{"sha1":"4D:E5:5C:6E:11:3A:C2:EF:50:1C:F2:47:22:F9:FF:9D:8C:2A:AC:80","sha256":"C2:65:08:01:2B:C4:E4:76:07:A9:8E:25:24:C3:CA:3C:AA:63:2E:88:25:FA:E3:95:0F:F6:64:50:0E:39:2D:09"}}},"request":{"raw":"GET /psikhologiya/khto-donka-magneto.html HTTP/1.1\r\nHost: about.kozak.cx.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Sep 2025 19:14:28 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: DENY\r\ncache-control: no-transform\r\nvary: accept-encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ntTxFcv3wWwzrOUqWfRucmf8qOOkVRgipM06NC30TAneaNd1e7H%2F%2F5c90gK1%2FIM994kEePaabg8zTStAu45R6jKeh8j%2FdiN%2BJK0PZk3h%2BTvM\"}]}\r\nset-cookie: se=-; SameSite=Lax; Path=/; Domain=about.kozak.cx.ua; Max-Age=864000; Expires=Fri, 03 Oct 2025 19:14:27 GMT\ncountry=NO; SameSite=Lax; Path=/; Domain=about.kozak.cx.ua; Max-Age=864000; Expires=Fri, 03 Oct 2025 19:14:27 GMT\r\ncf-ray: 983c5d7cbfeb3181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":313,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (313), with no line terminators","md5":"1b765a6e07a9d1431d9009199289768f","sha1":"76be750f4e1d5ee5cc4ebd0cd54c1bc4471c2424","sha256":"d3976eb461ab6b2b5fcfde7dd4860a38d72970c5c0d877e886916b62b4b261e8","sha512":"f39ca18645e0d693464de896e2cba24b8683b22a9bb9eae9d46fadda4033e0618f46bd7ebb2d034f4e11bc688d116bdf568cba2790bdaccb5f8342e2a06898b1","ssdeep":"","tlshash":"6ae07df81d246c3b498c6a65fde293650d6e74f536038c0c52cb4d7543d87be5e35801","first_seen":"2025-09-23T19:14:58.961532Z","last_seen":"2025-09-23T19:14:58.961532Z","times_seen":1,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":32,"dns":1,"connect":1,"send":0,"wait":52,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickua200.pp.ua/?te=g43dmytggy5ha3ddf4ytanjqgi","fqdn":"clickua200.pp.ua","domain":"clickua200.pp.ua","tld":"pp.ua"},"ip":{"addr":"134.209.192.77","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:28.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"clickua200.pp.ua","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Sep 2025 19:09:58 GMT","end":"Sun, 30 Nov 2025 19:09:57 GMT"},"fingerprint":{"sha1":"B6:31:70:62:7F:04:77:45:98:09:BB:AE:ED:6D:F1:3C:44:D6:CD:2F","sha256":"2B:AF:A8:48:16:95:E6:1D:B5:0A:AF:21:B6:97:7F:97:B5:AB:8A:7F:D8:FF:AD:A1:30:9C:D4:EB:F2:F7:5D:8C"}}},"request":{"raw":"GET /?te=g43dmytggy5ha3ddf4ytanjqgi HTTP/1.1\r\nHost: clickua200.pp.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 23 Sep 2025 19:14:28 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\nset-cookie: uuid=cb0dc000-43b9-4341-bd21-d186e221f34c; expires=Thu, 23-Oct-2025 19:14:28 GMT; Max-Age=2592000; path=/; SameSite=None; domain=clickua200.pp.ua; secure\r\nstrict-transport-security: max-age=31536000\r\ncontent-security-policy: img-src https: data:; upgrade-insecure-requests\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"f495e69f2e9edc75eeae7dd3ea78a747","sha1":"a89e38bbe70fa2de5db9d578975abd4e9dcda52e","sha256":"8bf4c7cf443426b4cd8b5a56d22109b4e70314c1d2b8d0eb68887696722c132c","sha512":"3fd0afcb046ea60710b769bab0a70d6474af6fc6e881277b0b17964c74cb7edb539a758f4b87a689ce9a52a20674cc88fa8cb9c2a337785cd060d8a5bdefa85e","ssdeep":"","tlshash":"1e5000c000003003300003000f00c00000000c00003000000000000000000c00c00000","first_seen":"2023-03-07T01:03:06Z","last_seen":"2026-06-01T09:07:33.605229Z","times_seen":3637,"resource_available":true,"data":null}},"time_used":336,"timings":{"blocked":152,"dns":84,"connect":22,"send":0,"wait":26,"receive":0,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.wpadmngr.com/static/adManager.js","fqdn":"js.wpadmngr.com","domain":"wpadmngr.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:28.350Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"js.wpadmngr.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 02 Sep 2025 03:32:10 GMT","end":"Mon, 01 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"A8:B8:5C:A8:67:08:FB:6F:5B:FE:20:D6:BB:7A:04:B0:B2:1A:BE:F7","sha256":"03:91:48:19:1B:C5:3E:CF:59:DE:C7:39:A3:C0:C3:E0:BC:41:15:48:FB:42:AB:77:8C:5B:FF:37:FE:1F:3C:54"}}},"request":{"raw":"GET /static/adManager.js HTTP/1.1\r\nHost: js.wpadmngr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Sep 2025 19:14:28 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx/1.18.0\r\nlast-modified: Mon, 22 Sep 2025 09:17:22 GMT\r\netag: W/\"68d11422-247bb\"\r\ncontent-encoding: gzip\r\nexpires: Tue, 23 Sep 2025 19:19:28 GMT\r\ncache-control: max-age=300\r\nx-cdn-host-id: AH1747\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":149435,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"efd0d8736506eaf15f451fad2872d8f3","sha1":"2b3504b41f849c55de197face6135aad5a022a03","sha256":"fad4c62fc8e3657fcef74aacf53990a46cbf496fce2afb6daa1dfea79a0daef0","sha512":"901b8b7a39b4cf2939a8739e9b84c03bc37e7dd36048b15f57da60366e7f8dd923ebe21f46795c72474f330800c074ee79e8e2aed19e23ae8ed1d945f97e31ad","ssdeep":"1536:Zmc1pgoXEItQyJUGxdxOkxXK37CVBYEvtskaHIOPVKIZivAB5R1NKvfVf3dnCW+0:5UGzxlJKubxvtsH3nivATL8r+da","tlshash":"03e339c9b2d2b47407e75099d43f1206f33a1a16b80c9058f6a6e9c17878ddb9237f7a","first_seen":"2025-09-22T10:59:39.804812Z","last_seen":"2025-10-02T09:39:22.155066Z","times_seen":250,"resource_available":true,"data":null}},"time_used":214,"timings":{"blocked":91,"dns":48,"connect":23,"send":0,"wait":21,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"js.wpadmngr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fp.metricswpsh.com/fp?tag_id=184057","fqdn":"fp.metricswpsh.com","domain":"metricswpsh.com","tld":"com"},"ip":{"addr":"157.90.84.242","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:29.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"notification.tubecup.net","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 Aug 2025 02:47:45 GMT","end":"Thu, 13 Nov 2025 02:47:44 GMT"},"fingerprint":{"sha1":"F4:AD:2A:0D:F1:0A:AB:04:F2:6F:6F:72:39:99:7F:4B:E4:5B:2E:4C","sha256":"12:8C:54:04:9B:26:0A:7E:35:D0:23:72:4F:A8:FC:52:77:D0:9D:FA:F5:AC:FE:2F:D2:49:97:F4:24:B6:72:0A"}}},"request":{"raw":"OPTIONS /fp?tag_id=184057 HTTP/1.1\r\nHost: fp.metricswpsh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://about.kozak.cx.ua/\r\nOrigin: https://about.kozak.cx.ua\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx/1.20.1\r\nDate: Tue, 23 Sep 2025 19:14:29 GMT\r\nConnection: keep-alive\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Headers: content-type\r\nAccess-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\nAccess-Control-Allow-Origin: https://about.kozak.cx.ua\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":1,"connect":25,"send":0,"wait":25,"receive":0,"ssl":59},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"fp.metricswpsh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nereserv.com/in/dip?site=native-push\u0026wl=0\u0026event_id=6988988c-83d8-4b5c-ae97-1c4666b9e61b\u0026subid=903994416\u0026sid=1239762739\u0026spot_id=683078\u0026created_at=2025-09-23\u0026timezone=0\u0026ver=8.242.5\u0026is_native=1","fqdn":"nereserv.com","domain":"nereserv.com","tld":"com"},"ip":{"addr":"168.119.25.102","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:29.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 02:36:27 GMT","end":"Tue, 25 Nov 2025 02:36:26 GMT"},"fingerprint":{"sha1":"64:AC:96:73:4F:92:FF:85:D0:1E:15:16:DA:B2:A2:8F:FA:02:1D:05","sha256":"1B:3E:09:8B:67:DE:C9:73:00:B7:68:C4:8A:D7:17:4D:D5:19:A0:85:23:3B:65:9C:31:C6:FB:A5:8E:BA:22:83"}}},"request":{"raw":"GET /in/dip?site=native-push\u0026wl=0\u0026event_id=6988988c-83d8-4b5c-ae97-1c4666b9e61b\u0026subid=903994416\u0026sid=1239762739\u0026spot_id=683078\u0026created_at=2025-09-23\u0026timezone=0\u0026ver=8.242.5\u0026is_native=1 HTTP/1.1\r\nHost: nereserv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://about.kozak.cx.ua\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Tue, 23 Sep 2025 19:14:29 GMT\r\ncontent-length: 0\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":58,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026ifkv=AfYwgwVC8oN1I-ud9todCOwObEsGKxKOPmeX3YwyZIE2RVL4RyL_Ep4RdSneHLB0tdWzK6enbeUT","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"64.233.164.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:30.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:38:01 GMT","end":"Mon, 01 Dec 2025 08:38:00 GMT"},"fingerprint":{"sha1":"50:D2:49:3C:F8:95:11:7F:74:11:C6:30:B6:82:0C:F4:34:21:2E:47","sha256":"EA:D4:6B:60:2A:3C:4B:39:32:39:92:5B:56:98:4B:5B:00:E5:93:5E:BA:66:43:BD:89:DE:10:FF:76:70:E1:53"}}},"request":{"raw":"GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026ifkv=AfYwgwVC8oN1I-ud9todCOwObEsGKxKOPmeX3YwyZIE2RVL4RyL_Ep4RdSneHLB0tdWzK6enbeUT HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: __Host-GAPS=1:zfsIgrDplrX2zCKkt_G3qfV_8qkB5Q:XnvqNT9svpiMbdW8;Path=/;Expires=Thu, 23-Sep-2027 19:14:30 GMT;Secure;HttpOnly;Priority=HIGH\r\nx-frame-options: DENY\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Tue, 23 Sep 2025 19:14:30 GMT\r\nlocation: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AfYwgwVhCwuhr02Z4vti09HWrcBMRklNNk5dfy5j7uQoIyIuqqOGssJarHRRt7oI0XooohuvhWfZ\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S2064809978%3A1758654870232015\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_gse_qebhlk\"\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-uNhjbK7A_6SUPtswUkHCYA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport\r\nreport-to: {\"group\":\"coop_gse_qebhlk\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gse_qebhlk\"}]}\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 412\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":45,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ba594324dd.0ca5b8dbfd.com/in/show/?tag_ab=d\u0026site_id=31683078\u0026adblock=0\u0026testab=0\u0026auction_host=apply\u0026mm=0\u0026yc=0\u0026render_type=mq\u0026pr=about.kozak.cx.ua\u0026user_keywords=\u0026device_theme=light\u0026v2_track=0\u0026v2=0\u0026conditions=all,dch_ip,tz_offset\u0026ssp=3964\u0026page=https%3A%2F%2Fabout.kozak.cx.ua%2Fpsikhologiya%2Fkhto-donka-magneto.html\u0026refdom=about.kozak.cx.ua\u0026auction_time=1758654870\u0026subid=903994416\u0026sid=1239762739\u0026tcid=0\u0026ver=8.242.5\u0026ver_c=\u0026spot_id=683078\u0026utm_source=\u0026utm_medium=\u0026utm_campaign=\u0026utm_content=\u0026created_at=2025-09-23\u0026iabcat=IAB12-12\u0026user_fp=3062215412326782139\u0026score=92.99672762512988\u0026kubik_score=76.978\u0026kaminari_bot_ip=1\u0026durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D903994416%26spot_id%3D683078%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fabout.kozak.cx.ua%252Fpsikhologiya%252Fkhto-donka-magneto.html%26idzone%3D0%26sid%3D1885\u0026is_cpm=0\u0026resp_type=\u0026crid=\u0026crtid=b0681ff5c1739e7f8bdbb8527f77d810\u0026url=http%3A%2F%2Fxml-v4.bomdukop-3.online%2Fclick%3Fi%3D5VrR%2Aa2Pkko_0%26p%3D1758654870.364242\u0026icons=KzN2mcFBwxITHKmDEBfHvuJ6huwehkwa1ivPgRBMnId9hkfbIW_frIItF0NoofdQwGBuOeVuQ4h2zL0Qd0cKjcYxsSKgMmSec77oQ4i8gJBwpT_-CNYx4Pm6I6ro-kejPLWPT3-7SwmLjXdqw-FDhFheZPe7SJT9xv83-KGKaxc5VRDhNg\u0026ext_cid=0\u0026px_id=53683078\u0026min_cpm=0.0037084402697835374\u0026out_id=1\u0026campaign_type=lq-pop\u0026aid=178\u0026cid=12030\u0026uniq=440ccc06364b6474787509410e24a4f294867e2c2cc1432228ed7b4a59232aee\u0026mid=1231706220685087909\u0026skin_id=71\u0026vertical_id=19\u0026skin_test=0\u0026from_cache=0\u0026ecpm=0.049468551725859414\u0026cpm=0.06804477559235848\u0026verify_hash=a3bea16720d7d16ea08da3f51c470170\u0026verify_hash_v2=4730376449c2a6ca7698c9d1cc138afbb7ebb46b7dbff440add5c7fa34db89f0\u0026is_native=2\u0026real_bid=0.000407119998931884\u0026original_bid_usd=0.00056\u0026original_bid=0.00056\u0026show_type=0\u0026exp=1440\u0026placement_type_id=0\u0026ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0\u0026ip_mismatch=91.90.42.154\u0026geo=NO\u0026carrier=-\u0026label_ids=20,27,150,19,89,83\u0026need_redirect_show=0\u0026applied_features=coef_095,main-skins-settings\u0026show_count=1\u0026expiration_timestamp=1758741270\u0026image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp\u0026site=native-push-mainstream\u0026price=0.00056\u0026hostname=auc-inpage-hz-6-a\u0026auc_type=1\u0026pop_type=1\u0026site_id64=\u0026interest_vertical_ids=\u0026mo=\u0026ve=\u0026timezone_olson=UTC\u0026topics=\u0026historical_keywords=test,torrents\u0026pop_cpc=0.0000005599999999999999\u0026ext_campaign_id_str=\u0026is_webview=0\u0026client_price=0\u0026direct_client_price=0\u0026priority=0\u0026client_payment_model=\u0026is_in_app=0\u0026auc_domain_type=hash\u0026script_type=general\u0026tma_wallet_balance=0\u0026processed_keywords=test\u0026is_iframe=0\u0026traffic_category=mainstream\u0026iframe_click=0\u0026estimated_ctr=0.1215085278434973\u0026social_network=\u0026publisher_id=54969\u0026advanced_pub_id=5354969\u0026user_click_counter=1\u0026lv_id=0\u0026service_spot_id=0\u0026mediation_ecpm=0\u0026mediation_type=no_mediation\u0026entry_source=inner\u0026pattern1=0\u0026pattern2=0\u0026pattern3=0\u0026pattern4=0\u0026pattern5=0\u0026format=gamblingBlueMessage-view-b_r-body\u0026mlf=1\u0026mlc=1\u0026cpa=d501a3ee-6ec6-4e54-83c2-e1a2d87496b2\u0026prev_step_diff=766\u0026st=0.03","fqdn":"ba594324dd.0ca5b8dbfd.com","domain":"0ca5b8dbfd.com","tld":"com"},"ip":{"addr":"116.202.249.56","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:30.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"0ca5b8dbfd.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Sep 2025 14:04:06 GMT","end":"Thu, 18 Dec 2025 14:04:05 GMT"},"fingerprint":{"sha1":"89:5E:27:AF:AB:73:AC:30:40:0D:B5:EC:09:CA:29:85:5C:FB:CC:59","sha256":"0B:E4:DF:FD:14:9D:6B:83:67:4D:39:59:0A:4A:7D:CE:79:F5:AA:A8:E5:E4:34:6A:A2:54:45:6A:29:1F:B1:8C"}}},"request":{"raw":"GET /in/show/?tag_ab=d\u0026site_id=31683078\u0026adblock=0\u0026testab=0\u0026auction_host=apply\u0026mm=0\u0026yc=0\u0026render_type=mq\u0026pr=about.kozak.cx.ua\u0026user_keywords=\u0026device_theme=light\u0026v2_track=0\u0026v2=0\u0026conditions=all,dch_ip,tz_offset\u0026ssp=3964\u0026page=https%3A%2F%2Fabout.kozak.cx.ua%2Fpsikhologiya%2Fkhto-donka-magneto.html\u0026refdom=about.kozak.cx.ua\u0026auction_time=1758654870\u0026subid=903994416\u0026sid=1239762739\u0026tcid=0\u0026ver=8.242.5\u0026ver_c=\u0026spot_id=683078\u0026utm_source=\u0026utm_medium=\u0026utm_campaign=\u0026utm_content=\u0026created_at=2025-09-23\u0026iabcat=IAB12-12\u0026user_fp=3062215412326782139\u0026score=92.99672762512988\u0026kubik_score=76.978\u0026kaminari_bot_ip=1\u0026durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D903994416%26spot_id%3D683078%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fabout.kozak.cx.ua%252Fpsikhologiya%252Fkhto-donka-magneto.html%26idzone%3D0%26sid%3D1885\u0026is_cpm=0\u0026resp_type=\u0026crid=\u0026crtid=b0681ff5c1739e7f8bdbb8527f77d810\u0026url=http%3A%2F%2Fxml-v4.bomdukop-3.online%2Fclick%3Fi%3D5VrR%2Aa2Pkko_0%26p%3D1758654870.364242\u0026icons=KzN2mcFBwxITHKmDEBfHvuJ6huwehkwa1ivPgRBMnId9hkfbIW_frIItF0NoofdQwGBuOeVuQ4h2zL0Qd0cKjcYxsSKgMmSec77oQ4i8gJBwpT_-CNYx4Pm6I6ro-kejPLWPT3-7SwmLjXdqw-FDhFheZPe7SJT9xv83-KGKaxc5VRDhNg\u0026ext_cid=0\u0026px_id=53683078\u0026min_cpm=0.0037084402697835374\u0026out_id=1\u0026campaign_type=lq-pop\u0026aid=178\u0026cid=12030\u0026uniq=440ccc06364b6474787509410e24a4f294867e2c2cc1432228ed7b4a59232aee\u0026mid=1231706220685087909\u0026skin_id=71\u0026vertical_id=19\u0026skin_test=0\u0026from_cache=0\u0026ecpm=0.049468551725859414\u0026cpm=0.06804477559235848\u0026verify_hash=a3bea16720d7d16ea08da3f51c470170\u0026verify_hash_v2=4730376449c2a6ca7698c9d1cc138afbb7ebb46b7dbff440add5c7fa34db89f0\u0026is_native=2\u0026real_bid=0.000407119998931884\u0026original_bid_usd=0.00056\u0026original_bid=0.00056\u0026show_type=0\u0026exp=1440\u0026placement_type_id=0\u0026ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0\u0026ip_mismatch=91.90.42.154\u0026geo=NO\u0026carrier=-\u0026label_ids=20,27,150,19,89,83\u0026need_redirect_show=0\u0026applied_features=coef_095,main-skins-settings\u0026show_count=1\u0026expiration_timestamp=1758741270\u0026image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp\u0026site=native-push-mainstream\u0026price=0.00056\u0026hostname=auc-inpage-hz-6-a\u0026auc_type=1\u0026pop_type=1\u0026site_id64=\u0026interest_vertical_ids=\u0026mo=\u0026ve=\u0026timezone_olson=UTC\u0026topics=\u0026historical_keywords=test,torrents\u0026pop_cpc=0.0000005599999999999999\u0026ext_campaign_id_str=\u0026is_webview=0\u0026client_price=0\u0026direct_client_price=0\u0026priority=0\u0026client_payment_model=\u0026is_in_app=0\u0026auc_domain_type=hash\u0026script_type=general\u0026tma_wallet_balance=0\u0026processed_keywords=test\u0026is_iframe=0\u0026traffic_category=mainstream\u0026iframe_click=0\u0026estimated_ctr=0.1215085278434973\u0026social_network=\u0026publisher_id=54969\u0026advanced_pub_id=5354969\u0026user_click_counter=1\u0026lv_id=0\u0026service_spot_id=0\u0026mediation_ecpm=0\u0026mediation_type=no_mediation\u0026entry_source=inner\u0026pattern1=0\u0026pattern2=0\u0026pattern3=0\u0026pattern4=0\u0026pattern5=0\u0026format=gamblingBlueMessage-view-b_r-body\u0026mlf=1\u0026mlc=1\u0026cpa=d501a3ee-6ec6-4e54-83c2-e1a2d87496b2\u0026prev_step_diff=766\u0026st=0.03 HTTP/1.1\r\nHost: ba594324dd.0ca5b8dbfd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0\r\ndate: Tue, 23 Sep 2025 19:14:30 GMT\r\ncontent-length: 0\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"ba594324dd.0ca5b8dbfd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","fqdn":"about.kozak.cx.ua","domain":"kozak.cx.ua","tld":"cx.ua"},"ip":{"addr":"172.67.148.48","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-23T19:14:28.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kozak.cx.ua","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Sep 2025 20:34:10 GMT","end":"Wed, 17 Dec 2025 21:32:33 GMT"},"fingerprint":{"sha1":"4D:E5:5C:6E:11:3A:C2:EF:50:1C:F2:47:22:F9:FF:9D:8C:2A:AC:80","sha256":"C2:65:08:01:2B:C4:E4:76:07:A9:8E:25:24:C3:CA:3C:AA:63:2E:88:25:FA:E3:95:0F:F6:64:50:0E:39:2D:09"}}},"request":{"raw":"GET /psikhologiya/khto-donka-magneto.html HTTP/1.1\r\nHost: about.kozak.cx.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html\r\nCookie: se=-; country=NO; 29abed27e59fd322b0663a23e30d1dbc=485deb5d97e94a4e2f4fa157b1f2ec59\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Sep 2025 19:14:28 GMT\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RtTU8csnVw41Fq4zQIQLHdecM8pH%2BQcyRaUsSVXRaisoe0zmylejd3bpzIedDsOfVQgJxK5%2FXllsRXwdTXvE3IlTIIuMLrJZ7i8Rfuca6%2FLw\"}]}\r\nset-cookie: 29abed27e59fd322b0663a23e30d1dbc=1; SameSite=Lax; Path=/; Domain=about.kozak.cx.ua; Max-Age=864000; Expires=Fri, 03 Oct 2025 19:14:28 GMT\r\nx-frame-options: DENY\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: no-cache, must-revalidate, max-age=0\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\npragma: no-cache\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 983c5d7e9e8f8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":54357,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (35233)","md5":"72cf0ed564fbd1730072bf343b25c1d5","sha1":"716604068c0fe52b7ef1cb98120e9f529cdb753f","sha256":"a505fb81334d988d5a304343403625e7f19870ddc5340289e69d2b00b6e0ffe1","sha512":"fd0d4307eff69762147164615b307537cb473d367a26706e4064f3321318717dcfdfad4014ad6331b11a2c7837f923961089d1c4a4070a0907d27d9cf2977ac8","ssdeep":"1536:+nuapx22BulZJ1ul9ejY1XfcGn5ZJ1Ql9ejY1XfcG79SeLv5qM49:+nB/22BulZJ1ul9ejY1PcG5ZJ1Ql9ejJ","tlshash":"1433eab2d26404fbb66f8ba8d68577547800bd359a4203d7b8a2d25877c7df221b630f","first_seen":"2025-09-23T19:14:58.963877Z","last_seen":"2025-09-23T19:14:58.963877Z","times_seen":1,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"about.kozak.cx.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"about.kozak.cx.ua","domain":"kozak.cx.ua","tld":"cx.ua"},"ip":{"addr":"172.67.148.48","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:28.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kozak.cx.ua","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Sep 2025 20:34:10 GMT","end":"Wed, 17 Dec 2025 21:32:33 GMT"},"fingerprint":{"sha1":"4D:E5:5C:6E:11:3A:C2:EF:50:1C:F2:47:22:F9:FF:9D:8C:2A:AC:80","sha256":"C2:65:08:01:2B:C4:E4:76:07:A9:8E:25:24:C3:CA:3C:AA:63:2E:88:25:FA:E3:95:0F:F6:64:50:0E:39:2D:09"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: about.kozak.cx.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html\r\nCookie: se=-; country=NO; 29abed27e59fd322b0663a23e30d1dbc=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Tue, 23 Sep 2025 20:02:28 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3qK0zxxC6wnA3YF3QPdDwOQ%2ByXfOZlrWsxCHJuhP3WsF5JvGjAjY1suJMMlWv6KRSqrnBwg27vWPDoVS69o5AjUNqkFxB6LQ%2B3A9Qqp6Drg3\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Tue, 23 Sep 2025 19:14:28 GMT\r\ncf-ray: 983c5d7f3ea28deb-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-01T18:11:37.144444Z","times_seen":357231,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"na.nawpush.com/tags/184057?version_name=d\u0026domain=about.kozak.cx.ua","fqdn":"na.nawpush.com","domain":"nawpush.com","tld":"com"},"ip":{"addr":"45.133.44.25","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:28.583Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"na.nawpush.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Sep 2025 02:32:20 GMT","end":"Thu, 18 Dec 2025 02:32:19 GMT"},"fingerprint":{"sha1":"38:85:B2:05:59:7D:15:16:9D:87:1B:83:46:10:68:2E:DC:7C:7A:D1","sha256":"FE:22:4E:C6:6F:85:46:CA:64:38:8F:48:77:17:E8:29:0E:7C:14:27:20:EA:A9:7B:CB:5E:49:87:A6:B0:60:2F"}}},"request":{"raw":"GET /tags/184057?version_name=d\u0026domain=about.kozak.cx.ua HTTP/1.1\r\nHost: na.nawpush.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://about.kozak.cx.ua\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Sep 2025 19:14:28 GMT\r\ncontent-type: application/json\r\nserver: nginx/1.24.0\r\ncache-control: max-age=300, public\r\nx-cdn-host-id: DS5058\r\nx-proxy-cache: EXPIRED\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2539,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"5523b37b65f0bc986a587f664d90e4ae","sha1":"fa86b90f8dfac2789107ee63e842426c0abdafb8","sha256":"cf31a4caf36482c37e3d2a9ce376972dce3184060d581239f0af8bdcb7565bdf","sha512":"414fdf11e5ec6ec369e004b1a0bf96417f49afa82a73eceb201092824710677bda0c9194668c1803bbad5ea32902737c39822537d007299a598b1b64d1e7838e","ssdeep":"","tlshash":"0151e7b98ab0cc76c1f006429c027b8d59ae217b2494b80de4fe8d6c05ef9be1f5524b","first_seen":"2025-09-23T19:14:58.96572Z","last_seen":"2026-05-31T15:15:35.135541Z","times_seen":7,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":131,"dns":80,"connect":23,"send":0,"wait":31,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"na.nawpush.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"64.233.164.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:29.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:38:01 GMT","end":"Mon, 01 Dec 2025 08:38:00 GMT"},"fingerprint":{"sha1":"50:D2:49:3C:F8:95:11:7F:74:11:C6:30:B6:82:0C:F4:34:21:2E:47","sha256":"EA:D4:6B:60:2A:3C:4B:39:32:39:92:5B:56:98:4B:5B:00:E5:93:5E:BA:66:43:BD:89:DE:10:FF:76:70:E1:53"}}},"request":{"raw":"GET /ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: application/binary\r\nset-cookie: __Host-GAPS=1:DtXlFbnz2zzsJjof834EzIy8vG5UTw:BALPpW04Ik7wHuq2; Expires=Thu, 23-Sep-2027 19:14:30 GMT; Path=/; Secure; HttpOnly; Priority=HIGH\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Tue, 23 Sep 2025 19:14:30 GMT\r\nlocation: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026ifkv=AfYwgwVC8oN1I-ud9todCOwObEsGKxKOPmeX3YwyZIE2RVL4RyL_Ep4RdSneHLB0tdWzK6enbeUT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-opener-policy: unsafe-none\r\ncontent-security-policy: script-src 'nonce-t1McBKSbCSVZDSswFwq1ZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport\r\ncross-origin-resource-policy: cross-origin\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":447,"timings":{"blocked":204,"dns":0,"connect":29,"send":0,"wait":38,"receive":0,"ssl":173},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AfYwgwVhCwuhr02Z4vti09HWrcBMRklNNk5dfy5j7uQoIyIuqqOGssJarHRRt7oI0XooohuvhWfZ\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S2064809978%3A1758654870232015","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"64.233.164.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:30.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:35:04 GMT","end":"Mon, 01 Dec 2025 08:35:03 GMT"},"fingerprint":{"sha1":"0F:82:E8:11:83:A1:6A:96:4E:57:CD:2C:88:23:16:DB:C8:F3:92:F6","sha256":"21:02:1A:BE:51:24:50:B2:94:02:F9:2C:9A:E7:74:47:4A:53:D2:EE:9B:15:E3:B8:E9:9F:C3:E4:FE:5B:14:30"}}},"request":{"raw":"GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AfYwgwVhCwuhr02Z4vti09HWrcBMRklNNk5dfy5j7uQoIyIuqqOGssJarHRRt7oI0XooohuvhWfZ\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S2064809978%3A1758654870232015 HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Tue, 23 Sep 2025 19:14:30 GMT\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-_kRORxIn8wn996eBMV77Rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.google.com/tools/feedback/ https://www.gstatic.com/feedback/js/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://support.google.com/inapp/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist\r\nreport-to: {\"group\":\"AccountsSignInUi\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi\"}]}\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"AccountsSignInUi\"\r\ncontent-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/tools/feedback/chat_load.js https://www.google.com/tools/feedback/help_api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.gstatic.com/feedback/js/ https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.tx7Hf5xXnPQ.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"about.kozak.cx.ua/wp-content/themes/martanda/js/back-to-top.min.js?ver=1.1.3","fqdn":"about.kozak.cx.ua","domain":"kozak.cx.ua","tld":"cx.ua"},"ip":{"addr":"172.67.148.48","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:28.374Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kozak.cx.ua","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Sep 2025 20:34:10 GMT","end":"Wed, 17 Dec 2025 21:32:33 GMT"},"fingerprint":{"sha1":"4D:E5:5C:6E:11:3A:C2:EF:50:1C:F2:47:22:F9:FF:9D:8C:2A:AC:80","sha256":"C2:65:08:01:2B:C4:E4:76:07:A9:8E:25:24:C3:CA:3C:AA:63:2E:88:25:FA:E3:95:0F:F6:64:50:0E:39:2D:09"}}},"request":{"raw":"GET /wp-content/themes/martanda/js/back-to-top.min.js?ver=1.1.3 HTTP/1.1\r\nHost: about.kozak.cx.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html\r\nCookie: se=-; country=NO; 29abed27e59fd322b0663a23e30d1dbc=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Sep 2025 19:14:28 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Mon, 12 May 2025 06:09:28 GMT\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"68219098-371\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FwM5af1BqeN8kEeTwDXGB6M2%2FC8BXOHkydSL6A%2FNA%2FKgpivVS4XuKbTZ9wgZyNevf%2FL8eAhRwc%2FIKVbmA6XIwazJzQLNandwPwVZ4l7jgQ2r\"}]}\r\ncf-ray: 983c5d7f3ea98deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":881,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (881), with no line terminators","md5":"27936a22cbbfbcb5840aa886b1fc60ec","sha1":"a4c94932ecfb54e37d4246ebfb0827cca0184926","sha256":"c549e8fb734127151d59eb8e5c1616f51aa4b9c043bb074dcccad72ed2b32e8f","sha512":"019608745f66114a0e23861be231b7cdf6b6d8809a69bcbd1244c1d0ecd37e597d54959a74affa2f81fe37088e2fd0b74e6a88420eb6cf2c76c4730f23f8affe","ssdeep":"","tlshash":"f111e3f96111907004bbd69a31afbb45753150f663020421426dcd5596bcddfa5317fa","first_seen":"2025-05-10T19:17:17.961483Z","last_seen":"2026-05-16T13:06:35.513442Z","times_seen":10,"resource_available":true,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"about.kozak.cx.ua/wp-content/themes/martanda/fonts/JosefinSans-Bold.woff2","fqdn":"about.kozak.cx.ua","domain":"kozak.cx.ua","tld":"cx.ua"},"ip":{"addr":"172.67.148.48","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:28.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kozak.cx.ua","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Sep 2025 20:34:10 GMT","end":"Wed, 17 Dec 2025 21:32:33 GMT"},"fingerprint":{"sha1":"4D:E5:5C:6E:11:3A:C2:EF:50:1C:F2:47:22:F9:FF:9D:8C:2A:AC:80","sha256":"C2:65:08:01:2B:C4:E4:76:07:A9:8E:25:24:C3:CA:3C:AA:63:2E:88:25:FA:E3:95:0F:F6:64:50:0E:39:2D:09"}}},"request":{"raw":"GET /wp-content/themes/martanda/fonts/JosefinSans-Bold.woff2 HTTP/1.1\r\nHost: about.kozak.cx.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html\r\nCookie: se=-; country=NO; 29abed27e59fd322b0663a23e30d1dbc=1\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Sep 2025 19:14:28 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 21564\r\nlast-modified: Mon, 12 May 2025 06:09:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"68219098-543c\"\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e6zsABXHwMLRKqhW%2FOvXqt3rylPedn9uNAXb0gkIJZlfCOJX75RLMe2cpcEXIi%2BIoeNpeMUE4BrnK54p6Sx1z%2BfLNQ5ENZFJoe%2FWjaCCbg82\"}]}\r\nvary: accept-encoding\r\ncf-ray: 983c5d800ec78deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21564,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 21564, version 1.0","md5":"2c9e5ad11c41f2f1e16498bec792cb08","sha1":"915607f730556fd8bb16bd2600149a3bbc0a2ab8","sha256":"0d690e2d218c9dabf3f74d5a2ece35a224bc25818d076587d610e80102560190","sha512":"a43eade0ab664c04cea05a0165d13d8880d847897f2c26fa79fe0da67c1fa6fa10e5e7f8f6da0ece156f5aa3828200dc419393f455d2bf7c4ef8b2a651974f39","ssdeep":"384:ByvjNhINP6bOTFEluuvTpkcK4/C9BMI33Exb9NdPmmeL4MmHrD9iEfN2orBrho:ByPI96CTFEJvTCX4gR3q4L8939iE7Nrm","tlshash":"47a2e12fb6659731f3649f3e3de8c9dcbc304ae2a17584bb16188442926940d8c9b7db","first_seen":"2025-09-23T19:14:58.953661Z","last_seen":"2026-05-22T10:48:58.272725Z","times_seen":3,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e420a96d53.d0d9f1bb4b.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTQzNDEyNjI4MTQzMzE2MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIyLjM4LjMiLCJ0YWdfaWQiOjE4NDA1Nywic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjQ3LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9","fqdn":"e420a96d53.d0d9f1bb4b.com","domain":"d0d9f1bb4b.com","tld":"com"},"ip":{"addr":"45.133.44.53","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:29.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"e420a96d53.d0d9f1bb4b.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 02:47:59 GMT","end":"Fri, 19 Dec 2025 02:47:58 GMT"},"fingerprint":{"sha1":"C2:55:FA:23:8A:03:E7:0C:3D:CD:AD:0E:C5:BF:50:FD:55:6D:51:53","sha256":"B2:A8:B9:53:C0:03:98:DA:17:91:EC:13:BB:AB:91:7A:75:48:C1:E8:B0:13:B6:FE:32:D8:FD:2A:1B:1C:69:0E"}}},"request":{"raw":"GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTQzNDEyNjI4MTQzMzE2MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIyLjM4LjMiLCJ0YWdfaWQiOjE4NDA1Nywic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjQ3LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 HTTP/1.1\r\nHost: e420a96d53.d0d9f1bb4b.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://about.kozak.cx.ua\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Sep 2025 19:14:29 GMT\r\ncontent-length: 0\r\nserver: nginx/1.18.0\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nx-cdn-host-id: AH1747\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":350,"timings":{"blocked":147,"dns":101,"connect":21,"send":0,"wait":50,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"e420a96d53.d0d9f1bb4b.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"js.wpshsdk.com/npc/sdk/push.m.js?v=1","fqdn":"js.wpshsdk.com","domain":"wpshsdk.com","tld":"com"},"ip":{"addr":"45.133.44.53","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:29.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"js.wpshsdk.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Sep 2025 07:33:10 GMT","end":"Wed, 10 Dec 2025 07:33:09 GMT"},"fingerprint":{"sha1":"62:BE:F1:F7:0A:03:CE:F8:E5:4C:47:01:1E:E9:64:E1:C4:78:3D:D5","sha256":"86:3F:71:43:02:B9:19:61:1A:AC:16:D2:2F:36:03:1E:C1:C6:18:02:AB:1D:95:D6:DD:5A:5A:41:AD:83:D8:CB"}}},"request":{"raw":"GET /npc/sdk/push.m.js?v=1 HTTP/1.1\r\nHost: js.wpshsdk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Sep 2025 19:14:29 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx/1.18.0\r\nlast-modified: Mon, 01 Sep 2025 08:26:08 GMT\r\netag: W/\"68b558a0-7b8f\"\r\ncontent-encoding: gzip\r\nexpires: Tue, 23 Sep 2025 19:19:29 GMT\r\ncache-control: max-age=300\r\nx-cdn-host-id: AH1747\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31631,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (31246), with no line terminators","md5":"d8575fbbf73a8ff30ff1938a43e664d0","sha1":"d2785dd9892fdadb8703f655b056b02dd1cb5b8d","sha256":"50c8fdcb3cc08967158d65ade7da8ac61718b8a1babc00e13b930367e571aedc","sha512":"8c16a650ae6509952a46206931e89d7ab016ce4f534770e2b9e5d2a4b7fc1c2394a2ed5c454f9fb6d6a99f6b423e2775956ce8ec9c88f686b940a450dfc72078","ssdeep":"768:CuKhVWPsJiRx8Useb6uvOdtkp6O4AQet1/:CuKHesJiXWpuvOdtkQLAf","tlshash":"2be21a88b381b2b4479720b2587f6742b336651a7403c540f367ebc0b869e9fd336b69","first_seen":"2025-09-01T17:49:28.814065Z","last_seen":"2026-02-06T10:34:46.272483Z","times_seen":1059,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":80,"dns":32,"connect":21,"send":0,"wait":24,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp","fqdn":"static.bookmsg.com","domain":"bookmsg.com","tld":"com"},"ip":{"addr":"45.133.44.24","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:30.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bookmsg.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 02:32:45 GMT","end":"Mon, 27 Oct 2025 02:32:44 GMT"},"fingerprint":{"sha1":"30:1F:04:06:2B:99:7A:B4:24:F9:4B:DB:29:5F:D7:52:7F:F4:FE:45","sha256":"27:BC:39:2A:E4:27:93:38:6A:79:24:38:E8:BD:2C:D0:7E:10:40:F0:EE:3D:C9:54:7A:0E:39:62:7C:27:AE:FA"}}},"request":{"raw":"GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1\r\nHost: static.bookmsg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Sep 2025 19:14:30 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1066\r\nserver: nginx/1.24.0\r\nlast-modified: Fri, 31 May 2024 10:56:43 GMT\r\netag: \"6659aceb-42a\"\r\nexpires: Wed, 23 Sep 2026 19:14:30 GMT\r\ncache-control: max-age=31536000\r\nx-cdn-host-id: DS5058\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1066,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2a11e13b2bd67bb9a6cb347d7c73df13","sha1":"b85460a33f9b229f42c08a6a94ae433a4d5c32ab","sha256":"1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56","sha512":"059dd018bbf13a669d73f07442288f165bc6b305afb0df955773a0efb7454b8204095196231179fab4cb625e189c7c735fe41dc5b67fb8666d584214277186e6","ssdeep":"","tlshash":"7511b56be46c4dfede41f0408dd80256f8324a5c8aaeaf39058bc7da4f584143a6f01a","first_seen":"2024-02-20T18:30:33Z","last_seen":"2026-06-01T18:04:59.514546Z","times_seen":11393,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":63,"dns":0,"connect":19,"send":0,"wait":19,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"about.kozak.cx.ua/wp-includes/js/dist/script-modules/block-library/navigation/view.min.js?ver=61572d447d60c0aa5240","fqdn":"about.kozak.cx.ua","domain":"kozak.cx.ua","tld":"cx.ua"},"ip":{"addr":"172.67.148.48","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:28.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kozak.cx.ua","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Sep 2025 20:34:10 GMT","end":"Wed, 17 Dec 2025 21:32:33 GMT"},"fingerprint":{"sha1":"4D:E5:5C:6E:11:3A:C2:EF:50:1C:F2:47:22:F9:FF:9D:8C:2A:AC:80","sha256":"C2:65:08:01:2B:C4:E4:76:07:A9:8E:25:24:C3:CA:3C:AA:63:2E:88:25:FA:E3:95:0F:F6:64:50:0E:39:2D:09"}}},"request":{"raw":"GET /wp-includes/js/dist/script-modules/block-library/navigation/view.min.js?ver=61572d447d60c0aa5240 HTTP/1.1\r\nHost: about.kozak.cx.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html\r\nCookie: se=-; country=NO; 29abed27e59fd322b0663a23e30d1dbc=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Sep 2025 19:14:28 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Mon, 03 Mar 2025 15:08:42 GMT\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"67c5c5fa-d1e\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DqWbTvGrCG%2Bfrxm4vLFBupw6VCZGFDch8T4B24xy0HwNwc6WgUXuKi9TOmcyicJalQzKYmikB5rr9a4wdU8Un3ybzo%2FhQpvYgtaGXXc5SeXM\"}]}\r\ncf-ray: 983c5d7f3ea88deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3358,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (3358), with no line terminators","md5":"39b6679f083c89806ae1dab66a6b1f83","sha1":"ccc3e4d82490e24c5bab603beb04961ba3225571","sha256":"091b36f4ce349cd155f3d0ffb19f46e954f82aa4eb78dd9091da2ab9c9f20a99","sha512":"9b61e3a83ee4cbdf339401bc60d30e6e58f4871e4411398bbbdfde7e31f1fc6e8624be8e63fcfc1d238e923695f3fa95b5b182ee08fdfb026b8720ef8d6062b3","ssdeep":"","tlshash":"7c610234306575b1aefe5ad8f3148428a3148581640b78717e1cb9ee58eef5391f0bea","first_seen":"2025-04-16T10:49:17.676934Z","last_seen":"2026-05-31T23:55:27.892103Z","times_seen":13018,"resource_available":true,"data":null}},"time_used":58,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.capndr.com/advertising.js","fqdn":"js.capndr.com","domain":"capndr.com","tld":"com"},"ip":{"addr":"45.133.44.53","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:28.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"js.capndr.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 14 Aug 2025 02:32:40 GMT","end":"Wed, 12 Nov 2025 02:32:39 GMT"},"fingerprint":{"sha1":"29:AD:62:97:FC:BB:60:DB:88:37:9C:81:9B:75:1A:F9:A2:C2:D0:62","sha256":"D8:5B:F4:35:C6:F5:9C:AE:95:BB:5C:A9:3E:61:B6:13:E7:D6:E5:E3:64:B9:D8:A2:F0:28:B8:1C:F9:65:27:3A"}}},"request":{"raw":"GET /advertising.js HTTP/1.1\r\nHost: js.capndr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Sep 2025 19:14:28 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 0\r\nserver: nginx/1.18.0\r\nlast-modified: Fri, 14 Jul 2023 08:23:25 GMT\r\netag: \"64b105fd-0\"\r\nexpires: Tue, 23 Sep 2025 19:19:28 GMT\r\ncache-control: max-age=300\r\nx-cdn-host-id: AH1742\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":208,"timings":{"blocked":93,"dns":38,"connect":23,"send":0,"wait":22,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"js.capndr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"about.kozak.cx.ua/favicon.ico","fqdn":"about.kozak.cx.ua","domain":"kozak.cx.ua","tld":"cx.ua"},"ip":{"addr":"172.67.148.48","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:28.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kozak.cx.ua","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Sep 2025 20:34:10 GMT","end":"Wed, 17 Dec 2025 21:32:33 GMT"},"fingerprint":{"sha1":"4D:E5:5C:6E:11:3A:C2:EF:50:1C:F2:47:22:F9:FF:9D:8C:2A:AC:80","sha256":"C2:65:08:01:2B:C4:E4:76:07:A9:8E:25:24:C3:CA:3C:AA:63:2E:88:25:FA:E3:95:0F:F6:64:50:0E:39:2D:09"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: about.kozak.cx.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html\r\nCookie: se=-; country=NO; 29abed27e59fd322b0663a23e30d1dbc=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nserver: cloudflare\r\ndate: Tue, 23 Sep 2025 19:14:28 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\nset-cookie: 29abed27e59fd322b0663a23e30d1dbc=10; SameSite=Lax; Path=/; Domain=about.kozak.cx.ua; Max-Age=864000; Expires=Fri, 03 Oct 2025 19:14:28 GMT\r\nx-frame-options: DENY\r\ncache-control: no-transform\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlink: \u003chttps://about.kozak.cx.ua/wp-json/\u003e; rel=\"https://api.w.org/\"\r\nx-redirect-by: WordPress\r\nlocation: https://about.kozak.cx.ua/wp-includes/images/w-logo-blue-white-bg.png\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jOFZQwTb28oOBIZyXiwKWX2xLTtl9PabIdz3Q55UlXnzGbaPJo8wEojnKFGG1QpgSKjRI9srqPtNW05B8bHy83OfXW5LPa9F8xXTRA%2F7RtQc\"}]}\r\ncf-ray: 983c5d81ceff8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]}],"data":{"size":4119,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fp.metricswpsh.com/fp?tag_id=184057","fqdn":"fp.metricswpsh.com","domain":"metricswpsh.com","tld":"com"},"ip":{"addr":"157.90.84.242","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:29.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"notification.tubecup.net","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 Aug 2025 02:47:45 GMT","end":"Thu, 13 Nov 2025 02:47:44 GMT"},"fingerprint":{"sha1":"F4:AD:2A:0D:F1:0A:AB:04:F2:6F:6F:72:39:99:7F:4B:E4:5B:2E:4C","sha256":"12:8C:54:04:9B:26:0A:7E:35:D0:23:72:4F:A8:FC:52:77:D0:9D:FA:F5:AC:FE:2F:D2:49:97:F4:24:B6:72:0A"}}},"request":{"raw":"POST /fp?tag_id=184057 HTTP/1.1\r\nHost: fp.metricswpsh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 1973\r\nOrigin: https://about.kozak.cx.ua\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Tue, 23 Sep 2025 19:14:29 GMT\r\nContent-Type: application/json; charset=UTF-8\r\nContent-Length: 58\r\nConnection: keep-alive\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Origin: https://about.kozak.cx.ua\r\nSet-Cookie: id=15214406320628947215; Expires=Wed, 23 Sep 2026 19:14:29 GMT; Secure; SameSite=None\r\nVary: Origin\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"c4efc1d6d16235d9433cd2565d887460","sha1":"22d069a5f536640e46122475c79db933e82d7f2e","sha256":"f0a6b8c736b7d8c5d3304a9ccd10d2114a0f25f2ba946cce62204df3384a131f","sha512":"af1cfe529f3173efdc7f4aff67355529095e775d8edb38d8a7c9565e09807aff470a465ffdf89ef6555f06cc88efa675823becc942896c63fa64a3140858f539","ssdeep":"","tlshash":"5ba00294c5c00e3c80200c3a73cf901628e4d304120217880ca66b5108822abe333c91","first_seen":"2025-07-26T17:44:43.174102Z","last_seen":"2026-06-01T18:04:59.486584Z","times_seen":6901,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":8,"connect":25,"send":0,"wait":26,"receive":0,"ssl":64},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"fp.metricswpsh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"about.kozak.cx.ua/wp-includes/images/w-logo-blue-white-bg.png","fqdn":"about.kozak.cx.ua","domain":"kozak.cx.ua","tld":"cx.ua"},"ip":{"addr":"172.67.148.48","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:29.512Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kozak.cx.ua","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Sep 2025 20:34:10 GMT","end":"Wed, 17 Dec 2025 21:32:33 GMT"},"fingerprint":{"sha1":"4D:E5:5C:6E:11:3A:C2:EF:50:1C:F2:47:22:F9:FF:9D:8C:2A:AC:80","sha256":"C2:65:08:01:2B:C4:E4:76:07:A9:8E:25:24:C3:CA:3C:AA:63:2E:88:25:FA:E3:95:0F:F6:64:50:0E:39:2D:09"}}},"request":{"raw":"GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1\r\nHost: about.kozak.cx.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: se=-; country=NO; 29abed27e59fd322b0663a23e30d1dbc=10\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Sep 2025 19:14:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 4119\r\nlast-modified: Mon, 15 Nov 2021 21:04:02 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"6192cb42-1017\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TU2p2lpnutczRB5tFO7jR9FzQAf2jMFstOe1rt%2FCzBQrSjMfR412BcGiz7bGSUDbYPTGB2ro7ZrTrj0HM5o3Ta3krtWXwypDi%2Fr2Q1thdHmD\"}]}\r\nvary: accept-encoding\r\ncf-ray: 983c5d867fc18deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4119,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced","md5":"000bf649cc8f6bf27cfb04d1bcdcd3c7","sha1":"d73d2f6d74ec6cdcbae07955592962e77d8ae814","sha256":"6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0","sha512":"73d2ea5ffc572c1ae73f37f8f0ff25e945afee8e077b6ee42ce969e575cdc2d8444f90848ea1cb4d1c9ee4bd725aee2b4576afc25f17d7295a90e1cbfe6edfd5","ssdeep":"96:h3bdWfcmTY+aRF1pXWZL2+42HGhIUc8KeLEd:hgXTY+as02mOB8XLEd","tlshash":"00814b63df38c566e66a2b189ff6bca56b290fd50ca1194c0eecb025632c06d1065089","first_seen":"2023-04-08T12:31:37Z","last_seen":"2026-06-01T17:45:21.753672Z","times_seen":65692,"resource_available":true,"data":null}},"time_used":53,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":52,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ba594324dd.0ca5b8dbfd.com/in/show/?tag_ab=d\u0026site_id=31683078\u0026adblock=0\u0026testab=0\u0026auction_host=apply\u0026mm=0\u0026yc=0\u0026render_type=mq\u0026pr=about.kozak.cx.ua\u0026user_keywords=\u0026device_theme=light\u0026v2_track=0\u0026v2=0\u0026conditions=all,dch_ip,tz_offset\u0026ssp=3964\u0026page=https%3A%2F%2Fabout.kozak.cx.ua%2Fpsikhologiya%2Fkhto-donka-magneto.html\u0026refdom=about.kozak.cx.ua\u0026auction_time=1758654870\u0026subid=903994416\u0026sid=1239762739\u0026tcid=0\u0026ver=8.242.5\u0026ver_c=\u0026spot_id=683078\u0026utm_source=\u0026utm_medium=\u0026utm_campaign=\u0026utm_content=\u0026created_at=2025-09-23\u0026iabcat=IAB12-12\u0026user_fp=3062215412326782139\u0026score=92.99672762512988\u0026kubik_score=76.978\u0026kaminari_bot_ip=1\u0026durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D903994416%26spot_id%3D683078%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fabout.kozak.cx.ua%252Fpsikhologiya%252Fkhto-donka-magneto.html%26idzone%3D0%26sid%3D1885\u0026is_cpm=0\u0026resp_type=\u0026crid=\u0026crtid=b0681ff5c1739e7f8bdbb8527f77d810\u0026url=http%3A%2F%2Fxml-v4.bomdukop-3.online%2Fclick%3Fi%3D5VrR%2Aa2Pkko_0%26p%3D1758654870.364242\u0026icons=BuEq_hv5GEZT5a6g5gcWXyzVXp0KA8iVa72e-xRrs9EJ6u_yA2oWluMMVK_BIP0cOgvBBqsOk3o3A5L6oGsIUHWwdkkhzdrlxhjh2jUdz4sZN9BW6Gohm463cyGijLhwYn6v4m8n0yRkRbQrm04lWVTJz1Yies_7vgopAd1sO4Y8OMekCg\u0026ext_cid=0\u0026px_id=53683078\u0026min_cpm=0.001717350620485275\u0026out_id=0\u0026campaign_type=lq-pop\u0026aid=178\u0026cid=12030\u0026uniq=440ccc06364b6474787509410e24a4f294867e2c2cc1432228ed7b4a59232aee\u0026mid=1231706220685087909\u0026skin_id=71\u0026vertical_id=19\u0026skin_test=0\u0026from_cache=0\u0026ecpm=0.022908511886554243\u0026cpm=0.03151102055936284\u0026verify_hash=f91f087d276dd7aa866f51c1574e8d8e\u0026verify_hash_v2=7369bd90dd940597291699940e59c0457a7e34b57413b9408ff24090665d3f4c\u0026is_native=2\u0026real_bid=0.000407119998931884\u0026original_bid_usd=0.00056\u0026original_bid=0.00056\u0026show_type=0\u0026exp=1440\u0026placement_type_id=0\u0026ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0\u0026ip_mismatch=91.90.42.154\u0026geo=NO\u0026carrier=-\u0026label_ids=83,89,20,27,150,19\u0026need_redirect_show=0\u0026applied_features=coef_095,main-skins-settings\u0026show_count=1\u0026expiration_timestamp=1758741270\u0026image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp\u0026site=native-push-mainstream\u0026price=0.00056\u0026hostname=auc-inpage-hz-6-a\u0026auc_type=1\u0026pop_type=1\u0026site_id64=\u0026interest_vertical_ids=\u0026mo=\u0026ve=\u0026timezone_olson=UTC\u0026topics=\u0026historical_keywords=test,torrents\u0026pop_cpc=0.0000005599999999999999\u0026ext_campaign_id_str=\u0026is_webview=0\u0026client_price=0\u0026direct_client_price=0\u0026priority=0\u0026client_payment_model=\u0026is_in_app=0\u0026auc_domain_type=hash\u0026script_type=general\u0026tma_wallet_balance=0\u0026processed_keywords=test\u0026is_iframe=0\u0026traffic_category=mainstream\u0026iframe_click=0\u0026estimated_ctr=0.0562696795702908\u0026social_network=\u0026publisher_id=54969\u0026advanced_pub_id=5354969\u0026user_click_counter=1\u0026lv_id=0\u0026service_spot_id=0\u0026mediation_ecpm=0\u0026mediation_type=no_mediation\u0026entry_source=inner\u0026pattern1=0\u0026pattern2=0\u0026pattern3=0\u0026pattern4=0\u0026pattern5=0\u0026format=gamblingBlueMessage-view-b_r-body\u0026mlf=1\u0026cpa=de9f786e-87b0-4bc4-9f29-41d499e895b5\u0026prev_step_diff=766\u0026st=0.03","fqdn":"ba594324dd.0ca5b8dbfd.com","domain":"0ca5b8dbfd.com","tld":"com"},"ip":{"addr":"116.202.249.56","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:30.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"0ca5b8dbfd.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Sep 2025 14:04:06 GMT","end":"Thu, 18 Dec 2025 14:04:05 GMT"},"fingerprint":{"sha1":"89:5E:27:AF:AB:73:AC:30:40:0D:B5:EC:09:CA:29:85:5C:FB:CC:59","sha256":"0B:E4:DF:FD:14:9D:6B:83:67:4D:39:59:0A:4A:7D:CE:79:F5:AA:A8:E5:E4:34:6A:A2:54:45:6A:29:1F:B1:8C"}}},"request":{"raw":"GET /in/show/?tag_ab=d\u0026site_id=31683078\u0026adblock=0\u0026testab=0\u0026auction_host=apply\u0026mm=0\u0026yc=0\u0026render_type=mq\u0026pr=about.kozak.cx.ua\u0026user_keywords=\u0026device_theme=light\u0026v2_track=0\u0026v2=0\u0026conditions=all,dch_ip,tz_offset\u0026ssp=3964\u0026page=https%3A%2F%2Fabout.kozak.cx.ua%2Fpsikhologiya%2Fkhto-donka-magneto.html\u0026refdom=about.kozak.cx.ua\u0026auction_time=1758654870\u0026subid=903994416\u0026sid=1239762739\u0026tcid=0\u0026ver=8.242.5\u0026ver_c=\u0026spot_id=683078\u0026utm_source=\u0026utm_medium=\u0026utm_campaign=\u0026utm_content=\u0026created_at=2025-09-23\u0026iabcat=IAB12-12\u0026user_fp=3062215412326782139\u0026score=92.99672762512988\u0026kubik_score=76.978\u0026kaminari_bot_ip=1\u0026durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D903994416%26spot_id%3D683078%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fabout.kozak.cx.ua%252Fpsikhologiya%252Fkhto-donka-magneto.html%26idzone%3D0%26sid%3D1885\u0026is_cpm=0\u0026resp_type=\u0026crid=\u0026crtid=b0681ff5c1739e7f8bdbb8527f77d810\u0026url=http%3A%2F%2Fxml-v4.bomdukop-3.online%2Fclick%3Fi%3D5VrR%2Aa2Pkko_0%26p%3D1758654870.364242\u0026icons=BuEq_hv5GEZT5a6g5gcWXyzVXp0KA8iVa72e-xRrs9EJ6u_yA2oWluMMVK_BIP0cOgvBBqsOk3o3A5L6oGsIUHWwdkkhzdrlxhjh2jUdz4sZN9BW6Gohm463cyGijLhwYn6v4m8n0yRkRbQrm04lWVTJz1Yies_7vgopAd1sO4Y8OMekCg\u0026ext_cid=0\u0026px_id=53683078\u0026min_cpm=0.001717350620485275\u0026out_id=0\u0026campaign_type=lq-pop\u0026aid=178\u0026cid=12030\u0026uniq=440ccc06364b6474787509410e24a4f294867e2c2cc1432228ed7b4a59232aee\u0026mid=1231706220685087909\u0026skin_id=71\u0026vertical_id=19\u0026skin_test=0\u0026from_cache=0\u0026ecpm=0.022908511886554243\u0026cpm=0.03151102055936284\u0026verify_hash=f91f087d276dd7aa866f51c1574e8d8e\u0026verify_hash_v2=7369bd90dd940597291699940e59c0457a7e34b57413b9408ff24090665d3f4c\u0026is_native=2\u0026real_bid=0.000407119998931884\u0026original_bid_usd=0.00056\u0026original_bid=0.00056\u0026show_type=0\u0026exp=1440\u0026placement_type_id=0\u0026ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0\u0026ip_mismatch=91.90.42.154\u0026geo=NO\u0026carrier=-\u0026label_ids=83,89,20,27,150,19\u0026need_redirect_show=0\u0026applied_features=coef_095,main-skins-settings\u0026show_count=1\u0026expiration_timestamp=1758741270\u0026image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp\u0026site=native-push-mainstream\u0026price=0.00056\u0026hostname=auc-inpage-hz-6-a\u0026auc_type=1\u0026pop_type=1\u0026site_id64=\u0026interest_vertical_ids=\u0026mo=\u0026ve=\u0026timezone_olson=UTC\u0026topics=\u0026historical_keywords=test,torrents\u0026pop_cpc=0.0000005599999999999999\u0026ext_campaign_id_str=\u0026is_webview=0\u0026client_price=0\u0026direct_client_price=0\u0026priority=0\u0026client_payment_model=\u0026is_in_app=0\u0026auc_domain_type=hash\u0026script_type=general\u0026tma_wallet_balance=0\u0026processed_keywords=test\u0026is_iframe=0\u0026traffic_category=mainstream\u0026iframe_click=0\u0026estimated_ctr=0.0562696795702908\u0026social_network=\u0026publisher_id=54969\u0026advanced_pub_id=5354969\u0026user_click_counter=1\u0026lv_id=0\u0026service_spot_id=0\u0026mediation_ecpm=0\u0026mediation_type=no_mediation\u0026entry_source=inner\u0026pattern1=0\u0026pattern2=0\u0026pattern3=0\u0026pattern4=0\u0026pattern5=0\u0026format=gamblingBlueMessage-view-b_r-body\u0026mlf=1\u0026cpa=de9f786e-87b0-4bc4-9f29-41d499e895b5\u0026prev_step_diff=766\u0026st=0.03 HTTP/1.1\r\nHost: ba594324dd.0ca5b8dbfd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0\r\ndate: Tue, 23 Sep 2025 19:14:30 GMT\r\ncontent-length: 0\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"ba594324dd.0ca5b8dbfd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp","fqdn":"static.bookmsg.com","domain":"bookmsg.com","tld":"com"},"ip":{"addr":"45.133.44.24","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:30.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bookmsg.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 02:32:45 GMT","end":"Mon, 27 Oct 2025 02:32:44 GMT"},"fingerprint":{"sha1":"30:1F:04:06:2B:99:7A:B4:24:F9:4B:DB:29:5F:D7:52:7F:F4:FE:45","sha256":"27:BC:39:2A:E4:27:93:38:6A:79:24:38:E8:BD:2C:D0:7E:10:40:F0:EE:3D:C9:54:7A:0E:39:62:7C:27:AE:FA"}}},"request":{"raw":"GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1\r\nHost: static.bookmsg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Sep 2025 19:14:30 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1066\r\nserver: nginx/1.24.0\r\nlast-modified: Fri, 31 May 2024 10:56:43 GMT\r\netag: \"6659aceb-42a\"\r\nexpires: Wed, 23 Sep 2026 19:14:30 GMT\r\ncache-control: max-age=31536000\r\nx-cdn-host-id: DS5058\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1066,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2a11e13b2bd67bb9a6cb347d7c73df13","sha1":"b85460a33f9b229f42c08a6a94ae433a4d5c32ab","sha256":"1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56","sha512":"059dd018bbf13a669d73f07442288f165bc6b305afb0df955773a0efb7454b8204095196231179fab4cb625e189c7c735fe41dc5b67fb8666d584214277186e6","ssdeep":"","tlshash":"7511b56be46c4dfede41f0408dd80256f8324a5c8aaeaf39058bc7da4f584143a6f01a","first_seen":"2024-02-20T18:30:33Z","last_seen":"2026-06-01T18:04:59.514546Z","times_seen":11393,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":100,"dns":53,"connect":19,"send":0,"wait":19,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"about.kozak.cx.ua/wp-content/themes/martanda/style.min.css?ver=1.1.3","fqdn":"about.kozak.cx.ua","domain":"kozak.cx.ua","tld":"cx.ua"},"ip":{"addr":"172.67.148.48","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:28.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kozak.cx.ua","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Sep 2025 20:34:10 GMT","end":"Wed, 17 Dec 2025 21:32:33 GMT"},"fingerprint":{"sha1":"4D:E5:5C:6E:11:3A:C2:EF:50:1C:F2:47:22:F9:FF:9D:8C:2A:AC:80","sha256":"C2:65:08:01:2B:C4:E4:76:07:A9:8E:25:24:C3:CA:3C:AA:63:2E:88:25:FA:E3:95:0F:F6:64:50:0E:39:2D:09"}}},"request":{"raw":"GET /wp-content/themes/martanda/style.min.css?ver=1.1.3 HTTP/1.1\r\nHost: about.kozak.cx.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html\r\nCookie: se=-; country=NO; 29abed27e59fd322b0663a23e30d1dbc=1\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Sep 2025 19:14:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 12 May 2025 06:09:28 GMT\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"68219098-7865\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0cN12nZUwOXssAy6UiGjBXQExhXjEhhAFonyMxeLi2ewBippvQhr%2B63B9RA%2B8qNpjMTNLmD9JQi5aK0fJj3LrZC0rJ%2Fu4tMUADLGxB9uV8Uz\"}]}\r\ncf-ray: 983c5d7f3ea18deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30821,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (30821), with no line terminators","md5":"5f2a95cba88e71d8b4136ff4589fc91a","sha1":"9d5d7850a758087611c232c339d3169cb5e748bf","sha256":"b1919c8a0c5db136409e3d203fd73df2e7972816bab4e0cf9dd9f9ff8eb77e57","sha512":"448d1ec58679e1860675060689167a586fbf87c6e86253182c646ebf70a13e4acd3248de08535a03a0f20e6fe6ff1be495aab761112fe429b6be3e689765b0f3","ssdeep":"768:lqHPUgr9svtxzbQBkuevxj7QI4pyMUVTGKDj0yMVxoYWaGxxl8IFLUbxwBgJ2MQm:lqHPvr9svUD","tlshash":"dbd22d51f67078f63936072aa78692982552bc70ca0122e2f4a7c39473cb6ff46d774b","first_seen":"2025-05-10T19:17:17.958303Z","last_seen":"2026-05-16T13:06:35.504776Z","times_seen":11,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ba594324dd.0ca5b8dbfd.com/in/multy","fqdn":"ba594324dd.0ca5b8dbfd.com","domain":"0ca5b8dbfd.com","tld":"com"},"ip":{"addr":"116.202.249.56","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:29.825Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"0ca5b8dbfd.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Sep 2025 14:04:06 GMT","end":"Thu, 18 Dec 2025 14:04:05 GMT"},"fingerprint":{"sha1":"89:5E:27:AF:AB:73:AC:30:40:0D:B5:EC:09:CA:29:85:5C:FB:CC:59","sha256":"0B:E4:DF:FD:14:9D:6B:83:67:4D:39:59:0A:4A:7D:CE:79:F5:AA:A8:E5:E4:34:6A:A2:54:45:6A:29:1F:B1:8C"}}},"request":{"raw":"OPTIONS /in/multy HTTP/1.1\r\nHost: ba594324dd.0ca5b8dbfd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://about.kozak.cx.ua/\r\nOrigin: https://about.kozak.cx.ua\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx/1.24.0\r\ndate: Tue, 23 Sep 2025 19:14:29 GMT\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":259,"timings":{"blocked":101,"dns":34,"connect":24,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"ba594324dd.0ca5b8dbfd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ba594324dd.0ca5b8dbfd.com/in/multy","fqdn":"ba594324dd.0ca5b8dbfd.com","domain":"0ca5b8dbfd.com","tld":"com"},"ip":{"addr":"116.202.249.56","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://about.kozak.cx.ua/psikhologiya/khto-donka-magneto.html","date":"2025-09-23T19:14:29.995Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"0ca5b8dbfd.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Sep 2025 14:04:06 GMT","end":"Thu, 18 Dec 2025 14:04:05 GMT"},"fingerprint":{"sha1":"89:5E:27:AF:AB:73:AC:30:40:0D:B5:EC:09:CA:29:85:5C:FB:CC:59","sha256":"0B:E4:DF:FD:14:9D:6B:83:67:4D:39:59:0A:4A:7D:CE:79:F5:AA:A8:E5:E4:34:6A:A2:54:45:6A:29:1F:B1:8C"}}},"request":{"raw":"POST /in/multy HTTP/1.1\r\nHost: ba594324dd.0ca5b8dbfd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 3327\r\nOrigin: https://about.kozak.cx.ua\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://about.kozak.cx.ua/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0\r\ndate: Tue, 23 Sep 2025 19:14:30 GMT\r\ncontent-type: application/json\r\ncontent-length: 3450\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44298,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"98590e2b7084767914d8a7fb181166c5","sha1":"b1a37829c510f5db1879e69d6b3c0fe172019040","sha256":"e22439c46b24eb4691fb1d572f0f5ecec09c5fad46238fce3911a170db71b031","sha512":"9e05bbbb6325203b3d880b3df884fa5ea5f38b285c0002b75782852cd80c3d4546affe12b3bacca9ac4a9fe363b20950113697f6472f84d43c45510f7e1106ae","ssdeep":"768:Sgtkakfk5kZkb48kzk5gnwkYwkuwkkwkEwkT4uwkxwky:Sg2sgni4WOyuvw","tlshash":"ab131a93485f9ea305e3e11f6413b21135806b2bb7e11bead972c422c6b537e22dbd5c","first_seen":"2025-09-23T19:14:58.972703Z","last_seen":"2025-09-23T19:14:58.972703Z","times_seen":1,"resource_available":false,"data":null}},"time_used":575,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":574,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"ba594324dd.0ca5b8dbfd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}