{"report_id":"b286c09d-2b14-416c-9a9c-17d78ca6830c","version":6,"status":"done","tags":[],"date":"2026-02-13T19:48:15Z","url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"title":"ELLA","dom":{"size":8304,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"0735925a5c27c9e7725e374444284eda","sha1":"f964bfb396a0e526be2584797f568fe60cfb0970","sha256":"c68e2656e2b396d3fd408a15a296f3a5d4f0094d7efaabf3dc4247a562b78377","sha512":"3986e7fffc1fa2fe1fc39865256f91ca0f3f402fe0fe9b7edf97673ce7a936ea8ac1bbe36b6b9947447fa191f6c7a894a9ee1746509f5e7a5b299e73e966fd8e","ssdeep":"192:fUb0fYLYMvFyJFbcp5WZIRtXAtDTKhprE:t2ySWytI","tlshash":"ef022c4c2dd791b6593338b3c3bbb209797864035505c88479ece658bfa12a68a1ef85","dom_hash":"domhash134d123080f58a536a7d4da4d4e2f070","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-20T19:48:15Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-02-08T23:01:04.95628Z","alert_count":0,"request_count":2,"received_data":109007,"sent_data":885,"comment":"","tags":null,"fingerprints":null},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.2.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2026-02-08T22:46:54.368985Z","alert_count":0,"request_count":1,"received_data":529653,"sent_data":423,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"d3e54v103j8qbb.cloudfront.net","ip":{"addr":"54.192.209.151","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2016-03-11T23:08:14Z","last_seen":"2026-02-09T07:33:56.483456Z","alert_count":0,"request_count":1,"received_data":90095,"sent_data":505,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"uploads-ssl.webflow.com","ip":{"addr":"104.18.34.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2003-03-31","domain_rank":229417,"first_seen":"2018-01-28T08:50:30Z","last_seen":"2026-02-13T02:31:59.752558Z","alert_count":0,"request_count":2,"received_data":14471,"sent_data":1119,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"anonella.xyz","ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2026-01-12","domain_rank":0,"first_seen":"2026-02-13T02:33:53.008539Z","last_seen":"2026-02-13T02:33:53.008539Z","alert_count":40,"request_count":40,"received_data":4266683,"sent_data":18236,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Google Font API","description":"Google Font API is a web service that supports open-source font files that can be used on your web designs.","website":"https://google.com/fonts","common_platform_enumeration":"","icon":"Google Font API.svg","categories":["Font scripts"]},{"name":"jQuery UI:1.13.1","description":"jQuery UI is a collection of GUI widgets, animated visual effects, and themes implemented with jQuery, Cascading Style Sheets, and HTML.","website":"https://jqueryui.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery_ui:*:*:*:*:*:*:*:*","icon":"jQuery UI.svg","categories":["JavaScript libraries"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]}]},{"fqdn":"cdn2.kidmons.com","ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"domain_registered":"2016-01-15","domain_rank":0,"first_seen":"2017-11-08T11:43:02Z","last_seen":"2026-02-13T02:33:53.538017Z","alert_count":45,"request_count":45,"received_data":1801684,"sent_data":22259,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"PHP:7.2.34","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:1.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-02-08T22:17:48.645662Z","alert_count":0,"request_count":1,"received_data":6389,"sent_data":490,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-02-08T22:14:51.234086Z","alert_count":0,"request_count":4,"received_data":102637,"sent_data":2205,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"cea5d26109582b5c249f3af1e5bea97a","sha1":"d35688904b1c76dbe2c0613547e20944b829ed21","sha256":"0f71b81934068eb06e073bc08b36e36baaec69d433c30336be457e89a6c1db80","sha512":"72d863e54f6ec3df152d865c050a5f68e15028db23b393ed8f57453bafdd61d7ec7c882f8cc9d1dbe83e719f00d582fbaea08934f126653bb8c925e369eb31dc","ssdeep":"","tlshash":"d3c02bc486f957033073003a0d3e6342a112ab0fd040c8147fbc43309f8c0100148288","size":168,"data":"","first_seen":"2026-02-13T02:34:07.19659Z","last_seen":"2026-02-13T19:48:24.0362Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/src/Game.js","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"a1c7ade2c045ff8611b72c90a415da38","sha1":"ed7ad9f55a10d44bb9da28ff1f497de5a412fca1","sha256":"ae54952f32b3452dc95f96cab9135bd1914551118f7e461f8a2149cb1503cb22","sha512":"4bab59895ba10c0a0325f404b2ce514fa31ab787acbf0ec27768bd7b0669d786f7967c382b58fac6448e6f50ff0c4207f1ce41fc689d5a884200031a2f87d3b3","ssdeep":"384:2yt9MOQ4r7Y1kWsNBgU/63ZxGAfUEEfpmJGCXhG7D4xf91o7W7:2ygbENg3L9fUEqCXhG7c1sW7","tlshash":"df0335d833f3a91e026272570a2b1036e25f76c3350e72d5753de87d6928389a53f53a","size":38399,"data":"","first_seen":"2026-02-13T02:34:07.112373Z","last_seen":"2026-02-13T19:48:24.01178Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"domTimer","is_inline":false,"md5":"889413457d1070a6daa95ced7bbbd7de","sha1":"f6c0a025aa709ed1820b60ba04c751e5a031c930","sha256":"36e6d2f767f21bbbb48677732d90b55da4b5980ef8285429fff74623f5b1f293","sha512":"0f336ae760770654f30a9700b6ed11656b83860856f2ebd961ef0929ec110561458ab5da856681e4465ae8972d1434b2f6483249a01a05ccaf7ab8b5caaf629b","ssdeep":"","tlshash":"bb01000cc0330300033030300c3000000300c333c003cc000000c003c00c300c00c00c","size":731,"data":"","first_seen":"2026-02-13T02:34:07.194778Z","last_seen":"2026-02-13T19:48:24.037152Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"domTimer","is_inline":false,"md5":"889413457d1070a6daa95ced7bbbd7de","sha1":"f6c0a025aa709ed1820b60ba04c751e5a031c930","sha256":"36e6d2f767f21bbbb48677732d90b55da4b5980ef8285429fff74623f5b1f293","sha512":"0f336ae760770654f30a9700b6ed11656b83860856f2ebd961ef0929ec110561458ab5da856681e4465ae8972d1434b2f6483249a01a05ccaf7ab8b5caaf629b","ssdeep":"","tlshash":"bb01000cc0330300033030300c3000000300c333c003cc000000c003c00c300c00c00c","size":731,"data":"","first_seen":"2026-02-13T02:34:07.194778Z","last_seen":"2026-02-13T19:48:24.037152Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"domTimer","is_inline":false,"md5":"889413457d1070a6daa95ced7bbbd7de","sha1":"f6c0a025aa709ed1820b60ba04c751e5a031c930","sha256":"36e6d2f767f21bbbb48677732d90b55da4b5980ef8285429fff74623f5b1f293","sha512":"0f336ae760770654f30a9700b6ed11656b83860856f2ebd961ef0929ec110561458ab5da856681e4465ae8972d1434b2f6483249a01a05ccaf7ab8b5caaf629b","ssdeep":"","tlshash":"bb01000cc0330300033030300c3000000300c333c003cc000000c003c00c300c00c00c","size":731,"data":"","first_seen":"2026-02-13T02:34:07.194778Z","last_seen":"2026-02-13T19:48:24.037152Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"domTimer","is_inline":false,"md5":"889413457d1070a6daa95ced7bbbd7de","sha1":"f6c0a025aa709ed1820b60ba04c751e5a031c930","sha256":"36e6d2f767f21bbbb48677732d90b55da4b5980ef8285429fff74623f5b1f293","sha512":"0f336ae760770654f30a9700b6ed11656b83860856f2ebd961ef0929ec110561458ab5da856681e4465ae8972d1434b2f6483249a01a05ccaf7ab8b5caaf629b","ssdeep":"","tlshash":"bb01000cc0330300033030300c3000000300c333c003cc000000c003c00c300c00c00c","size":731,"data":"","first_seen":"2026-02-13T02:34:07.194778Z","last_seen":"2026-02-13T19:48:24.037152Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7c96a5f11d9741541d5e3c42ff6380d7","sha1":"d3fa2564c021cf730e58ffddb138cf6b57ed126e","sha256":"81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee","sha512":"23c162a2e268951729b580e5035ad6ca9969cfcc5ce58a220817b912e76b38be6c29c3ca7680cb4e8198863d95a72ea65bd06ff7189b5c8475e4c1ce501aeab1","ssdeep":"384:i11kqRm4UjryX2DfatZrT80NCGz5r2zItrX:iEqRm4cy338m7d","tlshash":"7942c65d7652b26a825280f2177f060b9576fa2ab844c0bc7a89d8d46c74db8037ff7c","size":13188,"data":"","first_seen":"2023-03-07T01:03:17Z","last_seen":"2026-06-08T15:30:03.858964Z","times_seen":60446,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6440775b98cac1c304cd2c06","fqdn":"d3e54v103j8qbb.cloudfront.net","domain":"d3e54v103j8qbb.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.151","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89476,"data":"","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-06-08T15:33:40.359507Z","times_seen":249738,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"0a9a30fe97b320b476808a1bdc7504fa","sha1":"5fa06cf74e7203f5e0631bb778055bd16261a666","sha256":"3cf65056b7d2c4498a3311bce3fb774d44795f80b82f8844ccf268086d226300","sha512":"76fe1bf0a856d53c2b4c7008aacff971f1e33a57b925011b869a73a3668dd0e1e3ffd8bc241963f859161d5e204aa496a82879c062c2216595d6ad0e4321b521","ssdeep":"","tlshash":"4fd0973b21d0103c08072608372fb8063e43114b36406801fd1e43c02f83cbb2912aad","size":288,"data":"","first_seen":"2025-08-07T15:52:14.126792Z","last_seen":"2026-02-13T19:48:24.038038Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/src/Preloader.js","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"031ae7fa632f3f9ffee9b0755992ffc3","sha1":"6c05509278800a0b0cd1ee8d6ed3a53f555b998d","sha256":"5f670d4965a33e515056c4744237f801550dd8a5511dcd0f969bf9329ba99f98","sha512":"44ba2eab49618dba2258bbbd7b26607e01fc09e77dbe28c176ac834ef02796f2cc03713b25ca8de6d97352f5675bfbe9ba1ab9f82c3621499f5cf44aa986782d","ssdeep":"96:Mvz6zrMfwOYYgYDQJXcBu2uDwHYCuqlmydy6aCCdhOw2:q4iQJXcBYDmYxQLXH","tlshash":"40a18c4d1b0ac900843b114fbe4f64ae4d996a4fdc82c55db86cc8e6ffa49747578e31","size":4686,"data":"","first_seen":"2026-02-13T02:34:07.023958Z","last_seen":"2026-02-13T19:48:23.967258Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/index.php","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"f56ac3d0fc4809ae1c100a6b745ccf4b","sha1":"935a896682894fb36a7bfce30a960c51672083b5","sha256":"ac1e06ffe7bf6c03d4eeb288ffd1c2d65059d1711afe71c31fa857173e06221e","sha512":"5186739c841b2271603979bd857d828a7d11388fc51c721e806d62b096226d3f9f0d6f72dcc191b38eb1adda5cb9e976e4d107a2500ff780433be8d02b5bb2b4","ssdeep":"","tlshash":"735000000000000000000000000000000000000300000000300c000003000000000000","size":9,"data":"","first_seen":"2023-03-07T01:06:24Z","last_seen":"2026-06-07T07:21:26.479179Z","times_seen":2786,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"domTimer","is_inline":false,"md5":"889413457d1070a6daa95ced7bbbd7de","sha1":"f6c0a025aa709ed1820b60ba04c751e5a031c930","sha256":"36e6d2f767f21bbbb48677732d90b55da4b5980ef8285429fff74623f5b1f293","sha512":"0f336ae760770654f30a9700b6ed11656b83860856f2ebd961ef0929ec110561458ab5da856681e4465ae8972d1434b2f6483249a01a05ccaf7ab8b5caaf629b","ssdeep":"","tlshash":"bb01000cc0330300033030300c3000000300c333c003cc000000c003c00c300c00c00c","size":731,"data":"","first_seen":"2026-02-13T02:34:07.194778Z","last_seen":"2026-02-13T19:48:24.037152Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"domTimer","is_inline":false,"md5":"889413457d1070a6daa95ced7bbbd7de","sha1":"f6c0a025aa709ed1820b60ba04c751e5a031c930","sha256":"36e6d2f767f21bbbb48677732d90b55da4b5980ef8285429fff74623f5b1f293","sha512":"0f336ae760770654f30a9700b6ed11656b83860856f2ebd961ef0929ec110561458ab5da856681e4465ae8972d1434b2f6483249a01a05ccaf7ab8b5caaf629b","ssdeep":"","tlshash":"bb01000cc0330300033030300c3000000300c333c003cc000000c003c00c300c00c00c","size":731,"data":"","first_seen":"2026-02-13T02:34:07.194778Z","last_seen":"2026-02-13T19:48:24.037152Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"domTimer","is_inline":false,"md5":"889413457d1070a6daa95ced7bbbd7de","sha1":"f6c0a025aa709ed1820b60ba04c751e5a031c930","sha256":"36e6d2f767f21bbbb48677732d90b55da4b5980ef8285429fff74623f5b1f293","sha512":"0f336ae760770654f30a9700b6ed11656b83860856f2ebd961ef0929ec110561458ab5da856681e4465ae8972d1434b2f6483249a01a05ccaf7ab8b5caaf629b","ssdeep":"","tlshash":"bb01000cc0330300033030300c3000000300c333c003cc000000c003c00c300c00c00c","size":731,"data":"","first_seen":"2026-02-13T02:34:07.194778Z","last_seen":"2026-02-13T19:48:24.037152Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/index.php","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"709be61f72ff0ecdb224538e1c398287","sha1":"817f38d29fd8d0933a2d429d663022465757121f","sha256":"10171d3aa5bb146ab6d84ef69b1962d71ab683040110279c926ed6f16de752a9","sha512":"edb9ac4110d61862216a467bd2705b0c6730690149fc514774d15979bf1474aa00d379160fc21c4905e5b7baf2805ea524d5c76ce636a3c4b1a8da4b38df2e33","ssdeep":"","tlshash":"e421299c1dd313d3dd7274f68b7fab45303424674488e8007a1dc7805f528679b05ace","size":1264,"data":"","first_seen":"2026-02-13T02:34:07.211957Z","last_seen":"2026-02-13T19:48:24.039564Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"4e2a6e8bb8e20544453256b260b24530","sha1":"b9903f81b1e2940c5668a303c3d5aacc67926518","sha256":"edbb217570b5b0910bb5c9739316efe8ebb067b374fe58f801736e92cf1c4189","sha512":"4f910509026b747b20141f86d8ee1204b61ebb71a314fb323df14f13c1b4af0d6155eb08d22fe41235a35a0d31ad5a0fd3f31510d1f4c9f22785f43257f79a1d","ssdeep":"","tlshash":"ce31370a64e236185977662e4fdfb208755690173009ee287c8d97849facc1652b8ef8","size":1507,"data":"","first_seen":"2026-02-13T02:34:07.200492Z","last_seen":"2026-02-13T19:48:24.040374Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"ab7bf6750c378102aa09cd0dd2eea703","sha1":"949ccf71686307de62030ad3b070283382063a26","sha256":"7bf388e17bd5932ef0c3b5f0b7b8ea0c30be3e4fed92234f4a134632641b0e2e","sha512":"f7cdd026cd89f37f007fecd2bd32c3f667f28ec0916a2d00ce7dd1e1a1a9170e85b8ab16d4aec55fc555431ab98290cca43ab912f73c00723a0bf121cc317855","ssdeep":"","tlshash":"6651870913fa60159743b57b8c4b42066538a017380a8d5cba5ca3c05f97936e4eaff9","size":2763,"data":"","first_seen":"2026-02-13T02:34:07.205047Z","last_seen":"2026-02-13T19:48:24.041206Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"moz-extension","addr":"moz-extension://d4e35aae-2519-4e28-92df-f87aaf5f8e9b/lib/shim_messaging_helper.js","fqdn":"moz-extension","domain":"moz-extension","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"865f01cbb34eb505834e826380d7dc2e","sha1":"c239ccc37191f1be78dfaa6bb3f1da5d314fdf9e","sha256":"30ed6392b8de4590bd974a4a797ee0b12b382f2141738115bfd2d692cfa6ec17","sha512":"9e37cd2e9fb9e4e926e2d1e1232c4c4ba3531d89b1d165293708849e0f88df6a40711d87c2b267ced9b6c4a27ac13079b5cb907334e2e297b588318df629b9ee","ssdeep":"","tlshash":"9e31ba1959fa0d1c0063b4a977673403722a90271149fe92bedcc3536f9652bc6f2bc8","size":1684,"data":"","first_seen":"2023-05-05T22:33:37Z","last_seen":"2026-06-07T08:17:54.128402Z","times_seen":182875,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"a1911fb5fab6d958962cfee161f39c93","sha1":"dd15f80096f66bbcd411e995aba4fa422949cc88","sha256":"e6fd1d333841f6d54396fa2bbf4a238856ed5655ed599ca92ea5bdde540b4076","sha512":"51d922dac53ff9ba795a78a59b1f04a1e42cd731517b727194bfac42c892a0c8d8ef31ac45d86250c85cdb4dc82d925c30e1b28d6cd5d13e086323d3d37f1205","ssdeep":"","tlshash":"d0f0b46f27a6283046aba56b634ba785392540033485ed8d7e0c5a440f64e5148b7dd5","size":632,"data":"","first_seen":"2026-02-13T02:34:07.208712Z","last_seen":"2026-02-13T19:48:24.042533Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/src/phaser.min.js","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"1b9153d0183fa6a970a29b9392b9a59e","sha1":"112befbfe9b6e4b1d052b4166f8807be80e63a2c","sha256":"7ec1a47453d9535a5180ef8bcbb925ac04ca6ceeca07084b6e429cab172b774d","sha512":"7829c4adb9e5d5033e23bb609d17f00d4aa74c651c3d15722beb9aeba14ad96d4618b9d1739852872495d087406ff3723bbae22c7bb658ba9385a4378760526c","ssdeep":"6144:4kZO7YG1gvz8mELGQFJk27EaNN6uUhQh879m7v5tJlPO4ALfasybFfdIHGHgHIH1:4kZCxVG4xcYmMzwFG/O6","tlshash":"bdf41adab2617854856361a1007f0247a33bf89aa888c8bc797cd5d97de894c317ff78","size":739876,"data":"","first_seen":"2025-04-27T21:37:42.976391Z","last_seen":"2026-02-13T19:48:24.008397Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/src/MainMenu.js","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"102e7f64fae5fb648dfeb14f72852411","sha1":"664b0e7f3c85fff81a9895e9f6160737eefc88c1","sha256":"57cb07fac993231796bf032c48b6103ef8e866ed4f9dca0d1fe2c861f1a85174","sha512":"01c589caaeaf3477a2cc27e7061ac3813d1b5c110c8b3c63d7fbb8f4ef2d3415498ba4efc80345fd36a5693058b85bfe69c8aa6afec0a3a7c4ae75bdb24bd3cf","ssdeep":"192:xB6FgI711YEjD3KcjDxKh+e+EVwtLeLTfsDpOrrygFy:xFIJ6cbawqoNYygFy","tlshash":"68321c0e07975c1be13661648f9fa2882238900f5e47de2e7d1cc4c16fe253987a9fb9","size":11517,"data":"","first_seen":"2026-02-13T02:34:06.976688Z","last_seen":"2026-02-13T19:48:23.968805Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"connect.facebook.net/en_US/sdk.js","fqdn":"connect.facebook.net","domain":"facebook.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b938e0b835c600209bdaae9d8ccda6d7","sha1":"d5ee79d277057e05f002a18381722b5eb75d3883","sha256":"d1b95aeb57c3285042e1e24c00cc56a8560d16daf7ee5cdfd5c75296b21ac91b","sha512":"f519d10ba250add8cdb46a82b3cddc68e01735c6c80b24d4af37aa0ca108340b59a21bd2cc19bcd4753f66ff5a5dc17f6e3500e91be6436fdd90c954a6ed3800","ssdeep":"384:Ps5FfMCDA9SQM/Psw1A9uW1HVMJDXMlS3RpU9JCo4wiLF:kU9SVjoHqXMA3CJCodiLF","tlshash":"1672b51e46f31232456370766b4b72047235d0473a0afe993f9c87542f8aa6e86f27ec","size":16896,"data":"","first_seen":"2023-05-05T22:33:37Z","last_seen":"2026-06-07T08:17:54.126058Z","times_seen":177375,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"75d3a42a5f537de7a557d85307cc31a2","sha1":"452086e7a822f9b4d0d349d1bfd54acb44045802","sha256":"228dee6dfe269216d1708108d3843d1f252633901d5dd1ecca62c0d5b2fa82f8","sha512":"29a5ec77b65e3e61512765f11a4229e12cf919cf244f97ab210321f45e5ddbc114b7685f340889721e51d4b418de27c277872fb9ab2eecea6be58c2dae8b2d82","ssdeep":"","tlshash":"dff026bb26a20a348baba536534bf2c43b3252033501e8497b0c0b400fa5f0244ba8db","size":463,"data":"","first_seen":"2026-02-13T02:34:07.210025Z","last_seen":"2026-02-13T19:48:24.043838Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/index.php","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"b109c2ba48a53939b89ae59e494be600","sha1":"2a8380f0c5b7f5385f94cf6d027d06a33e78beae","sha256":"60c11c558969e75fe51703934a1115d3fc3adac46714c151a8da8e0ba81c68f2","sha512":"b4c84fd0a9d6eb87e7c5edb7463f80dc98d5314717698cdf97dea664742121088b6ebcb1c5df05275200ee8d8f91008fa3a238fbff8fb6f710fefe1b0c6c5888","ssdeep":"","tlshash":"31119c8da4f7a0264a227c284bef200026b94813940d8494f41c5a60afc2529c375df8","size":943,"data":"","first_seen":"2026-02-13T02:34:07.213593Z","last_seen":"2026-02-13T19:48:24.044666Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/ui/1.13.1/jquery-ui.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.2.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dd5c979b802f985cefb36d3e4239977f","sha1":"9f0b7689ecae90bc8d0e3ff859d8d600c4b36ee9","sha256":"e97315234cc1f1c4737d98ea29c0f4d4f06c032dc5943012ae50bc4b10a92276","sha512":"91ef9f666d82ef583b854c4e7a0d114c7d63f509fa1cc2c8303c8b82a63a4a2c9211cd7935fec2916a4ebb16d2cbc09622de1e3eb2cc6301419e54c7c0b2349a","ssdeep":"12288:HdemHFgymNqlyHCcmMq/W/EEs+vQRgPrVhDdRlE:LlyHCcmMq/W/EEs+bhhDdRlE","tlshash":"92b4b6c9f39c266a857a32595c2e42cdb23c8075d60058bfbc5d59dc29a883c43bbf79","size":529062,"data":"","first_seen":"2023-03-07T12:12:43Z","last_seen":"2026-06-07T07:58:23.487175Z","times_seen":883,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/src/canvas-toBlob.js","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"8278b43a8cd267b068b4ba136135900f","sha1":"cadb540d8ce4de06b9526e01cceee694ec91b938","sha256":"ef07a283f866d3d638253bc335db05ab5af52d7c4bb85b02fb0671f6cbf80a2a","sha512":"750fc89d4b2395d114797f5562e111985ba5e5a81d17ab03d5861e41d20f54f600918fb6d92116291de93afcc3b0f9e7192e79478a426b69abdfe165b031ebd8","ssdeep":"","tlshash":"327185c8eb8c50171664341d4e6edccce62c813e9f6018fbad1b8b78166423af065b47","size":3532,"data":"","first_seen":"2026-02-13T02:34:07.145164Z","last_seen":"2026-02-13T19:48:23.916442Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"connect.facebook.net/en_US/all.js","fqdn":"connect.facebook.net","domain":"facebook.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b938e0b835c600209bdaae9d8ccda6d7","sha1":"d5ee79d277057e05f002a18381722b5eb75d3883","sha256":"d1b95aeb57c3285042e1e24c00cc56a8560d16daf7ee5cdfd5c75296b21ac91b","sha512":"f519d10ba250add8cdb46a82b3cddc68e01735c6c80b24d4af37aa0ca108340b59a21bd2cc19bcd4753f66ff5a5dc17f6e3500e91be6436fdd90c954a6ed3800","ssdeep":"384:Ps5FfMCDA9SQM/Psw1A9uW1HVMJDXMlS3RpU9JCo4wiLF:kU9SVjoHqXMA3CJCodiLF","tlshash":"1672b51e46f31232456370766b4b72047235d0473a0afe993f9c87542f8aa6e86f27ec","size":16896,"data":"","first_seen":"2023-05-05T22:33:37Z","last_seen":"2026-06-07T08:17:54.126058Z","times_seen":177375,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"domTimer","is_inline":false,"md5":"889413457d1070a6daa95ced7bbbd7de","sha1":"f6c0a025aa709ed1820b60ba04c751e5a031c930","sha256":"36e6d2f767f21bbbb48677732d90b55da4b5980ef8285429fff74623f5b1f293","sha512":"0f336ae760770654f30a9700b6ed11656b83860856f2ebd961ef0929ec110561458ab5da856681e4465ae8972d1434b2f6483249a01a05ccaf7ab8b5caaf629b","ssdeep":"","tlshash":"bb01000cc0330300033030300c3000000300c333c003cc000000c003c00c300c00c00c","size":731,"data":"","first_seen":"2026-02-13T02:34:07.194778Z","last_seen":"2026-02-13T19:48:24.037152Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"domTimer","is_inline":false,"md5":"889413457d1070a6daa95ced7bbbd7de","sha1":"f6c0a025aa709ed1820b60ba04c751e5a031c930","sha256":"36e6d2f767f21bbbb48677732d90b55da4b5980ef8285429fff74623f5b1f293","sha512":"0f336ae760770654f30a9700b6ed11656b83860856f2ebd961ef0929ec110561458ab5da856681e4465ae8972d1434b2f6483249a01a05ccaf7ab8b5caaf629b","ssdeep":"","tlshash":"bb01000cc0330300033030300c3000000300c333c003cc000000c003c00c300c00c00c","size":731,"data":"","first_seen":"2026-02-13T02:34:07.194778Z","last_seen":"2026-02-13T19:48:24.037152Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"domTimer","is_inline":false,"md5":"889413457d1070a6daa95ced7bbbd7de","sha1":"f6c0a025aa709ed1820b60ba04c751e5a031c930","sha256":"36e6d2f767f21bbbb48677732d90b55da4b5980ef8285429fff74623f5b1f293","sha512":"0f336ae760770654f30a9700b6ed11656b83860856f2ebd961ef0929ec110561458ab5da856681e4465ae8972d1434b2f6483249a01a05ccaf7ab8b5caaf629b","ssdeep":"","tlshash":"bb01000cc0330300033030300c3000000300c333c003cc000000c003c00c300c00c00c","size":731,"data":"","first_seen":"2026-02-13T02:34:07.194778Z","last_seen":"2026-02-13T19:48:24.037152Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/index.js","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"4e01edeeb9622da0e1f88d8963ec4838","sha1":"3194d748d7611b553ad1933493a919577fe8c71c","sha256":"982f51786b9bae28e43e4b4ab583bd46d332e513de9d93bc799c69914ec47f9d","sha512":"73b26e6fe3debba940ee2a5d055f80d354b035ea384b9f971f43523e47832ba16d354bfc0552add7c1be9ff3f870650c663c520777a05d5657d61ca9f8089324","ssdeep":"3072:vNNYYXJD4fj4uNHZ4gf5EedFsS/AvHKEfmIkPyFmpSFmp2XoWhuK2ZwHR:NJOkuNyGJASanFmpVi","tlshash":"3dd47449bea131a7567b737deb6b8401f9b681931104c240bdacdae41fb042453eafed","size":648574,"data":"","first_seen":"2026-02-13T02:34:07.187387Z","last_seen":"2026-02-13T19:48:23.999436Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"ad9230d72618a565fd64a1443f1a87b0","sha1":"b8bcc5296525bd37bc7eedb6f98d538a856b998d","sha256":"f05e5d1ee21a130a5951f9361497b0c3760ac3d0629893c231bd7fa269644a42","sha512":"b260a20c312e8efee67869496fae910a47ce96f67bd3cde78a1aa51b11c4e213b813b02f4ad1ba0534eff8c27e54148c8d5faae4049438a2f0d34c67fa00ad90","ssdeep":"","tlshash":"1ee086bb26630934469b5536630bf6c43b3252033401e84d7f0c4b400f95f4244ba8d6","size":419,"data":"","first_seen":"2026-02-13T02:34:07.215121Z","last_seen":"2026-02-13T19:48:24.045623Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/index.php","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"7215ee9c7d9dc229d2921a40e899ec5f","sha1":"b858cb282617fb0956d960215c8e84d1ccf909c6","sha256":"36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068","sha512":"f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768","ssdeep":"","tlshash":"c700000000000000c00000300000000000000000000000000000000000000000000000","size":1,"data":"","first_seen":"2023-03-07T01:02:53Z","last_seen":"2026-06-08T14:50:58.502593Z","times_seen":38310,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"domTimer","is_inline":false,"md5":"889413457d1070a6daa95ced7bbbd7de","sha1":"f6c0a025aa709ed1820b60ba04c751e5a031c930","sha256":"36e6d2f767f21bbbb48677732d90b55da4b5980ef8285429fff74623f5b1f293","sha512":"0f336ae760770654f30a9700b6ed11656b83860856f2ebd961ef0929ec110561458ab5da856681e4465ae8972d1434b2f6483249a01a05ccaf7ab8b5caaf629b","ssdeep":"","tlshash":"bb01000cc0330300033030300c3000000300c333c003cc000000c003c00c300c00c00c","size":731,"data":"","first_seen":"2026-02-13T02:34:07.194778Z","last_seen":"2026-02-13T19:48:24.037152Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"domTimer","is_inline":false,"md5":"889413457d1070a6daa95ced7bbbd7de","sha1":"f6c0a025aa709ed1820b60ba04c751e5a031c930","sha256":"36e6d2f767f21bbbb48677732d90b55da4b5980ef8285429fff74623f5b1f293","sha512":"0f336ae760770654f30a9700b6ed11656b83860856f2ebd961ef0929ec110561458ab5da856681e4465ae8972d1434b2f6483249a01a05ccaf7ab8b5caaf629b","ssdeep":"","tlshash":"bb01000cc0330300033030300c3000000300c333c003cc000000c003c00c300c00c00c","size":731,"data":"","first_seen":"2026-02-13T02:34:07.194778Z","last_seen":"2026-02-13T19:48:24.037152Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"domTimer","is_inline":false,"md5":"889413457d1070a6daa95ced7bbbd7de","sha1":"f6c0a025aa709ed1820b60ba04c751e5a031c930","sha256":"36e6d2f767f21bbbb48677732d90b55da4b5980ef8285429fff74623f5b1f293","sha512":"0f336ae760770654f30a9700b6ed11656b83860856f2ebd961ef0929ec110561458ab5da856681e4465ae8972d1434b2f6483249a01a05ccaf7ab8b5caaf629b","ssdeep":"","tlshash":"bb01000cc0330300033030300c3000000300c333c003cc000000c003c00c300c00c00c","size":731,"data":"","first_seen":"2026-02-13T02:34:07.194778Z","last_seen":"2026-02-13T19:48:24.037152Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"domTimer","is_inline":false,"md5":"889413457d1070a6daa95ced7bbbd7de","sha1":"f6c0a025aa709ed1820b60ba04c751e5a031c930","sha256":"36e6d2f767f21bbbb48677732d90b55da4b5980ef8285429fff74623f5b1f293","sha512":"0f336ae760770654f30a9700b6ed11656b83860856f2ebd961ef0929ec110561458ab5da856681e4465ae8972d1434b2f6483249a01a05ccaf7ab8b5caaf629b","ssdeep":"","tlshash":"bb01000cc0330300033030300c3000000300c333c003cc000000c003c00c300c00c00c","size":731,"data":"","first_seen":"2026-02-13T02:34:07.194778Z","last_seen":"2026-02-13T19:48:24.037152Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"b0cd64493ecc6fbd6fdab932aa04390b","sha1":"167f4cf4e5a9a0bafd56be24f5130ad6b30a2967","sha256":"a6b1317b55702059d54f81675c5b209a6ab4836fbdc760e86e3451f68adc3359","sha512":"7a2acf009596b40f4831410306a3dcf02732fc44c6a89cd99462fa29a646a9427f027e086453cf886fa8dd9d62d155098268ada12b364d8df6b2833d7498b95e","ssdeep":"","tlshash":"b7f0867b26a60a3447aba576535bb7c53b3252033500f9497b1c5b400f95f4245ba4e7","size":456,"data":"","first_seen":"2026-02-13T02:34:07.216761Z","last_seen":"2026-02-13T19:48:24.047054Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/src/phaser.min.js","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"1b9153d0183fa6a970a29b9392b9a59e","sha1":"112befbfe9b6e4b1d052b4166f8807be80e63a2c","sha256":"7ec1a47453d9535a5180ef8bcbb925ac04ca6ceeca07084b6e429cab172b774d","sha512":"7829c4adb9e5d5033e23bb609d17f00d4aa74c651c3d15722beb9aeba14ad96d4618b9d1739852872495d087406ff3723bbae22c7bb658ba9385a4378760526c","ssdeep":"6144:4kZO7YG1gvz8mELGQFJk27EaNN6uUhQh879m7v5tJlPO4ALfasybFfdIHGHgHIH1:4kZCxVG4xcYmMzwFG/O6","tlshash":"bdf41adab2617854856361a1007f0247a33bf89aa888c8bc797cd5d97de894c317ff78","size":739876,"data":"","first_seen":"2025-04-27T21:37:42.976391Z","last_seen":"2026-02-13T19:48:24.008397Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"domTimer","is_inline":false,"md5":"889413457d1070a6daa95ced7bbbd7de","sha1":"f6c0a025aa709ed1820b60ba04c751e5a031c930","sha256":"36e6d2f767f21bbbb48677732d90b55da4b5980ef8285429fff74623f5b1f293","sha512":"0f336ae760770654f30a9700b6ed11656b83860856f2ebd961ef0929ec110561458ab5da856681e4465ae8972d1434b2f6483249a01a05ccaf7ab8b5caaf629b","ssdeep":"","tlshash":"bb01000cc0330300033030300c3000000300c333c003cc000000c003c00c300c00c00c","size":731,"data":"","first_seen":"2026-02-13T02:34:07.194778Z","last_seen":"2026-02-13T19:48:24.037152Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/index.php","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"introduction_type":"Function","is_inline":false,"md5":"c4b75821f33bba71d7c8083cf0bac3ad","sha1":"71e3ece8ea748b0b09ed8026b971abed29acc8c3","sha256":"d6424dbb88b70c82d12114150fde64753d3af2f8335897090322cdcd6334781a","sha512":"e7322f520f70565cb36c6ca56c6f5ed7a858a8fdfde0aec59912e5f5b3cc61c9f82d40799ad5a97829372f0f979a01faeca414bc0d33c426869353a8aee25b53","ssdeep":"","tlshash":"f09002a960d2605046e32158206a69c4a438946024459982804c94512955460a12586d","size":49,"data":"","first_seen":"2023-05-10T09:10:21Z","last_seen":"2026-04-18T14:33:33.092946Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/index.php","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"df1ce178c58fb337b6b3f21f04745500","sha1":"4df7beea211ab6df2a8c22bbbff6409aa0ab25e3","sha256":"d0df1834829cfc30aacad8d3947116ee1c2fdce9b4fb38a43c35cfc5ed76bad1","sha512":"cc54db2f5b54f0f27fc5e46e15df1824af5784feeef4a20f441aaf2f12c16c6c18a4ecdead20929073dee589b4830c3c8e0c73f2c5fbf60a537a0dedb5aa927d","ssdeep":"","tlshash":"f0f0a30d68e7302a7af7b07f0b6f41a8356915131d00dc107c8dc1a82f50fa549a9f9d","size":584,"data":"","first_seen":"2026-02-13T02:34:07.239033Z","last_seen":"2026-02-13T19:48:24.050096Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/index.php","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"e811c901e3463f14ebc016d79b85064c","sha1":"85ba2293645b6e1374cef19d95fb3cc7ddf45e53","sha256":"c975eb760e254e4fc5acf21f7a93ddb01caba94237fcaa0d661b360a72798423","sha512":"75ef6323610bceab42dbe833640119287628f54cd759691a60045d9caf7fcc18e774cbc29341a3ddff0b890b939343ae43bcc5f08446460d7187a46b16b2876a","ssdeep":"","tlshash":"4951000827d786b7553b3d33139fb320a9b854170546aa4239bdfa0a7fb2297921c7c7","size":2682,"data":"","first_seen":"2026-02-13T02:34:07.241839Z","last_seen":"2026-02-13T19:48:24.051037Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/src/FileSaver.min.js","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"8514c12a6717d73a9ffac9c2f149cc8d","sha1":"bd2a8310006bf05e9c0e20d9ce95bf91cef19b28","sha256":"2edb0a75d0234ba24cf80831689eda1a8bb31fff87e275e6b93955b5f22274b6","sha512":"92e975540ed426d01b3b82395ade86a9623669ced90a0059788d142496344f50789df660a11ca905eedc89668b3ee4052b9fbd51914f396276fa6025b5fe0a7f","ssdeep":"96:O8KUlO15TBWrFnGAmFX/+LhJFABHTTCM5tVRW7amn0GkQGZWHv3KaJ:OL+GDFX0XAR6wXW7amnFkDoCaJ","tlshash":"63b1556e6185b04ac2ef3574912f8101a322fa7e9adf5240db10f8fc657d56e00ebe5b","size":5118,"data":"","first_seen":"2025-08-15T19:58:15.21426Z","last_seen":"2026-02-13T19:48:23.975958Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/src/Boot.js","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"859521f7f7653f56377eac4089fa6165","sha1":"0e91427c8ec0aff30f1a7023de054b2aec89b2f8","sha256":"ef97844ae06d1527718ac2521a539ead2ba04b412b8c58cf98ee2ad9b8fcc4e5","sha512":"93a34736131a64858750894578badc9bb09fbc46c4c5b5c8781278e5572b06f2192d16b00754f4e280ae66fd1776df90662263a644c92239f5cb9f7189a9e014","ssdeep":"","tlshash":"5e01266c174bcc18843130257f0f76d48bb4210f8c87c95a386dc2d9bf74a685969b7a","size":839,"data":"","first_seen":"2026-02-13T02:34:07.001059Z","last_seen":"2026-02-13T19:48:24.022645Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/main.js","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"2d6b471d82030550700ca8235b9bb51e","sha1":"96feb6de60e85bf35043a887372d8ac1ffc94df3","sha256":"b911001617cea3d7be697835b0985e87aebf5c743142b25990dadbad4ebca609","sha512":"a84d725ed3ea60a555216f676dfcdc634e9ce20e4e985232cf04b56e665944326fa41d3903373cc019c3d98e78905fe257b2b28bdab5a00ed0c982a2118bda2d","ssdeep":"3072:mNNYYXJD4frxU7rZ4AfxriQFa7W0170NWxzDtm:AJOFU7W4rO74NWBtm","tlshash":"09d45489aea171a26a7b737deb7b8001f9b581931004c150bdacdae41fb141453eefed","size":599483,"data":"","first_seen":"2026-02-13T02:34:07.038305Z","last_seen":"2026-02-13T19:48:23.998221Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"1be45b09c9f5f6babc6f4b6d4f63d5f9","sha1":"6d3357e815567aa676ab6a7975d7dea194884dcb","sha256":"0e3ea8d6fcd3c38517972063b0103669236fecfb33c9bd03d6ae181f8f71a811","sha512":"e20e88732477e4e7300b516ec21ccd581d213ef56f0775443ff66fd0ab636c4baa9ae1af82e2b63275d1792598981b9773a941832358eb39a334cc51684c8ae7","ssdeep":"","tlshash":"c8f0267b2aa20a304baba536534bb3c43b3252033400f8497b0c4b400f95f0244ba4d7","size":456,"data":"","first_seen":"2026-02-13T02:34:07.219888Z","last_seen":"2026-02-13T19:48:24.054421Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ddb84c1587287b2df08966081ef063bf","sha1":"9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f","sha256":"88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd","sha512":"0640605a22f437f10521b2d96064e06e4b0a1b96d2e8fb709d6bd593781c72ff8a86d2bfe3090bc4244687e91e94a897c7b132e237d369b2e0dc01083c2ec434","ssdeep":"1536:k5RKUpVgklsdbuLP/l+0fGzA8gmtasgx/c9Rzzi4yff8qeLvHHEjam7rSnmBn9gn:Ee8FbGzA81+xRRi1Z3","tlshash":"0a93e7d9b2d6716387b731bc50af510bb13698aa784c8c50f068d8e4be74a48907bf7d","size":93868,"data":"","first_seen":"2023-03-07T01:03:13Z","last_seen":"2026-06-08T13:51:02.908665Z","times_seen":18480,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/src/particle-storm.min.js","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"8277e9bb6ba8f0b4c2c3fdc3dcafa1f9","sha1":"b84d3a4247abeee8cd8a2ce04ae6d14da2def5de","sha256":"7fc6c6477302f7ddeac2c7434b8a6d83c0382d377508e66034d30d0ab3cd7090","sha512":"a8a94d0e102bb21b9e73a251aa9e67846a42ff2047d205562a5e42edb33f02be86dadb65daec2ddd70ee9c17135bcaea299368befcf85b93c8b1d118eff508ad","ssdeep":"768:QDE8bov67wjYAUAyFwbbGCMogD4JQHvZIW0TkuhHH:G7AM+yFwfFTkuhHH","tlshash":"0d23968461955f311b9757c6c4bf4901923be2d898ce097c3244a8eebca8a0b5377fbd","size":47947,"data":"","first_seen":"2026-02-13T02:34:07.050031Z","last_seen":"2026-02-13T19:48:23.914283Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"moz-extension","addr":"moz-extension://d4e35aae-2519-4e28-92df-f87aaf5f8e9b/lib/shim_messaging_helper.js","fqdn":"moz-extension","domain":"moz-extension","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"865f01cbb34eb505834e826380d7dc2e","sha1":"c239ccc37191f1be78dfaa6bb3f1da5d314fdf9e","sha256":"30ed6392b8de4590bd974a4a797ee0b12b382f2141738115bfd2d692cfa6ec17","sha512":"9e37cd2e9fb9e4e926e2d1e1232c4c4ba3531d89b1d165293708849e0f88df6a40711d87c2b267ced9b6c4a27ac13079b5cb907334e2e297b588318df629b9ee","ssdeep":"","tlshash":"9e31ba1959fa0d1c0063b4a977673403722a90271149fe92bedcc3536f9652bc6f2bc8","size":1684,"data":"","first_seen":"2023-05-05T22:33:37Z","last_seen":"2026-06-07T08:17:54.128402Z","times_seen":182875,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"domTimer","is_inline":false,"md5":"889413457d1070a6daa95ced7bbbd7de","sha1":"f6c0a025aa709ed1820b60ba04c751e5a031c930","sha256":"36e6d2f767f21bbbb48677732d90b55da4b5980ef8285429fff74623f5b1f293","sha512":"0f336ae760770654f30a9700b6ed11656b83860856f2ebd961ef0929ec110561458ab5da856681e4465ae8972d1434b2f6483249a01a05ccaf7ab8b5caaf629b","ssdeep":"","tlshash":"bb01000cc0330300033030300c3000000300c333c003cc000000c003c00c300c00c00c","size":731,"data":"","first_seen":"2026-02-13T02:34:07.194778Z","last_seen":"2026-02-13T19:48:24.037152Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"domTimer","is_inline":false,"md5":"889413457d1070a6daa95ced7bbbd7de","sha1":"f6c0a025aa709ed1820b60ba04c751e5a031c930","sha256":"36e6d2f767f21bbbb48677732d90b55da4b5980ef8285429fff74623f5b1f293","sha512":"0f336ae760770654f30a9700b6ed11656b83860856f2ebd961ef0929ec110561458ab5da856681e4465ae8972d1434b2f6483249a01a05ccaf7ab8b5caaf629b","ssdeep":"","tlshash":"bb01000cc0330300033030300c3000000300c333c003cc000000c003c00c300c00c00c","size":731,"data":"","first_seen":"2026-02-13T02:34:07.194778Z","last_seen":"2026-02-13T19:48:24.037152Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"domTimer","is_inline":false,"md5":"889413457d1070a6daa95ced7bbbd7de","sha1":"f6c0a025aa709ed1820b60ba04c751e5a031c930","sha256":"36e6d2f767f21bbbb48677732d90b55da4b5980ef8285429fff74623f5b1f293","sha512":"0f336ae760770654f30a9700b6ed11656b83860856f2ebd961ef0929ec110561458ab5da856681e4465ae8972d1434b2f6483249a01a05ccaf7ab8b5caaf629b","ssdeep":"","tlshash":"bb01000cc0330300033030300c3000000300c333c003cc000000c003c00c300c00c00c","size":731,"data":"","first_seen":"2026-02-13T02:34:07.194778Z","last_seen":"2026-02-13T19:48:24.037152Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"anonella.xyz/public/assets/bgs/wintab.png","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/bgs/wintab.png HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/main.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/png\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"a84092c56d05ef71490b845ae10a03bf-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9Q1CPRE562KBMH98ZTG\r\ncontent-length: 48245\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":48245,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 1080, 8-bit colormap, non-interlaced","md5":"1b67f643cf25e4f9ef96d5e71a559392","sha1":"bf37641aaa4e6501d157f9b2eb222adc4e7e2d44","sha256":"a5542f08c9cf075a3f6b1e54126b1ced52706c1eb63ba4670360e1996c899e74","sha512":"92e2ff56b788bfd7d42723a7157ca68e54bd40f065e6d66f8936ac07fbb07e9ff4d0a89f0509ebbdb7543ba09e16e9a65e6b1377c8f7ba208d47fe9f9eefeb5d","ssdeep":"768:nXAggp8nC33kcWeNQbFeai7dBIRJefvUSMxS3BA9gqmegQADyoX7I+zlL4j4t:FS8C33kK8Fe/gMvN3BWgqmegZu0I+zuw","tlshash":"7f23d0831c2153d82e5696bf6bcbf5c428311aab6485c74f728cd8d1accb668c878397","first_seen":"2026-02-13T02:34:07.037286Z","last_seen":"2026-02-13T19:48:23.910566Z","times_seen":2,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/memeSection/4.jpg","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/memeSection/4.jpg HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"3ac5f8fe3307e3d7520261a67f674629-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9RNA6VA27DSP0T18CWC\r\ncontent-length: 87735\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":87735,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 825x600, components 3","md5":"7417c74ad7ac1640b77138224657fead","sha1":"dd3862310a2ba909587275b1e3121a927bb42ce7","sha256":"bf7bb98a977c056280d06e65785f987ec699378b0745e8f91199d1f1949ae135","sha512":"d89f6209b0970f493694fec612de402f40c41396b08f4ed7427eb24daf675f3b5f9451d04b60cb98f6ec159133676e20f97ba88b11bd6556cbe88e1df2d2cfee","ssdeep":"1536:0BAHIeD7pr/Q+4X0Vmwk2c1gCSGnu+GUwLhBvGJm0IIzcvXfLwlR7oRT:0g71ljZkfBu3hQJmowXUYRT","tlshash":"d48312fc410e3aaa22e44b271c4091fa264fbcccaf6e6857e93019ddd25e5e43a1d486","first_seen":"2026-02-13T02:34:07.143308Z","last_seen":"2026-02-13T19:48:23.91257Z","times_seen":2,"resource_available":false,"data":null}},"time_used":464,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":461,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/src/particle-storm.min.js","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:53.412Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/src/particle-storm.min.js HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Apr 2017 09:55:57 GMT\r\nvary: Accept-Encoding\r\netag: W/\"58e7622d-bb4b\"\r\nexpires: Sat, 13 Feb 2027 19:47:53 GMT\r\ncache-control: max-age=31536000\r\nx-powered-by: PleskLin\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":47947,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32032)","md5":"8277e9bb6ba8f0b4c2c3fdc3dcafa1f9","sha1":"b84d3a4247abeee8cd8a2ce04ae6d14da2def5de","sha256":"7fc6c6477302f7ddeac2c7434b8a6d83c0382d377508e66034d30d0ab3cd7090","sha512":"a8a94d0e102bb21b9e73a251aa9e67846a42ff2047d205562a5e42edb33f02be86dadb65daec2ddd70ee9c17135bcaea299368befcf85b93c8b1d118eff508ad","ssdeep":"768:QDE8bov67wjYAUAyFwbbGCMogD4JQHvZIW0TkuhHH:G7AM+yFwfFTkuhHH","tlshash":"0d23968461955f311b9757c6c4bf4901923be2d898ce097c3244a8eebca8a0b5377fbd","first_seen":"2026-02-13T02:34:07.050031Z","last_seen":"2026-02-13T19:48:23.914283Z","times_seen":2,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/src/canvas-toBlob.js","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:53.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/src/canvas-toBlob.js HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Apr 2017 09:55:57 GMT\r\nvary: Accept-Encoding\r\netag: W/\"58e7622d-dcc\"\r\nexpires: Sat, 13 Feb 2027 19:47:53 GMT\r\ncache-control: max-age=31536000\r\nx-powered-by: PleskLin\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3532,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"8278b43a8cd267b068b4ba136135900f","sha1":"cadb540d8ce4de06b9526e01cceee694ec91b938","sha256":"ef07a283f866d3d638253bc335db05ab5af52d7c4bb85b02fb0671f6cbf80a2a","sha512":"750fc89d4b2395d114797f5562e111985ba5e5a81d17ab03d5861e41d20f54f600918fb6d92116291de93afcc3b0f9e7192e79478a426b69abdfe165b031ebd8","ssdeep":"","tlshash":"327185c8eb8c50171664341d4e6edccce62c813e9f6018fbad1b8b78166423af065b47","first_seen":"2026-02-13T02:34:07.145164Z","last_seen":"2026-02-13T19:48:23.916442Z","times_seen":2,"resource_available":true,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/fav.ico","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:54.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/fav.ico HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: image/vnd.microsoft.icon\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\netag: \"a376144f2c247a5c698d7fe2ad380e49-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KHC8QANJEQKVV2EERAXDEW28\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"f7ba39861439a08fe0f123554f084f51","sha1":"e8bbfeadc86778a6cc938ec6c4e78eab142212c9","sha256":"b27f0c72c7c12db2510b3585846b2da21c35ed9fdffed674c3be880db19e0a57","sha512":"ef97669ea3db3cdebceb1f84dca3ea3621619c5bbd349bc872b538c772020aef48654eda11452c4d25301535ee033be0200b05ba50514227684bbf08f967b2b0","ssdeep":"48:dHh4WwQYO6JBNC2TO7H6Cxd2IAyIWU1vbnIJ9C9FI0joox/NL22pY6oNRlKU7u/9:dyQ0ml32IXovbnM0dVFY0oAy7HKAU/","tlshash":"56914b3356486f3dd58480fff8b714926ae1802443546cae4a9ac22e8e89574eb0a49e","first_seen":"2026-02-13T02:34:07.179385Z","last_seen":"2026-02-13T19:48:23.917392Z","times_seen":2,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/facebook/fb.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/facebook/fb.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3946\r\nlast-modified: Fri, 23 Apr 2021 08:12:45 GMT\r\netag: \"6082817d-f6a\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3946,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b24a6e4782071f0c90bba29ff966b461","sha1":"1de3c381ec8e95a749dd537026935e82954f9efe","sha256":"8fc8e04fa3cbedf469a934718c01d70162cf3f4130c5b8eb88ff117c47922711","sha512":"3e90eda4b8ea67ef17811ee0d2769278357149a243c5c44f41bad530a3028bff514f37496cbd7fbcc38f039c12dbd81a73e4e9abe279d653171693ae814f4468","ssdeep":"","tlshash":"77817d1c2dad93e9f365d6740bfd399d84c50cce11c62d2f61e5292561acdf0813262b","first_seen":"2026-02-13T02:34:06.970224Z","last_seen":"2026-02-13T19:48:23.918565Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/elementos_undo.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:55.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/elementos_undo.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:55 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2648\r\nlast-modified: Fri, 23 Apr 2021 08:12:44 GMT\r\netag: \"6082817c-a58\"\r\nexpires: Sat, 13 Feb 2027 19:47:55 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2648,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b914fed538252b9190d384f97f39e165","sha1":"9a3765d04e25e30ec0ddddcadafb4827d2cf164b","sha256":"ecf3983b3baa571510bd5204ff383e75b89c8f42acfa601307ea74f31ce58d4c","sha512":"1a8411ffbd7d2873f8d2fff71efff20c886d7d75f7c6503a6408dd0c7555f4126229d3ba8e95da574495c43578f4a426a3e4d1ce40788aa8ef609139b4aa76b7","ssdeep":"","tlshash":"ac513cf1223bd3f7aaa6b574103e74af057112d724162db61e7260d2bccd548288e5b0","first_seen":"2026-02-13T02:34:06.989584Z","last_seen":"2026-02-13T19:48:23.919377Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Inconsolata:400,700%7COverpass+Mono:regular%7CVT323:regular","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.139Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:41:02 GMT","end":"Mon, 20 Apr 2026 08:41:01 GMT"},"fingerprint":{"sha1":"CE:4C:7F:8F:8F:6A:C6:C8:7D:B4:2F:84:18:4E:0D:FB:63:4C:61:E5","sha256":"26:A1:50:21:90:A7:C5:05:61:2F:4B:99:EE:0C:BA:28:24:E5:BF:CB:00:37:F9:42:00:D8:72:4C:00:37:9B:B9"}}},"request":{"raw":"GET /css?family=Inconsolata:400,700%7COverpass+Mono:regular%7CVT323:regular HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 13 Feb 2026 19:47:53 GMT\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5703,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"d19fcc99c49201c754f3148201c05d9f","sha1":"3ce062d84c4a53fafdcd1719d2ec32b682dd6384","sha256":"ec50bd0b7d71c631358696b3784a271131dd34ff80d2870373e63750f51f6aea","sha512":"30b43cf0b61b8aaf6b5a09afa54795ebcdfaa6e06296ff3dff4fd4d06a44da2b83938d9a37b66305aab64346f609e9dc489382c37c79a4ef25f5f8155ca3fb48","ssdeep":"96:cwOEMiOEMC6Jc+ucOEMYNDwOpMiOpMC6Jc+ucOpMYN3OLAOaOLAiFZOTOLAuOLAG:cdTjeQUejTbAOfAn2AbAk5AxMGBHA","tlshash":"43c1005148bb9800a7830cc627df3d32de4e7155b484d539bffe1898adaad366362b0d","first_seen":"2026-02-13T02:34:07.039475Z","last_seen":"2026-02-13T19:48:23.920322Z","times_seen":2,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":52,"dns":1,"connect":15,"send":0,"wait":35,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/memeSection/3.jpg","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.232Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/memeSection/3.jpg HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"9cb2f23e14bcbd014f006e29660d2676-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9RNS6RRMX8XM7R8EFTQ\r\ncontent-length: 110566\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":110566,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 825x600, components 3","md5":"d92d2f99eed175e84502a5f19ee56015","sha1":"a38e5dc29b637b76aaf71011022060f75c14ecf8","sha256":"5a21ba92b6fce83406f944a11667eb5c855f3532d3dae1f303129c7df6f4c944","sha512":"daff187760c37744f4a9e0d16009b91815b10f13ed59fd845bf21ce65d0e9ea7fc487f31ff1825a08c22f4477ee6cbd4476c3b936675284893ca99407f63bbd2","ssdeep":"3072:BNDsbpFeWFmhj/8qyeEdAptQnyAAsoPntyh:BNDsveGyQwQusow","tlshash":"adb312490cf852299d14ee60738bbaad544a4a70463113eb36f11cfca4f9da9de63e0d","first_seen":"2026-02-13T02:34:07.1112Z","last_seen":"2026-02-13T19:48:23.921567Z","times_seen":2,"resource_available":false,"data":null}},"time_used":632,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":484,"receive":148,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inconsolata/v37/QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:41:02 GMT","end":"Mon, 20 Apr 2026 08:41:01 GMT"},"fingerprint":{"sha1":"16:62:FB:B8:FF:3A:46:6C:9B:6D:CD:92:D9:4D:14:3B:59:48:25:B1","sha256":"85:9A:F5:D7:C3:BC:CC:6D:01:3A:9C:71:F9:24:07:98:12:7B:61:7E:2F:43:CD:26:EE:39:8E:AB:76:AE:FE:B8"}}},"request":{"raw":"GET /s/inconsolata/v37/QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://anonella.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 34084\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 13 Feb 2026 03:34:08 GMT\r\nexpires: Sat, 13 Feb 2027 03:34:08 GMT\r\ncache-control: public, max-age=31536000\r\nage: 58425\r\nlast-modified: Thu, 04 Sep 2025 17:22:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34084,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 34084, version 1.0","md5":"4f77d4a9715e4afc64a863d9e47527de","sha1":"6c0cf65047bbbb46faba3d92f1ba4b80ed04bbdd","sha256":"4914e68b98699a8f3d5d552fe60fd7a1c2cb631a0f66f0a148392f161d3155ab","sha512":"d4ffe5acded9b2e6d59487ac5cb9f97b00644fe6d5b627c08eab181bea10a1e1d85b143aeda6e44c7077cc859ae41be28029658f3281b7129e8f8991d5930b2f","ssdeep":"768:MYusugoEx0m+rAt1Hsu7yN8yI0VALqBFUpSM3tD:q60JUjsksRIGALk9M9D","tlshash":"e8e202553cf2a123715dca20a21f84e27a951cc64f479120ef481cf96a0bfded46e6ab","first_seen":"2025-06-03T01:50:41.190157Z","last_seen":"2026-06-08T15:23:41.46841Z","times_seen":2843,"resource_available":false,"data":null}},"time_used":437,"timings":{"blocked":207,"dns":3,"connect":27,"send":0,"wait":16,"receive":7,"ssl":173},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/sound/wat.mp3","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/sound/wat.mp3 HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-range: bytes 0-36710/36711\r\ncontent-type: audio/mpeg\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\netag: \"e736a2ba06be28fbc9698d196bd2cf6f-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8QA1MDNAZTFEGECN54MKN\r\ncontent-length: 36711\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":36711,"size_decoded":0,"mime_type":"audio/mpeg","magic":"Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 320 kbps, 44.1 kHz, JntStereo","md5":"706d3da761639df72b8601c9a0a5f998","sha1":"b9f315f852f6ae2d58ac590bb68a01f8975794af","sha256":"c0a6d4b1ee5af4089564568433ec4b5afe6d1d3d6f93165be2e94c931fac6d2b","sha512":"2a12aa37fbe73edc9a093739e456eda749c0c7385594cb592d2217a3832c679f1d739c1b9ed85ca51865db5f4480376a2ce5a413b681e4c2304b8ddc9669ab53","ssdeep":"768:ntRJiHFfU/5+J1ydh1KK6VTPiKkuQ8C28ZrpD9V5pfyQQY9l:tiHaB+J15KKPRkuQ9flD9V5EQQY7","tlshash":"17f2f147028624e0b5035273be5ea84bd850ce576e7a76ec8831b320677f1a1df4bf46","first_seen":"2026-02-13T02:34:07.016966Z","last_seen":"2026-02-13T19:48:23.923473Z","times_seen":2,"resource_available":false,"data":null}},"time_used":634,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":633,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/negro.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/negro.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 44\r\nlast-modified: Fri, 23 Apr 2021 08:12:45 GMT\r\netag: \"6082817d-2c\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 5x5, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"6bf5de8ed4e9d8485d1460d36fbae1f1","sha1":"9dfa8f83c86c9b7f4f0e4af3d8db1aa0a4a71f63","sha256":"a84182078d7c433e4358dcb851be7f0d314f61db91224cfd31a5e357a1c49aea","sha512":"0fd54675e8ed40f2acf880984be36e9214cf890dbd9052e513dc93b7d8b062c26b7d581fbf05189d1e8a712e2709a8f773953d6d1397ccaec763fd9fd878c07c","ssdeep":"","tlshash":"239002429311c1508448293a14b81121154cd4018402959210c799661251000a6420d5","first_seen":"2026-02-13T02:34:07.117022Z","last_seen":"2026-02-13T19:48:23.924378Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/facebook/panelShare.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.947Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/facebook/panelShare.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1036\r\nlast-modified: Fri, 23 Apr 2021 08:12:45 GMT\r\netag: \"6082817d-40c\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1036,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2b653bb7ddda714c696f3119b82396fc","sha1":"d9a09e27b9026df50f0d78419955167655be6b51","sha256":"9bfb9d2aedd4f576b81b0bd7ab18ad3ee4738c27bb55b6552a6d3d69591e89eb","sha512":"a3ba13e5f53840544a37a9aaba368354a4d5c09116d6a18ff4cc62ddf8411fb6d91d41f69a1f689205b486dc5103e7dd25732b1cb42cdbe28c454bac51db407e","ssdeep":"","tlshash":"b811d8221ab20015a5ffb8e931b1f7638dd5c7b8110a2870301d6143c07546f7f92e35","first_seen":"2026-02-13T02:34:07.098547Z","last_seen":"2026-02-13T19:48:23.925517Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/memeSection/10.jpg","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.245Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/memeSection/10.jpg HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"2d82f883050ff839fe04cbeaf19beb9b-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9RXNR4YPCRRYVGW1WFT\r\ncontent-length: 121887\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":121887,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 825x600, components 3","md5":"38db37cd6b9747d8de3cf7575dcf65c1","sha1":"be8cae50510cb9bf14c31259d21e10390ebf45dc","sha256":"7f49044ff6ab96a976eb8f2ee5856ecda60221ed8d4c8135080ae0c89145f084","sha512":"6ff8dd1c753f550c6487cee5411414108a0dea46465f00053bbb72e4617fb042b58e6bec5da6017f6bef531314e8c2dab73f6403ca3a3f2577baf6ff998648a4","ssdeep":"3072:hu0avywoKtuMbKTHZbNn0wncaid8O96YAl+y1VZc/pscQ:CXtjKT5bV0wncaS8+ybi/ycQ","tlshash":"52c312625a251930f7ef3d3a8bcbc9bd95e85821118680ae07b8ed514c411e3bcfed1e","first_seen":"2026-02-13T02:34:07.053044Z","last_seen":"2026-02-13T19:48:23.927363Z","times_seen":2,"resource_available":false,"data":null}},"time_used":566,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":542,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/sound/wat.mp3","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/sound/wat.mp3 HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-range: bytes 0-36710/36711\r\ncontent-type: audio/mpeg\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\netag: \"e736a2ba06be28fbc9698d196bd2cf6f-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8QA1KEQM56NQJDZ5S9PP4\r\ncontent-length: 36711\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":36711,"size_decoded":0,"mime_type":"audio/mpeg","magic":"Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 320 kbps, 44.1 kHz, JntStereo","md5":"706d3da761639df72b8601c9a0a5f998","sha1":"b9f315f852f6ae2d58ac590bb68a01f8975794af","sha256":"c0a6d4b1ee5af4089564568433ec4b5afe6d1d3d6f93165be2e94c931fac6d2b","sha512":"2a12aa37fbe73edc9a093739e456eda749c0c7385594cb592d2217a3832c679f1d739c1b9ed85ca51865db5f4480376a2ce5a413b681e4c2304b8ddc9669ab53","ssdeep":"768:ntRJiHFfU/5+J1ydh1KK6VTPiKkuQ8C28ZrpD9V5pfyQQY9l:tiHaB+J15KKPRkuQ9flD9V5EQQY7","tlshash":"17f2f147028624e0b5035273be5ea84bd850ce576e7a76ec8831b320677f1a1df4bf46","first_seen":"2026-02-13T02:34:07.016966Z","last_seen":"2026-02-13T19:48:23.923473Z","times_seen":2,"resource_available":false,"data":null}},"time_used":575,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":573,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/pinceles/pinceles_brocha.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/pinceles/pinceles_brocha.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 718\r\nlast-modified: Fri, 23 Apr 2021 08:12:45 GMT\r\netag: \"6082817d-2ce\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":718,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b827f8b1ed427296874dda8497a3f73b","sha1":"9d6d51a9de2b1fb59c331033babd99cfd6ba1f5a","sha256":"97c612c91176530b21930091baa69fa49f492c05f2daa7a82fe5c5db26c8e77d","sha512":"d0fee3a33fbad572df41c7797f85dff4d6c18434db34bc0b516ee64ebec3359914f2194d3cafc75cddf65b927e5afb65205b46b42984df71af9b561863389678","ssdeep":"","tlshash":"760160058a4122ffac281824f3a01b2a07899248947eb50ee248c8aa1ee5750e0a7fd9","first_seen":"2026-02-13T02:34:07.08722Z","last_seen":"2026-02-13T19:48:23.928327Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/pinceles/pinceles_pincel.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/pinceles/pinceles_pincel.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 940\r\nlast-modified: Fri, 23 Apr 2021 08:12:45 GMT\r\netag: \"6082817d-3ac\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":940,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e18f7039946d5dcdf114021f819f1cc8","sha1":"cfeb0d2cb5317bb02be894cd881b4682a37c0990","sha256":"b03b1ed13195ddab0fdfef7740f8a67e4d8b9418e3d3a432c35322217fd10c84","sha512":"57e76b21244249ca980f485ba84a4b4ca3d859ce46e3e48b4b98d73e920ac67130b3c934f7f61c239985522e05f1496f2a3e7df565a6506feac813f3362a02f3","ssdeep":"","tlshash":"0411b7512db76840effbf261786c14351d1d18249472902104256c2733fde277f7e84c","first_seen":"2026-02-13T02:34:07.091485Z","last_seen":"2026-02-13T19:48:23.92971Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/facebook/cancels.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.920Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/facebook/cancels.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2246\r\nlast-modified: Fri, 23 Apr 2021 08:12:44 GMT\r\netag: \"6082817c-8c6\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2246,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6cba9c83fe999df543be4a833327343f","sha1":"6398369673ec53c80b4d46dbfcda571725b38f7b","sha256":"e4a2078162b3606d462e9d1269c63b8006b524d630ee7e2c123181b3795c8be4","sha512":"322f0fa679e3df852bab000512176ef70c24c2f725cda06ac4b062c955414a91cf6ce04929ffd21021268be5d03ba934b06e58d3086d1cf9694b206d6c76f09c","ssdeep":"","tlshash":"45412bd846bd6889cc762e68bc0cda527aab547e6a7c452c91708a90ba0774c1a1950b","first_seen":"2026-02-13T02:34:07.140298Z","last_seen":"2026-02-13T19:48:23.933034Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/elementos_pinceles.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/elementos_pinceles.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 15414\r\nlast-modified: Fri, 23 Apr 2021 08:12:44 GMT\r\netag: \"6082817c-3c36\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15414,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"59891d271aeeceed58de4b24e685b35f","sha1":"5b95c9f7e8a966472ed4cc79616c602363aef2d6","sha256":"3d91dc3f76ab7c61d670f8fe57ba7a2af1f282f0fffc2d38b222f40cbb65941a","sha512":"89fec55fa4f31bdfe9131c6f8ec3d20e604ec17074d0d3119895d75f2e270a85cf442136b48197c6f6f4b989cef6af6e3d10902bfe7c3c81935b296b4f0091d3","ssdeep":"384:gkf7qSVUHMIK6body+ioY6noS2hkn+wnQbIKSN7tAeQx:gY7fOH1jbmnilQ2hknpnmqhEx","tlshash":"5762bf0d63779e85e6dec95d31ec8a8e00adaa4f7613c10572bc82c7d8932f5d25d05e","first_seen":"2026-02-13T02:34:06.985285Z","last_seen":"2026-02-13T19:48:23.935653Z","times_seen":2,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/images/close.png","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /images/close.png HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/png\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"30494af0fb57544a3d57aecc495925ef-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9RBN6SY96S4KGE4GB2N\r\ncontent-length: 276\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":276,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"09f50dedeb1cf12327d362e0ed2b8918","sha1":"810911d2c6c687d5e65ac6aff4066c7b03222b2e","sha256":"9db926b483306474ca408a6c3e4cb9ccdf78e7689a4d39136b6d3158507e5dc4","sha512":"6c5f2e7caf3027b26de14f9b8cfb63b7161acf7db28ba66c55ce30c1443b17cf9a94f4ff667cd64d250994acb97a2d7c17c67d3fd353a95c82ebdf67054bd77e","ssdeep":"","tlshash":"61d02bfb9b948d3bcb6d04e615e586a0a42b1575041203089c50f5f89d06ce80b232a3","first_seen":"2026-02-13T02:34:07.032073Z","last_seen":"2026-02-13T19:48:23.948262Z","times_seen":2,"resource_available":false,"data":null}},"time_used":325,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":325,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/elementos_colores.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.958Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/elementos_colores.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 14554\r\nlast-modified: Fri, 23 Apr 2021 08:12:43 GMT\r\netag: \"6082817b-38da\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14554,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3bf4c0c1852849b98e3c4dab61b8faf5","sha1":"c12fa3af34713f9809153b59ad3770bd6e29b816","sha256":"04f27c47492794866f4662dadad1f973ba5de1660c4f344dafc0c1c990969d8b","sha512":"f6f85f7057042e8ab26571c63e7f3929be0ac31973f57f132ed39822753c6ca2659dbda1bef02cf4ab0a35715a9cba55f51ec56633306ebb198b511e79c4297c","ssdeep":"192:avbiLScdEFBpwVa8ujnLlaALYg3Nstql8nra2VIfZeCIJwcUWB9J9Lt0BF1p:avbqSoYBpwIhD5aPgdsI58CIJwiFOBl","tlshash":"9a62cf0e5c2859fa8b4caad151dbd084643da83a343f0bd3943c168ea10dfe97db25b8","first_seen":"2026-02-13T02:34:07.011918Z","last_seen":"2026-02-13T19:48:23.95025Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6440775b98cac1c304cd2c06","fqdn":"d3e54v103j8qbb.cloudfront.net","domain":"d3e54v103j8qbb.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.151","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:52.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=6440775b98cac1c304cd2c06 HTTP/1.1\r\nHost: d3e54v103j8qbb.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://anonella.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 3000\r\nlast-modified: Mon, 20 Jul 2020 17:53:02 GMT\r\nserver: AmazonS3\r\ncontent-encoding: gzip\r\ndate: Thu, 12 Feb 2026 22:50:10 GMT\r\ncache-control: max-age=84600, must-revalidate\r\netag: W/\"dc5e7f18c8d36ac1d3d4753a87c98d0a\"\r\nvary: accept-encoding\r\nvia: 1.1 b0a74a1c8b6a1560cd851a637b999ff4.cloudfront.net (CloudFront)\r\nage: 75462\r\nx-cache: Hit from cloudfront\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: Y4HX9L3Qrj3sNVhyZBsz3iUMTxaQ97ij6ZS_S2b1iLZkNzDNASaXGQ==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":89476,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-06-08T15:33:40.359507Z","times_seen":249738,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":44,"dns":39,"connect":1,"send":0,"wait":2,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/bgs/stars.gif","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/bgs/stars.gif HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/index.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/gif\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"c8205bad2a2828e41e59972b9aac67f7-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9PTDAVTGQH004D2JAH4\r\ncontent-length: 15721\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":15721,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 402","md5":"97c142ee44ad419dc020b093828032c0","sha1":"8a1b17e569f21804cc669873986ebce96474e1df","sha256":"87ef7e0681f0fd0e826e6ba55e73d8d4af81b306264f08bf80b5b0312e83bf04","sha512":"a155b2280b74e7eee0f9531aaece15cc2739c65fff4c83f0e0fc6171ae594050161f40b2f917391fcf67b509692d0b8ad06d2c517f3e256e11e0d14b7054bf6f","ssdeep":"384:zzZeoVFVPAJrJP8DyKb9C+Re+YHty0cGBw/YnNwoOKux2D:vZ7GJrAZbQ+RebtzaYWr5S","tlshash":"1c62af6491600301dfd19af6e815f4f0ccea23a16160b5e4b31a9fe51b06abed354f09","first_seen":"2026-02-13T02:34:07.183892Z","last_seen":"2026-02-13T19:48:23.952849Z","times_seen":2,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":264,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/tabs/minimize.svg","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/tabs/minimize.svg HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/svg+xml\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"094210ef0473a28173a1975e864272a2-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9R7Q8WSFRNJDA8EHF99\r\ncontent-length: 114\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":114,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f0e5a4a69f17cd094134bed75d9b9dd1","sha1":"be0de0093ec7a94f97027d3213a2b3467ae92512","sha256":"4ea3724475ae933d0834627a2584b6b3574af896756ca7158fd316c7243e00c1","sha512":"bb772a9d588f34d2fe1aa4998517fcb83022c7811cae5970b9236bb8cd7383193ec50ca0ba06e835db2d4a5b07710adffe116869725ee7ca35883b8f5e05ce22","ssdeep":"","tlshash":"fbb092b88078a909ce48d330e87cae19d485b06032942154e9911744f284b6b289067c","first_seen":"2023-11-30T09:58:20Z","last_seen":"2026-02-13T19:48:23.954789Z","times_seen":5,"resource_available":false,"data":null}},"time_used":328,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":328,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/memeSection/7.jpg","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/memeSection/7.jpg HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"c59e61324c41e6a62eb46e47ff08115b-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9RTNMHJYFJHHBB8HX46\r\ncontent-length: 116649\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":116649,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 825x600, components 3","md5":"bbce08548fe98b32c4e02dcd7c41e8bf","sha1":"d59e6cb3e818dc265197ff3deaf911f5b3d7d191","sha256":"55cd44f38c2d01b175a93cfbd1e4a04bc0a2568213de5782fb17b0d798f0c07d","sha512":"e45e85647b5718a6bab657019522ead977039292d3852d8adde07d40d25580373a1672cd31d1b52df80d245b747db43e0fbd074e68dc879f2e80668f85e4ce97","ssdeep":"3072:GG6VONJh/eGPtWl76a8gXBc7XOiaORV3jmn7wILnEdz7y:GhONHWGPtAA7e69inEILQz7y","tlshash":"f6b313b445a232fede93573ae05e78eb118cafe20743e952f48d48d9e3d50a43c99135","first_seen":"2026-02-13T02:34:07.122984Z","last_seen":"2026-02-13T19:48:23.955422Z","times_seen":2,"resource_available":false,"data":null}},"time_used":501,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":479,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/vt323/v18/pxiKyp0ihIEF2isfFJU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.265Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:41:02 GMT","end":"Mon, 20 Apr 2026 08:41:01 GMT"},"fingerprint":{"sha1":"16:62:FB:B8:FF:3A:46:6C:9B:6D:CD:92:D9:4D:14:3B:59:48:25:B1","sha256":"85:9A:F5:D7:C3:BC:CC:6D:01:3A:9C:71:F9:24:07:98:12:7B:61:7E:2F:43:CD:26:EE:39:8E:AB:76:AE:FE:B8"}}},"request":{"raw":"GET /s/vt323/v18/pxiKyp0ihIEF2isfFJU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://anonella.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 17936\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 12 Feb 2026 23:55:29 GMT\r\nexpires: Fri, 12 Feb 2027 23:55:29 GMT\r\ncache-control: public, max-age=31536000\r\nage: 71544\r\nlast-modified: Mon, 15 Sep 2025 17:01:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17936,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 17936, version 1.0","md5":"9cb03ff101745b695ab00581bfb7ceb8","sha1":"4f33d638cb5dc09acc0e940bd2ae4cab1d1c8744","sha256":"8ddbebcc1048154132e1d78eb9b1f7850bca1b7d857035ccf1cb4318ebc615b6","sha512":"4ba8007e98ce15a463e5e5ef35d96a221e143ab67a677950a6c1fa0a6f345c04fbcede718c0634471551acd9e6d77c0b449fecca484decba883210171021650d","ssdeep":"384:AfysgkGgulIZopWHKRQ0K3xjp+kgP3+GHJ+TG0nikv7T+mD8f2D057B:AfniRt2N1DGpIGAff3hDs","tlshash":"ec82e125d8f66852f1c4f8208315892c68594cc7a8c66fb76d493dd1453c27ccbba3bd","first_seen":"2025-09-17T11:01:07.297878Z","last_seen":"2026-06-08T14:58:30.644408Z","times_seen":895,"resource_available":false,"data":null}},"time_used":432,"timings":{"blocked":201,"dns":0,"connect":17,"send":0,"wait":24,"receive":3,"ssl":185},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/elementos_logo.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/elementos_logo.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 27256\r\nlast-modified: Fri, 23 Apr 2021 08:12:43 GMT\r\netag: \"6082817b-6a78\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27256,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6bcbac9a3a91ebf42d52eddaf5cfcec7","sha1":"64d44e099178cb4156c44ea27d762f0960aa3656","sha256":"585212de17492bb046223898e19896716f83003d87a89ad96e835f0d5aea2f8f","sha512":"3027b26bd62c1fe7c6111f2ff6432cfbf4bdfa3da9a6b623378135dea11e83e1ee844b8d130c636312a103848365bb68ecc8c2f6862b8a8f2ea03b1acfdf77f3","ssdeep":"768:QzvE30faF4WKURuG3L6iI0Ezj3h3782Jf:+vkxxKUAG3fIVj3Rdl","tlshash":"c5c2f22c285bf9fdb29b0b7a6369560c87acb48ec203f571862173d12df0dd9a091d24","first_seen":"2026-02-13T02:34:07.150944Z","last_seen":"2026-02-13T19:48:23.957422Z","times_seen":2,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/preloader2.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/preloader2.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5698\r\nlast-modified: Fri, 23 Apr 2021 08:12:45 GMT\r\netag: \"6082817d-1642\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5698,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"004e418bd2e54eb00e65f031d7b5b5bc","sha1":"90818d68d444419ae4d60d866aecd79916b26235","sha256":"bf16695c8e7ea5f22cdd71801eba6e362d423bb975df10b3835dcff8eef9f7b9","sha512":"511e3f551a91e9396320c8e640bd5aabd1f9c48bce49eba18eb9de5ab0aa009892bad10520f85aaaa0d330c29da8205336b5329928d9d4febe69f67070bf682b","ssdeep":"96:R79cBnLgMoHiImeZ4PT+GxEUSHJYx5hU9pWF5Qk/c8JxYOgHUPWuIGkh2CLRmYsW:R7snhoHiImeZ4PaGx6JYxUOF5DcEYOg9","tlshash":"b0c17d211fa4634f9e225cb04071fb4a13dd1541b2af7c7ecaf6d3e065266453a9ce3a","first_seen":"2026-02-13T02:34:07.003234Z","last_seen":"2026-02-13T19:48:23.959524Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/elementos_ruedaColor.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/elementos_ruedaColor.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9686\r\nlast-modified: Fri, 23 Apr 2021 08:12:44 GMT\r\netag: \"6082817c-25d6\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9686,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b77fa8de47fbfb9bfbe5de4dc3e4266c","sha1":"90fa9ab221e00dbb92847cd3e36c1afb5c203f79","sha256":"1c4a6e8c89e51f27c96be7173838f965d4d90802fefd058b5e1ee84130db2ac4","sha512":"7b0d4aa00a1ad9a437b3bfb5be461540fed25d422a7b78a3575c3d880935ea51f23f693f99fcf8d61b79b05430ec197c022d90fcc9864682579a6bb6cd35d9dc","ssdeep":"192:SbyidTRWm1HoHbS2JBXRNWasNgjzHfbX5h0LsV8ridkVQDBKZeSx:Myidn1Ie2tRsNwfG8iQI0Sx","tlshash":"0212bf1dc390022aa7cf041e6763bdf2bed615845d7a6ea340144e91ea1a3508ff6d65","first_seen":"2026-02-13T02:34:07.134613Z","last_seen":"2026-02-13T19:48:23.960544Z","times_seen":2,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/tabs/close.svg","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/tabs/close.svg HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/index.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/svg+xml\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"4fb2eb48a1a8f64dc7ad3c99785214ae-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9Q4W4QDKYSRMB12CKES\r\ncontent-length: 236\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":236,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5498c7e83eeaac502b42197b726e3262","sha1":"e6f81904e6252d69ad112c4e28dfaaecdeec99a8","sha256":"f4213b5abea5dda77984714b5a3171c6399b0e53e363135cca4011e033085182","sha512":"b2dd3dbf2ae8e6076dfbfd46a06f69fb4a28aaeda39331973735a0c1d2d23a02fc617b21bed541b8936c4e6d1ff5d57de1860f7a096495f29be9f31c6ebdca83","ssdeep":"","tlshash":"9bd0a7a85814940efa074170bd7c1d5ad091b99f170410dcc1f32b03e40415e77c43f9","first_seen":"2023-11-30T09:58:20Z","last_seen":"2026-02-13T19:48:23.961413Z","times_seen":5,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"uploads-ssl.webflow.com/66532ba09b25da8de84847cf/66532ba09b25da8de84847e9_ms_sans_serif_bold.woff2","fqdn":"uploads-ssl.webflow.com","domain":"webflow.com","tld":"com"},"ip":{"addr":"104.18.34.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uploads-ssl.webflow.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 00:43:53 GMT","end":"Sun, 12 Apr 2026 01:43:31 GMT"},"fingerprint":{"sha1":"0B:5B:F6:38:7A:09:61:74:C1:17:7C:97:FE:F9:7F:E1:87:9C:FE:E2","sha256":"21:FB:27:B5:8C:5D:D1:37:0A:F5:D1:1D:AE:DD:BE:DE:88:AC:DA:A6:F3:B8:4B:42:C8:8E:27:6B:CC:6E:3C:A1"}}},"request":{"raw":"GET /66532ba09b25da8de84847cf/66532ba09b25da8de84847e9_ms_sans_serif_bold.woff2 HTTP/1.1\r\nHost: uploads-ssl.webflow.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://anonella.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 6264\r\ncf-ray: 9cd6d711cf348deb-OSL\r\nx-amz-id-2: kj1LWz2QTh8vc5LPa6xpVo5vGnsj4DDJ+/XAVo23Z6XdJWE3dYEqTCp7/SH14X5b+mJM4a93ZyktnMTD+thpBHyZnTnFuXOB\r\nx-amz-request-id: 73KJPBT6XJXZH7ND\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-max-age: 3000\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding\r\nlast-modified: Sun, 26 May 2024 12:31:30 GMT\r\netag: \"cb1c7473de82bb53662aaa2d7640e53e\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: max-age=31536000, must-revalidate\r\nx-amz-version-id: cyXFldNmG3BAaQ_cFqhriwkN5RZHg1EE\r\naccept-ranges: bytes\r\nage: 153079\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6264,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 6264, version 1.0","md5":"cb1c7473de82bb53662aaa2d7640e53e","sha1":"6a40a91bb5e3bfdfe7e92799a1f9a1e7ce19db03","sha256":"5f3fbc5790b315fc158b749078e7fd1d74e1f9b463f6b7266c1908cb82a450ae","sha512":"15c01450d46f71a1594c22d53f0f1dcf9aac07f7580b409c34894298aea01d4b47a62e98f8d45194c5ff99b10d77116876dc6cfadc96cd5475a680c1207bd7a8","ssdeep":"192:ioNk+eM1C6iNMdWaBjVm//EOdxLW9cTanALH11kvBm1nhV:iGw2CxSHmnHXL1anAYSz","tlshash":"d5d1af28e152a3e7d7585c3810613eb0ac90d4314f06a98ec56d74fdd02169b33b38fc","first_seen":"2024-10-24T02:21:06.485089Z","last_seen":"2026-05-06T03:35:55.474027Z","times_seen":19,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":50,"dns":0,"connect":0,"send":0,"wait":117,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uploads-ssl.webflow.com/66532ba09b25da8de84847cf/66532ba09b25da8de84847e6_ms_sans_serif.woff2","fqdn":"uploads-ssl.webflow.com","domain":"webflow.com","tld":"com"},"ip":{"addr":"104.18.34.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uploads-ssl.webflow.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 00:43:53 GMT","end":"Sun, 12 Apr 2026 01:43:31 GMT"},"fingerprint":{"sha1":"0B:5B:F6:38:7A:09:61:74:C1:17:7C:97:FE:F9:7F:E1:87:9C:FE:E2","sha256":"21:FB:27:B5:8C:5D:D1:37:0A:F5:D1:1D:AE:DD:BE:DE:88:AC:DA:A6:F3:B8:4B:42:C8:8E:27:6B:CC:6E:3C:A1"}}},"request":{"raw":"GET /66532ba09b25da8de84847cf/66532ba09b25da8de84847e6_ms_sans_serif.woff2 HTTP/1.1\r\nHost: uploads-ssl.webflow.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://anonella.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 6508\r\ncf-ray: 9cd6d711bf308deb-OSL\r\nx-amz-id-2: FTxNh8VWTnccMaPV2NO/z8uTzRopNRWPfJD+NEq41ioEc0AXbuh8hqXexuatoeO1PSWHOUAOhawgCULZ7cSBpzI8x5yXYStHftqQhv9PZ6Q=\r\nx-amz-request-id: 73KH858MFH2M6JMP\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-max-age: 3000\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding\r\nlast-modified: Sun, 26 May 2024 12:31:30 GMT\r\netag: \"1d4d404a3bbe4b7007f89e792233aa9c\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: max-age=31536000, must-revalidate\r\nx-amz-version-id: ilI1ib7XRiqtFrmwKoZ9xle8ihF4CXbq\r\ncf-cache-status: HIT\r\nage: 62070\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6508,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 6508, version 1.0","md5":"1d4d404a3bbe4b7007f89e792233aa9c","sha1":"13dcc34c595402ca9b27f6a945cd85f4f7d84830","sha256":"11b5a68acb6b967d1faa5a3f58432028e9c9cada37c8778d9dcc7415dca73a32","sha512":"adefa2f6b9546d8fb2f80b332aa62b2ab5da0d8382b1ce3820afaf79ebf675dcdcb6cd4cd5be9d3a0b6e7416ccc2d4889ac843c2928dadbdf4369a49a3950297","ssdeep":"96:6KwZtDxJB0Wn06zyKLv6Zkennma8hj0Tw5w9QNo2sTR8IE81e/MMw1LL+rfDXweg:TwZtlMWXTLvnCmlZ5I+sH1ekMw1X+wTF","tlshash":"20d19eb8a00f98f6e26c0670af5951d97a7a06e6f29ef3c7491031c10e05a17c25287b","first_seen":"2024-10-24T02:21:06.480202Z","last_seen":"2026-05-06T03:35:55.482932Z","times_seen":23,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":48,"dns":20,"connect":1,"send":0,"wait":184,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/memeSection/12.jpg","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/memeSection/12.jpg HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"932f3cee50810ecb458a65246b60d359-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9RYVBD3QXD0F9QE38JW\r\ncontent-length: 108747\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":108747,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 825x600, components 3","md5":"7d03a04adc3eed2b6b51db019193cd01","sha1":"c0c95a1cf3ba0eed9afe32e320eaae7285d3b3e2","sha256":"257da9b4523378cfa30e32e0041d57e8784585425240ec5b429533a60ad87cd0","sha512":"7a195e735340d0d62fc2fd353fd461dc9c08e4f75f5f0e0aa0834b7d17db7795f14569aecb79ec16c7a4dd96a11705005c8c0ee5688340eff1b7310be2dd2566","ssdeep":"1536:xxvdXC2CC4xIQsKJe1RRG1vuQ3TnPz6Oy778dm/F+XH2+X0Rn3V:ndvIJJeLR2J3TnPTy7wdFHRAV","tlshash":"96b3022fb5a227903073f579b4074953e44ef8a119e60969dbdb18f8b83f5930b6c918","first_seen":"2026-02-13T02:34:07.077833Z","last_seen":"2026-02-13T19:48:23.964885Z","times_seen":2,"resource_available":false,"data":null}},"time_used":627,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":586,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/src/Preloader.js","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:53.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/src/Preloader.js HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Apr 2017 09:55:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"58e7622e-124e\"\r\nexpires: Sat, 13 Feb 2027 19:47:53 GMT\r\ncache-control: max-age=31536000\r\nx-powered-by: PleskLin\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":4686,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"031ae7fa632f3f9ffee9b0755992ffc3","sha1":"6c05509278800a0b0cd1ee8d6ed3a53f555b998d","sha256":"5f670d4965a33e515056c4744237f801550dd8a5511dcd0f969bf9329ba99f98","sha512":"44ba2eab49618dba2258bbbd7b26607e01fc09e77dbe28c176ac834ef02796f2cc03713b25ca8de6d97352f5675bfbe9ba1ab9f82c3621499f5cf44aa986782d","ssdeep":"96:Mvz6zrMfwOYYgYDQJXcBu2uDwHYCuqlmydy6aCCdhOw2:q4iQJXcBYDmYxQLXH","tlshash":"40a18c4d1b0ac900843b114fbe4f64ae4d996a4fdc82c55db86cc8e6ffa49747578e31","first_seen":"2026-02-13T02:34:07.023958Z","last_seen":"2026-02-13T19:48:23.967258Z","times_seen":2,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/src/MainMenu.js","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:53.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/src/MainMenu.js HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Apr 2017 09:55:57 GMT\r\nvary: Accept-Encoding\r\netag: W/\"58e7622d-2cfd\"\r\nexpires: Sat, 13 Feb 2027 19:47:53 GMT\r\ncache-control: max-age=31536000\r\nx-powered-by: PleskLin\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11517,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"102e7f64fae5fb648dfeb14f72852411","sha1":"664b0e7f3c85fff81a9895e9f6160737eefc88c1","sha256":"57cb07fac993231796bf032c48b6103ef8e866ed4f9dca0d1fe2c861f1a85174","sha512":"01c589caaeaf3477a2cc27e7061ac3813d1b5c110c8b3c63d7fbb8f4ef2d3415498ba4efc80345fd36a5693058b85bfe69c8aa6afec0a3a7c4ae75bdb24bd3cf","ssdeep":"192:xB6FgI711YEjD3KcjDxKh+e+EVwtLeLTfsDpOrrygFy:xFIJ6cbawqoNYygFy","tlshash":"68321c0e07975c1be13661648f9fa2882238900f5e47de2e7d1cc4c16fe253987a9fb9","first_seen":"2026-02-13T02:34:06.976688Z","last_seen":"2026-02-13T19:48:23.968805Z","times_seen":2,"resource_available":true,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/pinceles/pinceles_rotulador.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/pinceles/pinceles_rotulador.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 278\r\nlast-modified: Fri, 23 Apr 2021 08:12:45 GMT\r\netag: \"6082817d-116\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":278,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0a4cd643455fba461416f1ed7aa41308","sha1":"fba844db8e0f544ccf20908987c717fd9b889c27","sha256":"dea9f040e7947509de926d4e0865895222358f934dd0134a0f1b523b71980f91","sha512":"d76ad49bfca80d3cf1f80497d3275cf59c659b67a8654467d3707e3525142bf763807d7c630d7537b64a9673bd07075aa95cc73a15b02301165ba4644cce9b9d","ssdeep":"","tlshash":"76d02b65d2f68f94de2a2cfc859865106409515645654dd20cd611a8166518c0c93d91","first_seen":"2026-02-13T02:34:07.008047Z","last_seen":"2026-02-13T19:48:23.970597Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/cuadropequeno.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/cuadropequeno.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 160\r\nlast-modified: Fri, 23 Apr 2021 08:12:43 GMT\r\netag: \"6082817b-a0\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":160,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"be07c61a94c66448997ad35c6462eb20","sha1":"277dc46e151d62e7f99e145039d54b6a58e7e95c","sha256":"68f0f1cdec92eaf6c7d7f7bfede9f4ade96078a890b0ca43a697be17f3a7d3c5","sha512":"b6695dfccce812e19cc3bd29b2c4b938d56430b0d93e9d9e59b741a99437e0103985d818ccf661b29dde7ed30006cf4e183d2bdcee17417342195eb74de7d665","ssdeep":"","tlshash":"ccc02b0a07cfe132cc2a383a53ae4204b0935e14c144cd3a03f12c7b203453c33311c8","first_seen":"2026-02-13T02:34:07.059093Z","last_seen":"2026-02-13T19:48:23.972341Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/memeSection/8.jpg","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/memeSection/8.jpg HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"eaecffa8332d32eba4666cf774aa59d9-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9RWKZVT3S0XZ7J1N32E\r\ncontent-length: 115228\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":115228,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 825x600, components 3","md5":"85bd1cb1f41ef556752aa1d882cc1f94","sha1":"165adfd35998745aabb3b0ff92c623d2a6dada2f","sha256":"e4013799a8ce6d386532131e4648700cd7b0ab86148321c2d7489466d16fc74b","sha512":"ea428b1bad845cb81bac6cc5b455fea07f3e8b71af4ee5fbd93f78d351c505ecf5dd5e41f9b470705c6b39bd415fa7d57607474097ac8d8dba33a2ec49feb6e4","ssdeep":"3072:kz4pCzp6qewxCLH9LepqmAY95M89GymE3lVn9YfyvCkx:Mt06xCL1hnYXVKEGICkx","tlshash":"58b302b3d79392a0f577bd3aa7f37ba639243e9627584e072f0016d91441ee0b472a07","first_seen":"2026-02-13T02:34:06.998725Z","last_seen":"2026-02-13T19:48:23.974647Z","times_seen":2,"resource_available":false,"data":null}},"time_used":582,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":543,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/src/FileSaver.min.js","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:53.442Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/src/FileSaver.min.js HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Apr 2017 09:55:57 GMT\r\nvary: Accept-Encoding\r\netag: W/\"58e7622d-13fe\"\r\nexpires: Sat, 13 Feb 2027 19:47:53 GMT\r\ncache-control: max-age=31536000\r\nx-powered-by: PleskLin\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":5118,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5033)","md5":"8514c12a6717d73a9ffac9c2f149cc8d","sha1":"bd2a8310006bf05e9c0e20d9ce95bf91cef19b28","sha256":"2edb0a75d0234ba24cf80831689eda1a8bb31fff87e275e6b93955b5f22274b6","sha512":"92e975540ed426d01b3b82395ade86a9623669ced90a0059788d142496344f50789df660a11ca905eedc89668b3ee4052b9fbd51914f396276fa6025b5fe0a7f","ssdeep":"96:O8KUlO15TBWrFnGAmFX/+LhJFABHTTCM5tVRW7amn0GkQGZWHv3KaJ:OL+GDFX0XAR6wXW7amnFkDoCaJ","tlshash":"63b1556e6185b04ac2ef3574912f8101a322fa7e9adf5240db10f8fc657d56e00ebe5b","first_seen":"2025-08-15T19:58:15.21426Z","last_seen":"2026-02-13T19:48:23.975958Z","times_seen":4,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/sound/ELLA.mp3","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/sound/ELLA.mp3 HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: text/html; charset=utf-8\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: 1768261451-ssl\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8QA17D9QHK0BYEFND80A5\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":3449,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"0f89e18d0abacb99149c5e59bf69b5e1","sha1":"9e1ebb10be890c5855eec444233c028270d3e65a","sha256":"8514f0009a58c6e0acb5468f88037732b59b70af5e524f452e3bef8fb33effc5","sha512":"5275d80f3f8f1f5e0d1b6b6b0745732a69d669d66dcdab418fc5a2094bffcb81ff1d34252c97c6dffe5470f0d359a3be03cfd3dfe3d729bf186917c8cf21ece0","ssdeep":"","tlshash":"1f61848dc9a7209b5c93643e27eb560a2274a247cd46da4c3fde6348cf492f214d36ac","first_seen":"2024-12-12T10:00:11.490986Z","last_seen":"2026-06-08T14:26:46.574284Z","times_seen":11787,"resource_available":true,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/sound/wat.mp3","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/sound/wat.mp3 HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-range: bytes 0-36710/36711\r\ncontent-type: audio/mpeg\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"e736a2ba06be28fbc9698d196bd2cf6f-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8QA1JQEPED73KMJZAB9JH\r\ncontent-length: 36711\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":35410,"size_decoded":0,"mime_type":"audio/mpeg","magic":"Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 320 kbps, 44.1 kHz, JntStereo","md5":"6f5f1a7cbb91f5f37fef4b489ca27401","sha1":"b32e8b228ca79442064c0543fdf72c8b005a363c","sha256":"73203f360ac5c282dd8ed8775433d3abba5cd6fba2587a2be81388d54ff79332","sha512":"7ef5fc151e9b9b27afb41c1811cfee579089598f00e72bc538448201674f644940418cad585b8989651a3487e5e9407ffb907e1a6fa531d305b9d57693324331","ssdeep":"768:ntRJiHFfU/5+J1ydh1KK6VTPiKkuQ8C28ZrpD9V5pfyQQY9w:tiHaB+J15KKPRkuQ9flD9V5EQQYa","tlshash":"f2f2f287124224e18503a272be6ea80b9850ce577a7676edc831b33067bf1a1dd4bf47","first_seen":"2026-02-13T19:48:23.978803Z","last_seen":"2026-02-13T19:48:23.978803Z","times_seen":1,"resource_available":false,"data":null}},"time_used":524,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":433,"receive":91,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/images/frame.svg","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /images/frame.svg HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/svg+xml\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"e62448ff471e797ff0146d5db323f622-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9R8RSH1TFY1RVY8J8W3\r\ncontent-length: 227\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":227,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"496a26ea64856379fc15494c211540b9","sha1":"231e997998d014a1eb9a5db715b977da2608ccfb","sha256":"260aa3ba4c3a204d3f7f3290f7ed9a8c971dc22fc64a35be24217b70cf56e2a5","sha512":"58b74c2ae3040a82df3a1a686a80eb03130410b10c4d7f4cb6f5d621f097bcae99bedb9f379da6a20816206fb7d9049cff0eead4f4694ae42444dbfde4708afc","ssdeep":"","tlshash":"39d05e7c82492e28c2405be59738e9e8e04be40782551044da80317a700955bac3a13d","first_seen":"2026-02-13T02:34:07.120168Z","last_seen":"2026-02-13T19:48:23.980623Z","times_seen":2,"resource_available":false,"data":null}},"time_used":356,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":356,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:52.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:41:02 GMT","end":"Mon, 20 Apr 2026 08:41:01 GMT"},"fingerprint":{"sha1":"CE:4C:7F:8F:8F:6A:C6:C8:7D:B4:2F:84:18:4E:0D:FB:63:4C:61:E5","sha256":"26:A1:50:21:90:A7:C5:05:61:2F:4B:99:EE:0C:BA:28:24:E5:BF:CB:00:37:F9:42:00:D8:72:4C:00:37:9B:B9"}}},"request":{"raw":"GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 5437\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 09 Feb 2026 16:33:56 GMT\r\nexpires: Tue, 09 Feb 2027 16:33:56 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 357236\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13188,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2134)","md5":"7c96a5f11d9741541d5e3c42ff6380d7","sha1":"d3fa2564c021cf730e58ffddb138cf6b57ed126e","sha256":"81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee","sha512":"23c162a2e268951729b580e5035ad6ca9969cfcc5ce58a220817b912e76b38be6c29c3ca7680cb4e8198863d95a72ea65bd06ff7189b5c8475e4c1ce501aeab1","ssdeep":"384:i11kqRm4UjryX2DfatZrT80NCGz5r2zItrX:iEqRm4cy338m7d","tlshash":"7942c65d7652b26a825280f2177f060b9576fa2ab844c0bc7a89d8d46c74db8037ff7c","first_seen":"2023-03-07T01:03:17Z","last_seen":"2026-06-08T15:30:03.858964Z","times_seen":60446,"resource_available":true,"data":null}},"time_used":309,"timings":{"blocked":142,"dns":1,"connect":15,"send":0,"wait":18,"receive":1,"ssl":130},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/bgs/darktab.png","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/bgs/darktab.png HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/index.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/png\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"43c4a31320f24568a783389f9d6c3461-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9PXFFSQAEKP91N63VR2\r\ncontent-length: 115420\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":115420,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced","md5":"10b27d33cb1d1b69e9db7384e3a7e9bd","sha1":"caaa1ebd616cb68706ef2987596d8a89eabb42bf","sha256":"1abfd66b4a74e8241571d241a8be1ed37920f89f78d58704583aa20afc679174","sha512":"de3c0112974e751805533b6973dac6d30613d3cf1bd14216ab4fc8f1a8fceff1dc66bfb55ef7de4094a406c15b9ae4f470ff297051577bd74d2af40a8584a2e0","ssdeep":"1536:UNFJ+j4tRz4cIiZwfv+kkn+S2d9ctdUb4XqzVJthaK+N9coPNmh27atC7z87HrCP:sc4tR4HtfvLvkdWX6K+N9fPww7WO7SlU","tlshash":"66b3f155ac64cbe2c8a646700df17f99373492dde6c931d2137bae5ceceb1084e89a4c","first_seen":"2026-02-13T02:34:06.991579Z","last_seen":"2026-02-13T19:48:23.98366Z","times_seen":2,"resource_available":false,"data":null}},"time_used":369,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":132,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/elly_pfp.jpg","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/elly_pfp.jpg HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/index.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"a5e062a1f92403fc64fedfad371ec6a9-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9Q9KZCRZXZA84KFRNXP\r\ncontent-length: 418421\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":418421,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1464x1464, components 3","md5":"2359ede0c6e8ad777e701131550618d7","sha1":"89c81ebc870d1477b7a1da3a20027eccd40abbfc","sha256":"37838abeaf686f8ec1508d98fb9a4d51f53fff714673b2450989f31b9f71086d","sha512":"922c182e326b486087723c0784ca68815f6fed26fe04fb8c47f5380244d066775f6bb675b3c3b20a92a86badd0817ec7f7911c0bf8216988cac0427379ca53e4","ssdeep":"12288:kvQ0TIZ3SWMJQgS6NidGm+IhPIXiZtKuoPSiG:YQAIZ8i6NkCvXiZwnG","tlshash":"0794239aef44cba8f583c35d9d2afdbd021801ad85d48f26c0e06f495bcdc6e4b5e960","first_seen":"2026-02-13T02:34:07.044018Z","last_seen":"2026-02-13T19:48:23.985788Z","times_seen":2,"resource_available":false,"data":null}},"time_used":425,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":150,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/images/whitepaper.png","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /images/whitepaper.png HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/png\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"2b6719345c1e337800ecf513299cebb4-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9QV77YN1GTPFR5TG338\r\ncontent-length: 95576\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":95576,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 961 x 901, 8-bit/color RGBA, non-interlaced","md5":"867e94ea883c7744c76f9c016c3b28e7","sha1":"b6b929437ddac7bf53553bbf3a4f728997bd3ca5","sha256":"bc8f5eca13e576a0f6ba13031bed2f954d6bbf396332acd58c8c43875e44513a","sha512":"4de324d48927dca4cc6454514d567ee6fdee72efde7220686325e10a76e1bec0ae3aea2f3c2d964c5891494c5d0c32ce08e820c7bfef73cff9bcbf1b116187ba","ssdeep":"1536:ZI2c/YWXOmo+ssq0IjHcIOZzeQR++JJ5Im8gSZb5kdtTZUOYLO:Z1SPDqmTU+fzSZbudZZMO","tlshash":"eb93d067e32524839cb0116158452a876a952bc98cbcdea1c0c9389336edddb6cd72ff","first_seen":"2026-02-13T02:34:07.19182Z","last_seen":"2026-02-13T19:48:23.988233Z","times_seen":2,"resource_available":false,"data":null}},"time_used":410,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":369,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/memeSection/5.jpg","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/memeSection/5.jpg HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"88c1b698742d67cbec876aba741b10db-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9RSPQ1H5J1VV891VRT3\r\ncontent-length: 147961\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":147961,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 825x600, components 3","md5":"4cfb5247d98f07fa2edfd99108df521a","sha1":"e8595199425e69f4126737019c3c2c55d56c34e8","sha256":"b794d884bc2ff39385aeb315242f8b2b0f7f29101bf21c08dd01aac82d9dbaed","sha512":"53019bdf83dd350a109eab11c21f21fd68afb7c6732a5bba218810197a5a3b06ef315a5dbf0f45815b9d0c88cb9e2d0f6349ee431242e05ce1363ea533a4945d","ssdeep":"3072:6ETTtmWqU+mMM41gnOOnjkKFVCYPZPubW4EUSIkTH1iqQ0WjCXgkuFG6:Nttqcv4+nHjkSCYobmUStHSjCQkuFv","tlshash":"bee3232a39d5d3494d88ecd10a6f8d9c636590b5c394cea983f30be8df1c8749a7581b","first_seen":"2026-02-13T02:34:07.073997Z","last_seen":"2026-02-13T19:48:23.989286Z","times_seen":2,"resource_available":false,"data":null}},"time_used":612,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":460,"receive":152,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inconsolata/v37/QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:41:02 GMT","end":"Mon, 20 Apr 2026 08:41:01 GMT"},"fingerprint":{"sha1":"16:62:FB:B8:FF:3A:46:6C:9B:6D:CD:92:D9:4D:14:3B:59:48:25:B1","sha256":"85:9A:F5:D7:C3:BC:CC:6D:01:3A:9C:71:F9:24:07:98:12:7B:61:7E:2F:43:CD:26:EE:39:8E:AB:76:AE:FE:B8"}}},"request":{"raw":"GET /s/inconsolata/v37/QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://anonella.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 34084\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 13 Feb 2026 03:34:08 GMT\r\nexpires: Sat, 13 Feb 2027 03:34:08 GMT\r\ncache-control: public, max-age=31536000\r\nage: 58425\r\nlast-modified: Thu, 04 Sep 2025 17:22:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34084,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 34084, version 1.0","md5":"4f77d4a9715e4afc64a863d9e47527de","sha1":"6c0cf65047bbbb46faba3d92f1ba4b80ed04bbdd","sha256":"4914e68b98699a8f3d5d552fe60fd7a1c2cb631a0f66f0a148392f161d3155ab","sha512":"d4ffe5acded9b2e6d59487ac5cb9f97b00644fe6d5b627c08eab181bea10a1e1d85b143aeda6e44c7077cc859ae41be28029658f3281b7129e8f8991d5930b2f","ssdeep":"768:MYusugoEx0m+rAt1Hsu7yN8yI0VALqBFUpSM3tD:q60JUjsksRIGALk9M9D","tlshash":"e8e202553cf2a123715dca20a21f84e27a951cc64f479120ef481cf96a0bfded46e6ab","first_seen":"2025-06-03T01:50:41.190157Z","last_seen":"2026-06-08T15:23:41.46841Z","times_seen":2843,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":121,"dns":1,"connect":16,"send":0,"wait":17,"receive":17,"ssl":106},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/images/time.svg","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /images/time.svg HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/svg+xml\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"7e98a3aea44bb76701a790635fcca0e1-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9R1WTCJQ1GFVF6ED6HD\r\ncontent-length: 297\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":297,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c460d94e73c480299f6c585e5845ef74","sha1":"f77139f2eb1bec0e74970037597833d1b147692e","sha256":"3975c9b501ad950af1c131836c4dbb037c27a6eefc431784b25b9e486e8806cf","sha512":"f22b1ed15838bf6f393aedb33d498075d992b48221436fa63b875ac3fda45de8d9b02ce552ed1977c73e0a688dd24304c214858aaac7de0f049d8ddf4a39155a","ssdeep":"","tlshash":"13e0271c1f459c256350c158e3353454206b4071720f9f859852353ff47d15b35331bf","first_seen":"2026-02-13T02:34:06.972001Z","last_seen":"2026-02-13T19:48:23.990311Z","times_seen":2,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":329,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/memeSection/6.jpg","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/memeSection/6.jpg HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"cee2a0c9e15f136ec8912384cc05f91f-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9RTTJ9C1CG9RW9N1BWR\r\ncontent-length: 158441\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":158441,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 825x600, components 3","md5":"1f1aa7c475e4d86d75b8ffa8014b9129","sha1":"81d33caf39ab54fad97e384c80ef8c2ff6984966","sha256":"0c97ac17916754e572aba8c057c75d6eeedea0a6e48d715b139daf8bd8338fc7","sha512":"6c3e92a6415dc68ddfd2ca8092a2d9f4eae2af2ac50789d44a67549d303af8ac507b01b384e681734ca96313d499c925624dda3da1e3ef9fba49b63ec6ee44a1","ssdeep":"3072:vGW5SoFuHUuRuSstenvcL5UwyurQiAnOEatqGpq6tELC/LeOgeQL:+los0ouPt6vjPKQiAYPpqqELaDgF","tlshash":"e5f3127b3b717aa048683efe0b760b990752ce5e1ffc459a90735dc44b903796162b0c","first_seen":"2026-02-13T02:34:07.193691Z","last_seen":"2026-02-13T19:48:23.991272Z","times_seen":2,"resource_available":false,"data":null}},"time_used":630,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":520,"receive":110,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/appleicon.png","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:54.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/appleicon.png HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 1\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/png\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\netag: \"c12a7f346086c4385994a6c5cb568a93-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8QANJY2FFMA6RTVPEY598\r\ncontent-length: 13741\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":13741,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 256x256, components 3","md5":"fe3d9f0bde1ddc7b199cefef2c6e6630","sha1":"ef6fb00be385c2b7e61cf9de8de8f8ff79090496","sha256":"5b9d6cc8619911ecb396a3033dd69316bd8e7a0894de93eb846f2e9472530725","sha512":"5fad669acfee1b203016b7a3e3b5857426e9f33cbf1df9cdbb19ba704422dc6b523a9b7f9a3f50e0d8be9e2fadbec6843770caa29f0badd4c4fb112a98aa985c","ssdeep":"384:VUazpSUiZyrq+CyqpVbP8kdboIuas1ZcpboM/MuO:VUoaZyuhyq7r3UEouO","tlshash":"7c52bf00169ac2f4b61a0971df592d5baeedc0031ad7a27977f0331e6aa05750ec7235","first_seen":"2026-02-13T02:34:06.997024Z","last_seen":"2026-02-13T19:48:23.992285Z","times_seen":2,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/preloader1.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.397Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/preloader1.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1260\r\nlast-modified: Fri, 23 Apr 2021 08:12:45 GMT\r\netag: \"6082817d-4ec\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1260,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7f729b28f8fc43074df25a9ab68a63dc","sha1":"476b39b254d7bb8bb6f7320533cb02a34c945944","sha256":"5cf61e9beb8145de08c72e5e5b2cabe8b4bf7ee1ed3b8fc2127172b7b8085c61","sha512":"b3d48696739e9b74500c3256aa93cf9d45165db0004a3153b4bb68b06ff8df967a2227702717fb2ce3577e521ce38de41ee0dfaecb961736d024bcce293c023b","ssdeep":"","tlshash":"cb21ea0cc678f8a2cfd79c33969b369a1b490b3c37f74467a14860c94d2c85b52355b8","first_seen":"2026-02-13T02:34:07.025166Z","last_seen":"2026-02-13T19:48:23.993405Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/pinceles/pinceles_cera.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/pinceles/pinceles_cera.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 394\r\nlast-modified: Fri, 23 Apr 2021 08:12:45 GMT\r\netag: \"6082817d-18a\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":394,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f96beda899f3096a137b93f3ca0d7f04","sha1":"72596932a8847d18b921fce86722e643bc19e43a","sha256":"1311c2bb6f26b31184dd1c5164ed1cfa53725cf7bd7b02c7f0a84b5148fa6835","sha512":"7a46b9630cc9406e7458473384ff61082816ba7bbaf8ede9f4e75b08943694a2818873292b41231d64c5fd41bda7cec568ece0b69acc4e68f4b8bde93203279b","ssdeep":"","tlshash":"a9e0f193e718a004e95ed07e465c6f0bc617044c1a04ea20069682ac15870105f35c49","first_seen":"2026-02-13T02:34:07.182956Z","last_seen":"2026-02-13T19:48:23.994327Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/images/envelope.png","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /images/envelope.png HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/png\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"573b4b126e00e12045c3bbd5c917b73c-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9QTD2BRY6K18AEAGVFR\r\ncontent-length: 561\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":561,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 97 x 85, 8-bit/color RGBA, non-interlaced","md5":"d725bd5e4b63c67a581ae89b000874c7","sha1":"4a047e999070f82a2fe75325f28bb8380a17f114","sha256":"7aac8ae5ab79cb55dc2e9a820529c13f981a0eb34fc7bd20d389e83cebb537df","sha512":"459509fdfaa4ed5eea0470dfe3257a385555d7813ea018d1b80657c767a8e5493d1823a6714abc8842082acac38891c6591d0c4762cc6c3faaa4eef59f2082e6","ssdeep":"","tlshash":"63f096edc7febd97d4bc063d00438c852023ad4d9820960d1350305f2565c26d0d8a80","first_seen":"2026-02-13T02:34:07.030899Z","last_seen":"2026-02-13T19:48:23.995312Z","times_seen":2,"resource_available":false,"data":null}},"time_used":336,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":336,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/pinceles/pinceles_spray.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/pinceles/pinceles_spray.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2958\r\nlast-modified: Fri, 23 Apr 2021 08:12:45 GMT\r\netag: \"6082817d-b8e\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2958,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"08d37bdb9c80c7212bc39753bda2f8dc","sha1":"aff5e52bdf6d5e762de93f7c75a1c352f7e12e9a","sha256":"548e9afe8789caa0a01a6a84194b0e359bcd1645f780bf1b27291cdcab0a2af2","sha512":"6b4a0243d55dde592a6c73526157f1692ba392c457ebb1f59260e3311f461bd1c51387474bd2248ae4e495e83203d09cc67fda452d48148f740b4c47d5534513","ssdeep":"","tlshash":"2d516d6834cc171755cb6ece74b417cc633f00be46b249eac2fc11149b6931bca1292b","first_seen":"2026-02-13T02:34:06.96559Z","last_seen":"2026-02-13T19:48:23.996352Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/elementos_X.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:55.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/elementos_X.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:55 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2002\r\nlast-modified: Fri, 23 Apr 2021 08:12:44 GMT\r\netag: \"6082817c-7d2\"\r\nexpires: Sat, 13 Feb 2027 19:47:55 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2002,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"67ada3a7a09c41b66ee4e9edff3f255f","sha1":"b6732a5f805f601f59510c10d163eb442fa14136","sha256":"95b99562bc7c2a9cfae0beceddd726f1b685b8072eb591e158e64d4e27643dd8","sha512":"88714cee54285fd479c4fff38a213be95d91b46aff8cb189f704b1e13505e909378043869ca0deba548bb179d7bd8c880695c40d83af7e0c7f3570fc28e818a8","ssdeep":"","tlshash":"33412cac00566f363e19defe70b1a9c46862ff3e642c329704479ac0149e836bbb3581","first_seen":"2026-02-13T02:34:07.012925Z","last_seen":"2026-02-13T19:48:23.997152Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/main.js","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:52.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /main.js HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Fri, 13 Feb 2026 19:47:52 GMT\r\netag: \"fb4c9816635d27fe3afbc0660f7fb4e5-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KHC8Q974BVSM170KTT6X7P9E\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":599483,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (707), with CRLF line terminators","md5":"2d6b471d82030550700ca8235b9bb51e","sha1":"96feb6de60e85bf35043a887372d8ac1ffc94df3","sha256":"b911001617cea3d7be697835b0985e87aebf5c743142b25990dadbad4ebca609","sha512":"a84d725ed3ea60a555216f676dfcdc634e9ce20e4e985232cf04b56e665944326fa41d3903373cc019c3d98e78905fe257b2b28bdab5a00ed0c982a2118bda2d","ssdeep":"3072:mNNYYXJD4frxU7rZ4AfxriQFa7W0170NWxzDtm:AJOFU7W4rO74NWBtm","tlshash":"09d45489aea171a26a7b737deb7b8001f9b581931004c150bdacdae41fb141453eefed","first_seen":"2026-02-13T02:34:07.038305Z","last_seen":"2026-02-13T19:48:23.998221Z","times_seen":2,"resource_available":true,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/index.js","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:52.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /index.js HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Fri, 13 Feb 2026 19:47:52 GMT\r\netag: \"990437426fa513941511ee5c512c818f-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KHC8Q974G7WBX0XWXHEEF4NV\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":648574,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (707), with CRLF line terminators","md5":"4e01edeeb9622da0e1f88d8963ec4838","sha1":"3194d748d7611b553ad1933493a919577fe8c71c","sha256":"982f51786b9bae28e43e4b4ab583bd46d332e513de9d93bc799c69914ec47f9d","sha512":"73b26e6fe3debba940ee2a5d055f80d354b035ea384b9f971f43523e47832ba16d354bfc0552add7c1be9ff3f870650c663c520777a05d5657d61ca9f8089324","ssdeep":"3072:vNNYYXJD4fj4uNHZ4gf5EedFsS/AvHKEfmIkPyFmpSFmp2XoWhuK2ZwHR:NJOkuNyGJASanFmpVi","tlshash":"3dd47449bea131a7567b737deb6b8401f9b681931104c240bdacdae41fb042453eafed","first_seen":"2026-02-13T02:34:07.187387Z","last_seen":"2026-02-13T19:48:23.999436Z","times_seen":2,"resource_available":true,"data":null}},"time_used":292,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":292,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/memeSection/11.jpg","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/memeSection/11.jpg HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"753f27a337c7351b2464d318499e551a-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9RY4ZMPHRF7RXZ6CXGJ\r\ncontent-length: 83426\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":83426,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 825x600, components 3","md5":"4bfd96cc604bbdd2521d4c22338c9943","sha1":"c0b7893c61dc3e7a9e33ee2cabf117b087aeb81f","sha256":"e539f762188c0d57bb4f9c517694fc89162dc9b9348e5edb633cb53df92c58a5","sha512":"2fd9da595518ea12bc914bae454cd3e41ddb693ccc973d941724e1cd2d58e8b254ae92fc6b9a85ae2605d007057e9f55fe3568d4aac1947c5f96575eab68da05","ssdeep":"1536:DYqi/vFK3oiLIMJy1JoUIMBzXZHKZw3TYnKDjyV6YNmITbSZc/zUVn:++eAUImzXJ0wjYnpVrNmVUUVn","tlshash":"8783027e55ea0b48f81a8b4a02d74f6435c3f41185ec05f43aa037ed616abecb7b7a40","first_seen":"2026-02-13T02:34:07.171394Z","last_seen":"2026-02-13T19:48:24.000097Z","times_seen":2,"resource_available":false,"data":null}},"time_used":637,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":603,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/overpassmono/v21/_Xm5-H86tzKDdAPa-KPQZ-AC_COcRycquHlL6EXUonz0VOs.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.264Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:41:02 GMT","end":"Mon, 20 Apr 2026 08:41:01 GMT"},"fingerprint":{"sha1":"16:62:FB:B8:FF:3A:46:6C:9B:6D:CD:92:D9:4D:14:3B:59:48:25:B1","sha256":"85:9A:F5:D7:C3:BC:CC:6D:01:3A:9C:71:F9:24:07:98:12:7B:61:7E:2F:43:CD:26:EE:39:8E:AB:76:AE:FE:B8"}}},"request":{"raw":"GET /s/overpassmono/v21/_Xm5-H86tzKDdAPa-KPQZ-AC_COcRycquHlL6EXUonz0VOs.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://anonella.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 13196\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 09 Feb 2026 19:07:15 GMT\r\nexpires: Tue, 09 Feb 2027 19:07:15 GMT\r\ncache-control: public, max-age=31536000\r\nage: 348038\r\nlast-modified: Mon, 08 Sep 2025 18:07:23 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13196,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 13196, version 1.0","md5":"acb0521e2f63a91dddd0a84ad011b3d5","sha1":"8e8d3098ce9c4ce28c9ca3e58a3711d3e0e0295a","sha256":"13fd3b6cdf5288362a1ead10aeb2defc0b6b35a6630f92b7e805123de23649f3","sha512":"091b2ab77bb4cadc68f18b5598330a674eb448059f99bd53eb33f7b38487e7407f9d3e71de525e769aa7c721f9ddd62e3f13b6bce90ebb2cac80522599e8e58b","ssdeep":"192:tPyHbSHyDwVoZFJw69d0otrSHYQU2QeYX3yHD3HK4ONyYJ8qXrouZJxUlVwMindc:tOeSktA0Lh3YX3pNVevcyVwMindK3PD","tlshash":"1e42cfee93212bc2c98916ac66d6f5fd881bfddee3eac5a179c1692022030673694504","first_seen":"2025-05-31T14:39:05.948081Z","last_seen":"2026-04-28T07:35:41.949028Z","times_seen":22,"resource_available":false,"data":null}},"time_used":440,"timings":{"blocked":204,"dns":0,"connect":15,"send":0,"wait":26,"receive":5,"ssl":184},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/elementos_derecha.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/elementos_derecha.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 962\r\nlast-modified: Fri, 23 Apr 2021 08:12:43 GMT\r\netag: \"6082817b-3c2\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":962,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3f3f7957a6d71711f649d477f1e9d7fc","sha1":"f93a5b6eaf16017e93796d6ec609010381879aed","sha256":"09854a4bab973dfc5cbfcf351c7d9c4e54acda83a22286b7746a64402a5248ff","sha512":"67a5974f6dc9e2ce2d4e8a9537920bf9f1893b4b840c3f0caae787deebe5eabb7494e054b9c6673b8366de4da00138f5514d5aee4cb7037a0c0008daa36ada70","ssdeep":"","tlshash":"ce11989b0172805087a8f535176fe15af105815198e95f47f88330952e99e9e6265cc1","first_seen":"2026-02-13T02:34:07.079241Z","last_seen":"2026-02-13T19:48:24.002117Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/pinceles/pinceles_lapiz.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/pinceles/pinceles_lapiz.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 190\r\nlast-modified: Fri, 23 Apr 2021 08:12:45 GMT\r\netag: \"6082817d-be\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":190,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ea2ee985caabc6ee8336abf854af8d59","sha1":"bee019d21d9705377330a78d5cece0826d5ab694","sha256":"2ba5c3c5e3670aa2ef0e4ca4b2012ac984bbadbb4e4d4bb652371d13d6eff4be","sha512":"11a3312d004d66bfda5d2e92750548e104bec6c50073647c9fe2c4c91994c227fd5a05ed28d59a6d68b98336e1aabf4af7d1f687ebf27e9006491395bd203984","ssdeep":"","tlshash":"26c0228a4600d2c4ea8e1cba9c642b50808b1400fb098e0150ca22b02aa2ae02667bac","first_seen":"2026-02-13T02:34:07.128049Z","last_seen":"2026-02-13T19:48:24.002922Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/elementos_color.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/elementos_color.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 210\r\nlast-modified: Fri, 23 Apr 2021 08:12:43 GMT\r\netag: \"6082817b-d2\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":210,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1ca1bdea8b234f8ec8a9516aa2f800cf","sha1":"85a3a6250d2358008577fdf88096150e42a0ce7a","sha256":"29b6c76da6cdf2aaa718b759d819cd5c4376eaf446bc2cd0055951bf4291b297","sha512":"f66ad21c1864f521b41c4a5194bfed0ef4081747cf1b6a9090493e0ed7f49ed4177cd9a501f5f8fed52a2044ddc43841694d4b9f45ee5ee18ceccb468d2920c4","ssdeep":"","tlshash":"25d023893335c004ec752c3f4a20c0306086080a6a54ecc0f4211111a17262203baf4c","first_seen":"2026-02-13T02:34:06.967754Z","last_seen":"2026-02-13T19:48:24.003748Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/fondoRueda.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/fondoRueda.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11486\r\nlast-modified: Fri, 23 Apr 2021 08:12:45 GMT\r\netag: \"6082817d-2cde\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11486,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"033d6e895bc45875082572ccb4c4b024","sha1":"5c2806df06ee7dd84ff5b81df27e5db3ab2675b6","sha256":"4a2452a0af5b20c23811648b8b15b382a537574149af583958c1b460a793561e","sha512":"cecf0cf3b5a900de220045a4e9acba1d3d00dce3983d764ba4a976bd7a1759ccff0435b7134d902bd1f9f273bc508b59db4dffb7b22140f2dbbd12f70c94cc33","ssdeep":"192:79ll/XhsLgOYcurOQVo2+I7B0ZAF0qrOGNhjstyS1dDgzrNKekNCs/35h0T5b:hr/XIkcu6x2+CBeAThoH1ZqrdkNxh0TF","tlshash":"4b32d08fb0085b5256d36ab772a010938dd1574aad4f94d513e7c58e22fef89bc2c1c6","first_seen":"2026-02-13T02:34:07.137076Z","last_seen":"2026-02-13T19:48:24.004534Z","times_seen":2,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-13T19:47:51.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Fri, 13 Feb 2026 19:47:52 GMT\r\netag: \"f39e8ace67fc004e32dccf9b0bbdf41f-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KHC8Q8TZYTM7S8ACGPJJXVS9\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Font API","description":"Google Font API is a web service that supports open-source font files that can be used on your web designs.","website":"https://google.com/fonts","common_platform_enumeration":"","icon":"Google Font API.svg","categories":["Font scripts"]},{"name":"jQuery UI:1.13.1","description":"jQuery UI is a collection of GUI widgets, animated visual effects, and themes implemented with jQuery, Cascading Style Sheets, and HTML.","website":"https://jqueryui.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery_ui:*:*:*:*:*:*:*:*","icon":"jQuery UI.svg","categories":["JavaScript libraries"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]}],"data":{"size":51752,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (437)","md5":"61f97e88d919a7379d8683c7ce65ca15","sha1":"4cf94d0dba1d8bef6b05fbcc2243bf91890c2c73","sha256":"70826b1c545130d532e4c962badc00170ca39d87bf651d28178788ad14c16c24","sha512":"a4becbc2827e225c97529c9ff81302e86f432e36d2d14a3b139395538c046fadd267f0ee0a23dd0841d9c8548becff6983f09e1a83c804548c8aff6e177834ad","ssdeep":"384:QgATndwEMKfUfm5aM/HOXDxnK7BkLKFHydkexGCM:QHTndzMKeWaM/UK7Bj","tlshash":"9533ee9145f0927706a281905bbb6f5b3e81d5039a9a5e9872fc8bc46fd3cc3cc174ae","first_seen":"2026-02-13T02:34:07.185181Z","last_seen":"2026-02-13T19:48:24.00539Z","times_seen":2,"resource_available":false,"data":null}},"time_used":759,"timings":{"blocked":283,"dns":120,"connect":22,"send":0,"wait":190,"receive":0,"ssl":141},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/index.css","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:52.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /index.css HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Fri, 13 Feb 2026 19:47:52 GMT\r\netag: \"1e578d95578c97b766a384f7097a2436-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KHC8Q972JBWSTYW89N1SVHQC\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":67384,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (2589)","md5":"0344f79f6b2dd1c5f716d5bf628c92dc","sha1":"1474c94ffcfb37018b6d8a34cd1110c0ce553da4","sha256":"06330d7621dd95265d4843edbd80bb535a4f3210992728fcdcef0593e72f8b06","sha512":"9d9dab4d9c65bdbbacfcb8b748a7a0091d1996adc3fd6b4964d415bc1231d2f4327cf904344a96fa7e0beada1374dab336c3d8640bbd0478ae63d53f66053f2b","ssdeep":"768:Iutlf7A1bfVHFSFkBFe6YFKXCGMoOsp2CASl6MmllplH6yvOvNL8rtLS/pdGSfFf:Iut21bXSCB6EZvpkLcfCRvGN","tlshash":"0d63226a6ae33144bc06a47c5fe963153715c003f24edc5a3ec9a169cf8a3c599e3b9c","first_seen":"2026-02-13T02:34:07.186126Z","last_seen":"2026-02-13T19:48:24.006329Z","times_seen":2,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/main.css","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:52.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /main.css HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Fri, 13 Feb 2026 19:47:52 GMT\r\netag: \"25c8c14a645f3c461c3cafcbdd818feb-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KHC8Q972PGTZJR0B8BBDZ15V\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":53554,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (2589)","md5":"34ff86561a9f9c4aed1e8fcdef5cef19","sha1":"42c48c8cf7afe2fc2ca29a9cd97d7c43e2da4017","sha256":"308c0c40100691a674431ca57f0996d84af9b6db988e24f3b88b8e39f3bd743f","sha512":"554e1159fadfa9ec4264cd254b07239bd5cddf84d81321f9cb28a7d4d76ba0e11f3a1c9716cfb086096273ddea4fb72d5af46b88146a21de219200b429a21be8","ssdeep":"768:QurB7f7A1bBUHXSFqBFWGYFvXEGMoOsp2CASl6MmllplF8ym9/6V8GSNS7pdGkVm:Quru1bCSYBEXb/4KNF","tlshash":"2c33456d5ae32140bc06a4bc5fe953152724c043f64fdc5a7ec9b169cf8a3849de3b98","first_seen":"2026-02-13T02:34:07.166049Z","last_seen":"2026-02-13T19:48:24.007592Z","times_seen":2,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/src/phaser.min.js","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:53.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/src/phaser.min.js HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Apr 2017 09:55:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"58e7622e-b4a24\"\r\nexpires: Sat, 13 Feb 2027 19:47:53 GMT\r\ncache-control: max-age=31536000\r\nx-powered-by: PleskLin\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":739876,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32011)","md5":"1b9153d0183fa6a970a29b9392b9a59e","sha1":"112befbfe9b6e4b1d052b4166f8807be80e63a2c","sha256":"7ec1a47453d9535a5180ef8bcbb925ac04ca6ceeca07084b6e429cab172b774d","sha512":"7829c4adb9e5d5033e23bb609d17f00d4aa74c651c3d15722beb9aeba14ad96d4618b9d1739852872495d087406ff3723bbae22c7bb658ba9385a4378760526c","ssdeep":"6144:4kZO7YG1gvz8mELGQFJk27EaNN6uUhQh879m7v5tJlPO4ALfasybFfdIHGHgHIH1:4kZCxVG4xcYmMzwFG/O6","tlshash":"bdf41adab2617854856361a1007f0247a33bf89aa888c8bc797cd5d97de894c317ff78","first_seen":"2025-04-27T21:37:42.976391Z","last_seen":"2026-02-13T19:48:24.008397Z","times_seen":3,"resource_available":true,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/src/Game.js","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:53.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/src/Game.js HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 07 Feb 2021 19:40:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60204239-95ff\"\r\nexpires: Sat, 13 Feb 2027 19:47:53 GMT\r\ncache-control: max-age=31536000\r\nx-powered-by: PleskLin\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":38399,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (38399), with no line terminators","md5":"a1c7ade2c045ff8611b72c90a415da38","sha1":"ed7ad9f55a10d44bb9da28ff1f497de5a412fca1","sha256":"ae54952f32b3452dc95f96cab9135bd1914551118f7e461f8a2149cb1503cb22","sha512":"4bab59895ba10c0a0325f404b2ce514fa31ab787acbf0ec27768bd7b0669d786f7967c382b58fac6448e6f50ff0c4207f1ce41fc689d5a884200031a2f87d3b3","ssdeep":"384:2yt9MOQ4r7Y1kWsNBgU/63ZxGAfUEEfpmJGCXhG7D4xf91o7W7:2ygbENg3L9fUEqCXhG7c1sW7","tlshash":"df0335d833f3a91e026272570a2b1036e25f76c3350e72d5753de87d6928389a53f53a","first_seen":"2026-02-13T02:34:07.112373Z","last_seen":"2026-02-13T19:48:24.01178Z","times_seen":2,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/sound/wat.mp3","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/sound/wat.mp3 HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-range: bytes 0-36710/36711\r\ncontent-type: audio/mpeg\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\netag: \"e736a2ba06be28fbc9698d196bd2cf6f-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8QA1QFZ93GNKRVFF8QXME\r\ncontent-length: 36711\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":36711,"size_decoded":0,"mime_type":"audio/mpeg","magic":"Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 320 kbps, 44.1 kHz, JntStereo","md5":"706d3da761639df72b8601c9a0a5f998","sha1":"b9f315f852f6ae2d58ac590bb68a01f8975794af","sha256":"c0a6d4b1ee5af4089564568433ec4b5afe6d1d3d6f93165be2e94c931fac6d2b","sha512":"2a12aa37fbe73edc9a093739e456eda749c0c7385594cb592d2217a3832c679f1d739c1b9ed85ca51865db5f4480376a2ce5a413b681e4c2304b8ddc9669ab53","ssdeep":"768:ntRJiHFfU/5+J1ydh1KK6VTPiKkuQ8C28ZrpD9V5pfyQQY9l:tiHaB+J15KKPRkuQ9flD9V5EQQY7","tlshash":"17f2f147028624e0b5035273be5ea84bd850ce576e7a76ec8831b320677f1a1df4bf46","first_seen":"2026-02-13T02:34:07.016966Z","last_seen":"2026-02-13T19:48:23.923473Z","times_seen":2,"resource_available":false,"data":null}},"time_used":562,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":561,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/elementos_izquierda.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/elementos_izquierda.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5718\r\nlast-modified: Fri, 23 Apr 2021 08:12:43 GMT\r\netag: \"6082817b-1656\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5718,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d58d1d45c32e363f11652f4950cd7475","sha1":"a1b4a8a7162252ccbdd13111924e1495647002b7","sha256":"f4632b12fd70916e30647fb3ceda2207c3f97f8d580743a6a6972b590f0a8638","sha512":"1be29c3f7be563bc2ef164805efbb784078c06fd4a3ef35412cb42ec9885460ce7d19013305f4059c29c882f7d48c7059499ec0fc532be378105772bba96d826","ssdeep":"96:X2b3fy9fzC0ABsRywkC1VvLAAUgjr4Mj7QY9gsa7Nq6ovz2vjZ4IxkJRIx2FliGl:+369fz3ABs0GvLAAzv4A7el7qiLZ4Iqh","tlshash":"86c19f34f51a46a799db8c9cb507b7d7f80412a4f32d35574ae6073388e6b2290bac25","first_seen":"2026-02-13T02:34:07.158851Z","last_seen":"2026-02-13T19:48:24.012993Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/pinceles/pinceles_oleo.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.802Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/pinceles/pinceles_oleo.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 462\r\nlast-modified: Fri, 23 Apr 2021 08:12:45 GMT\r\netag: \"6082817d-1ce\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":462,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"43991e99dcc525f6897e29e65acadd92","sha1":"3382a51d675892000ff20183b9c1e5873b138806","sha256":"3fa6f74cec5c428cf98c2e1e01139a165dccc58cb9f0a67fda00fb64179b9500","sha512":"c5fec08a27e8bfb3c7c4932f8cb85b9aba311062feced68d5d464231678413047e3fdfef6e05fe10fef0e99368d0dfcb0aedf67143a1ec43209738ebce6b9c28","ssdeep":"","tlshash":"80f0dc6dc1c00f4bca991a6c732d9a42d40280094908ac7fa6e24b2a24418007824e2e","first_seen":"2026-02-13T02:34:07.118158Z","last_seen":"2026-02-13T19:48:24.013941Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/memeSection/9.jpg","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.244Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/memeSection/9.jpg HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"feee94212d75b26ebf81d519291aed07-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9RWQTYZBNW5F84XTDK3\r\ncontent-length: 188048\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":188048,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 825x600, components 3","md5":"a63fe5bbea8bbb04519641f2f3db223d","sha1":"e9f3888669e606c73dce553b4ae3862bfb210f51","sha256":"7569a0c295d39936670e183e9f035b25246bbce2bbb2a5b8b0526b71835d57da","sha512":"3d1a9d3e2866b5971544fa954f2b50640c1e692b3b89dbdf8a6e56312d0606f1c60ea779ac700581f0e1b2bacf0197d196981c186e32cdb1a5b6a94fcd6276ed","ssdeep":"3072:NVsk1DtcddHPkiYlz2lMS4L+j+0veNb97b7IhsFFM6luGYHh3v5wULOIBrwTM6AV:NCk1Dt0Pki4zcfE+a0vKb54aFn1YHhSA","tlshash":"250423063dfe29b8774ddccb2725486629b86da51cafc8e78937c096912d06c314cedd","first_seen":"2026-02-13T02:34:07.000032Z","last_seen":"2026-02-13T19:48:24.015294Z","times_seen":2,"resource_available":false,"data":null}},"time_used":542,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":499,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:53.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:41:02 GMT","end":"Mon, 20 Apr 2026 08:41:01 GMT"},"fingerprint":{"sha1":"CE:4C:7F:8F:8F:6A:C6:C8:7D:B4:2F:84:18:4E:0D:FB:63:4C:61:E5","sha256":"26:A1:50:21:90:A7:C5:05:61:2F:4B:99:EE:0C:BA:28:24:E5:BF:CB:00:37:F9:42:00:D8:72:4C:00:37:9B:B9"}}},"request":{"raw":"GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 33333\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 09 Feb 2026 10:24:46 GMT\r\nexpires: Tue, 09 Feb 2027 10:24:46 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 379387\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":93868,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32769)","md5":"ddb84c1587287b2df08966081ef063bf","sha1":"9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f","sha256":"88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd","sha512":"0640605a22f437f10521b2d96064e06e4b0a1b96d2e8fb709d6bd593781c72ff8a86d2bfe3090bc4244687e91e94a897c7b132e237d369b2e0dc01083c2ec434","ssdeep":"1536:k5RKUpVgklsdbuLP/l+0fGzA8gmtasgx/c9Rzzi4yff8qeLvHHEjam7rSnmBn9gn:Ee8FbGzA81+xRRi1Z3","tlshash":"0a93e7d9b2d6716387b731bc50af510bb13698aa784c8c50f068d8e4be74a48907bf7d","first_seen":"2023-03-07T01:03:13Z","last_seen":"2026-06-08T13:51:02.908665Z","times_seen":18480,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/pinceles/pinceles_lapiz_color.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/pinceles/pinceles_lapiz_color.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 352\r\nlast-modified: Fri, 23 Apr 2021 08:12:45 GMT\r\netag: \"6082817d-160\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":352,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1d3bdd74cbc43cef648a0ea9dcead97c","sha1":"b5d9231f1ea48c6d27bce9acb0eda8d102213b81","sha256":"1490a4b79e9a9ca6c4d56222e1df84727aab633eb6b1b5f43914b99a257ed8d5","sha512":"a524539683344a153dbc5c30a7e2a436eaf2b3da7d9f0148e633c6ffcf060af42531d361873e49efd351cd0fb9de8241e953e3b6f599075ab324b8501f26176b","ssdeep":"","tlshash":"bae078ad45d01851df6df85d5564a7373f8314489ad54c4e43c70ce5d47005cfd51579","first_seen":"2026-02-13T02:34:06.961816Z","last_seen":"2026-02-13T19:48:24.016912Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/clear_picture.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/clear_picture.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1990\r\nlast-modified: Fri, 23 Apr 2021 08:12:43 GMT\r\netag: \"6082817b-7c6\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1990,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6455bf1997a17de309bbb007132c4b72","sha1":"5e0efb2e36dc28b36efe59f7efcab23375dd1331","sha256":"f6a52c549bb8826dc95cb390eec22ba597a8b6278131c76bfe17c866213ee894","sha512":"1066f1c3015b338f7a66e5e00ad8d6362b69d3f8ed832b9c725c659dbf406517d2919597587fe4b4670d132d706163019c74c111766cf4ca159336e7b5be37eb","ssdeep":"","tlshash":"7d412c892be8b1e810e45444333a772dd7fd1165f423df26204fce0521b57937b80567","first_seen":"2026-02-13T02:34:07.132033Z","last_seen":"2026-02-13T19:48:24.017699Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/facebook/facebook_spinner.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/facebook/facebook_spinner.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 23320\r\nlast-modified: Fri, 23 Apr 2021 08:12:45 GMT\r\netag: \"6082817d-5b18\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23320,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"34bea1a2b2eeea740f32723cc1c501a7","sha1":"8dc526740d05c152a3e3358a8f2b927492ad6876","sha256":"a4e39f5983eecb6355a4172e27f09a3e92cf6a80214c217f8ed88eb1f26230c3","sha512":"243bc6d8d64d7533ee375d6f879a730bf5774f6453ade0fa80c4446311917d9471202d41563f33952e52121bdcf948c069a84535583c28189a990bccbbfd4a82","ssdeep":"384:0UIMb6T05r2Pj4xpUX+KqPY3ujTWQ3MzQaoxHd+0qgw82M5bHZyoXzFGJx1:qQKUvvKSY3eZMGduguA5yAGJj","tlshash":"baa2d12920f48be4a5806aaf07d7acdec84616ddd5e078435585c293bb7d2869628f07","first_seen":"2026-02-13T02:34:07.097421Z","last_seen":"2026-02-13T19:48:24.018521Z","times_seen":2,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/no.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:55.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/no.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:55 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2966\r\nlast-modified: Fri, 23 Apr 2021 08:12:45 GMT\r\netag: \"6082817d-b96\"\r\nexpires: Sat, 13 Feb 2027 19:47:55 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2966,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c886be2c94d23e298cb3d4a0465ec644","sha1":"6b0a4c42bd8ffef6922cac36c412648b3865ff4a","sha256":"74bdebdc77a7df12c00a1540378b4019e095e03b7fe6442806657912dad40471","sha512":"622ac4f05ce3d1ada383b53cc1ee02ccc498b733e29aa2de2930f69c2bc5de7e1157bd92c99397767619344ff17508f1710c2cc008d5259cc52e8107577cbcdf","ssdeep":"","tlshash":"57514ce1ffca9c998cb03559a64b65c65d4e855a4389f020f36fa9b07f044983d83571","first_seen":"2026-02-13T02:34:07.084177Z","last_seen":"2026-02-13T19:48:24.019322Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/index.php","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.149Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/index.php HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: PHP/7.2.34, PleskLin\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:7.2.34","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:1.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8062,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"d7317529080bae02aba8da5f22702b22","sha1":"308cb415eea1927402a22f4a204654edce3d93c3","sha256":"cd170742e16dc5c25ce35c955718b858b31ff01180232e2e3dc72750ce529fd1","sha512":"5eda7c4f8a8f1cb9c50341f51429b30f86135da8066076655ae6d6627730bb5bd5503e4293c11e09b77feefe3bca1106bf39a970e7e0f0b30c9f9ac77f5529ae","ssdeep":"192:Yb0fYLYMvFyJFbcp5WZ9+tXAtDTKhpr0M:J2ySWWtwM","tlshash":"60f11a8c2dd791b7593338b3c3bbb209697865035505cc4439ece6587fa12aa8a1efc9","first_seen":"2026-02-13T02:34:07.026913Z","last_seen":"2026-02-13T19:48:24.020166Z","times_seen":2,"resource_available":false,"data":null}},"time_used":335,"timings":{"blocked":152,"dns":88,"connect":28,"send":0,"wait":30,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/appleicon.png","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/appleicon.png HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/png\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"c12a7f346086c4385994a6c5cb568a93-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9R0C75P230PJG5VAQFM\r\ncontent-length: 13741\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":13741,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 256x256, components 3","md5":"fe3d9f0bde1ddc7b199cefef2c6e6630","sha1":"ef6fb00be385c2b7e61cf9de8de8f8ff79090496","sha256":"5b9d6cc8619911ecb396a3033dd69316bd8e7a0894de93eb846f2e9472530725","sha512":"5fad669acfee1b203016b7a3e3b5857426e9f33cbf1df9cdbb19ba704422dc6b523a9b7f9a3f50e0d8be9e2fadbec6843770caa29f0badd4c4fb112a98aa985c","ssdeep":"384:VUazpSUiZyrq+CyqpVbP8kdboIuas1ZcpboM/MuO:VUoaZyuhyq7r3UEouO","tlshash":"7c52bf00169ac2f4b61a0971df592d5baeedc0031ad7a27977f0331e6aa05750ec7235","first_seen":"2026-02-13T02:34:06.997024Z","last_seen":"2026-02-13T19:48:23.992285Z","times_seen":2,"resource_available":false,"data":null}},"time_used":363,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":357,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/memeSection/2.jpg","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.230Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/memeSection/2.jpg HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"4d39f81767b31b831512389174a51223-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9RK8FXGW43SD8VWH668\r\ncontent-length: 85046\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85046,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 825x600, components 3","md5":"77ca30657ab2edd9e53c2d124b0f8072","sha1":"a2d64e5a0b660e376271c82021a07f87eb0ae630","sha256":"af2d75cf0f89af2870dd53c52feb5b43f4948071b0bed3c5c68b56af0da7413c","sha512":"febe1d44859e153585528df6b46ac2110df10acc89230ed295a3c046add6f935684f32e052ba3cbb0272cded461c3bef383127119b8ace2387cf41ed84cd362c","ssdeep":"1536:4ku5eNfVZph4JbiTEZgWLiNnfZFplFezMCvWx5AGNc5oOJcI53Lsj5KIJGgmvpRx:9phE2YmWLaZFpl9OM5AGcnc3j5K5HRx","tlshash":"8a8302c9713ba338de6f2bb98b05111d163cba272b4dc76e657b4bf3425ad460862b04","first_seen":"2026-02-13T02:34:07.033826Z","last_seen":"2026-02-13T19:48:24.021031Z","times_seen":2,"resource_available":false,"data":null}},"time_used":595,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":396,"receive":199,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/src/Boot.js","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:53.448Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/src/Boot.js HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Apr 2017 09:55:57 GMT\r\nvary: Accept-Encoding\r\netag: W/\"58e7622d-347\"\r\nexpires: Sat, 13 Feb 2027 19:47:53 GMT\r\ncache-control: max-age=31536000\r\nx-powered-by: PleskLin\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":839,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"859521f7f7653f56377eac4089fa6165","sha1":"0e91427c8ec0aff30f1a7023de054b2aec89b2f8","sha256":"ef97844ae06d1527718ac2521a539ead2ba04b412b8c58cf98ee2ad9b8fcc4e5","sha512":"93a34736131a64858750894578badc9bb09fbc46c4c5b5c8781278e5572b06f2192d16b00754f4e280ae66fd1776df90662263a644c92239f5cb9f7189a9e014","ssdeep":"","tlshash":"5e01266c174bcc18843130257f0f76d48bb4210f8c87c95a386dc2d9bf74a685969b7a","first_seen":"2026-02-13T02:34:07.001059Z","last_seen":"2026-02-13T19:48:24.022645Z","times_seen":2,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/src/phaser.min.js","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:53.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/src/phaser.min.js HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Apr 2017 09:55:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"58e7622e-b4a24\"\r\nexpires: Sat, 13 Feb 2027 19:47:53 GMT\r\ncache-control: max-age=31536000\r\nx-powered-by: PleskLin\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":739876,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32011)","md5":"1b9153d0183fa6a970a29b9392b9a59e","sha1":"112befbfe9b6e4b1d052b4166f8807be80e63a2c","sha256":"7ec1a47453d9535a5180ef8bcbb925ac04ca6ceeca07084b6e429cab172b774d","sha512":"7829c4adb9e5d5033e23bb609d17f00d4aa74c651c3d15722beb9aeba14ad96d4618b9d1739852872495d087406ff3723bbae22c7bb658ba9385a4378760526c","ssdeep":"6144:4kZO7YG1gvz8mELGQFJk27EaNN6uUhQh879m7v5tJlPO4ALfasybFfdIHGHgHIH1:4kZCxVG4xcYmMzwFG/O6","tlshash":"bdf41adab2617854856361a1007f0247a33bf89aa888c8bc797cd5d97de894c317ff78","first_seen":"2025-04-27T21:37:42.976391Z","last_seen":"2026-02-13T19:48:24.008397Z","times_seen":3,"resource_available":true,"data":null}},"time_used":59,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/logo_peq.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/logo_peq.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 13914\r\nlast-modified: Fri, 23 Apr 2021 08:12:45 GMT\r\netag: \"6082817d-365a\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13914,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"cae5ee061018dcb40c3a3a64a0a3c3a6","sha1":"a7be9b2a9f672b1a03bfe0c1e55b04ddac76da37","sha256":"b79ddb7798a155c999998095c28fa0638aaf5019a9746c9a02af88b8b7724824","sha512":"ae064b175e09ff66198582ec0fd52d7abd2488189b637fdc09e9760a4643059736d8d4e21af65fc7ba8aa2ca035f53e6188d9a8bf989655d3e4204a4782323fa","ssdeep":"384:T/OHHWg2pbJ/Ly5qLd1Z1CyxhG8QlZ45B5:QHWg2bJzI43Z1CyxhcZkH","tlshash":"c752e1e2b61183954a33e0906faebf6c456b5fa7ed89e3db0013f0924304585fe426ec","first_seen":"2026-02-13T02:34:06.983411Z","last_seen":"2026-02-13T19:48:24.023368Z","times_seen":2,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/elementos_opciones.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/elementos_opciones.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:55 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9150\r\nlast-modified: Fri, 23 Apr 2021 08:12:43 GMT\r\netag: \"6082817b-23be\"\r\nexpires: Sat, 13 Feb 2027 19:47:55 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9150,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"95ea1bd479e8a0397c3cd70b8b36b622","sha1":"31cf02373409e792a497c63f3f2ae4e0859d1ccd","sha256":"885674998e2f9b6dbb76fceb34bb6fd321a83733504d82bfc4cc5d1f1850cc85","sha512":"29230a2704ea5313d0ce14eb8f21c6aa35e2e097794fd670292290625100c20cc0e24bb926662762268905afc2cb1bfaa2dae2ac31dca18d16ea2e3ddcd82fcf","ssdeep":"192:OPp4666cPYozGzXcBw0YYoQislbrSuqdxM8:+Ctw4HrlSjh","tlshash":"e212af804d1dd75ecb16787ae3a0765fe901ceaa1e4ab43653efd64284b382c81138ad","first_seen":"2026-02-13T02:34:07.080768Z","last_seen":"2026-02-13T19:48:24.02422Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/elementos_goma.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/elementos_goma.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:55 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2114\r\nlast-modified: Fri, 23 Apr 2021 08:12:43 GMT\r\netag: \"6082817b-842\"\r\nexpires: Sat, 13 Feb 2027 19:47:55 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2114,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"56b83f8c1c21c6e89bf7a3f20f4e178e","sha1":"ac2066fd577f9780be6535665502c89b53312463","sha256":"b168c39343fb8982f8c6d39879fa7009c18199bec2289c0af8fbd29a56120bbc","sha512":"138c8d46ebc9f8bcc75cc06d84d6a0cc4bf7f45b932637018770ed7615f13d648fd177d57d780dca1c5dac7c7e71629cd5ed3313372e437bbfbdacbb311dfa60","ssdeep":"","tlshash":"27413c8b456819f78b34f4cca93537c35ba7a36c5ceab1191eade44284cc229024f4a7","first_seen":"2026-02-13T02:34:07.163208Z","last_seen":"2026-02-13T19:48:24.025101Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/ui/1.13.1/jquery-ui.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.2.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:52.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /ui/1.13.1/jquery-ui.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-812a6\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Fri, 13 Feb 2026 19:47:52 GMT\r\nage: 4536519\r\nx-served-by: cache-lga21945-LGA, cache-hel1410030-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 62, 5034\r\nx-timer: S1771012073.775166,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 126241\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":529062,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1004)","md5":"dd5c979b802f985cefb36d3e4239977f","sha1":"9f0b7689ecae90bc8d0e3ff859d8d600c4b36ee9","sha256":"e97315234cc1f1c4737d98ea29c0f4d4f06c032dc5943012ae50bc4b10a92276","sha512":"91ef9f666d82ef583b854c4e7a0d114c7d63f509fa1cc2c8303c8b82a63a4a2c9211cd7935fec2916a4ebb16d2cbc09622de1e3eb2cc6301419e54c7c0b2349a","ssdeep":"12288:HdemHFgymNqlyHCcmMq/W/EEs+vQRgPrVhDdRlE:LlyHCcmMq/W/EEs+bhhDdRlE","tlshash":"92b4b6c9f39c266a857a32595c2e42cdb23c8075d60058bfbc5d59dc29a883c43bbf79","first_seen":"2023-03-07T12:12:43Z","last_seen":"2026-06-07T07:58:23.487175Z","times_seen":883,"resource_available":true,"data":null}},"time_used":249,"timings":{"blocked":74,"dns":20,"connect":26,"send":0,"wait":28,"receive":61,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/yes.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:55.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/yes.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:55 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2168\r\nlast-modified: Fri, 23 Apr 2021 08:12:45 GMT\r\netag: \"6082817d-878\"\r\nexpires: Sat, 13 Feb 2027 19:47:55 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2168,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2cfa24ce7a3de9cd0d07433191d83464","sha1":"295007a2da6e48c1a10a271f1890745d76e19195","sha256":"8629057b4ffcd4e5b6dd2529ed23f877a95856f6bec9d848068b176815552ccb","sha512":"2b09fdc0276b391adfefae3b1457b00329f43369dd22b0e2a425a0b9948e71dfab7b1fd467ae4f65ee1c3411a59af8443f51c5b7c9c586cae73b10696b18ecf7","ssdeep":"","tlshash":"60412b923a14d020ed9c1c3c33ad7eacb889f99864da452ad69ada310272122c933399","first_seen":"2026-02-13T02:34:06.98783Z","last_seen":"2026-02-13T19:48:24.026515Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/memeSection/1.jpg","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.228Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/memeSection/1.jpg HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"3947e043bff8e0791d746fc725485f37-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9RCQWRZN8F4236FTH12\r\ncontent-length: 107534\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":107534,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 825x600, components 3","md5":"bd3ec80c4edf587f3d391b4422cb587d","sha1":"0bc0ff0b50a9c8e0870a8c6ec026f715bb8e0b29","sha256":"d214da77a317a2f7056af768a5806cf151f3ad9ba0926e4d4e3f6520fbc8087d","sha512":"00b27fc44a9e8f2c4313eedec0e79344b6b9276f8dabe6d23e41f1665ee50a8c0bd6aadb9c92e215555a664ac8cdced5920385e110aa36a7799e338d30ca1480","ssdeep":"3072:+BmK02JU43p758kexdV3pJ7KCku5CqB6/:+T7JUipd7exdJK4CqB6","tlshash":"7ab31263c9974bfbd6dc49a04f378b228c4ed2d278a9cd9035584a88930c72ae73565e","first_seen":"2026-02-13T02:34:07.108249Z","last_seen":"2026-02-13T19:48:24.027354Z","times_seen":2,"resource_available":false,"data":null}},"time_used":605,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":424,"receive":181,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/images/portfolio.png","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /images/portfolio.png HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/png\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"bb0b62ff196c7e436e2eadf847fd85fd-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9QQ9CSJ7F9WSNNPSYN2\r\ncontent-length: 705\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":705,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 81 x 71, 8-bit/color RGBA, non-interlaced","md5":"362b1a2385618a502394f876b06e258c","sha1":"5f3f62867880957a8598dcf41965ba577bd82fb9","sha256":"a970384de17d864f491d2226687b85e55528034159893757e14bdff78332d314","sha512":"75602b5d3cdb768ad3824aa35604fa2ed67ba065015c327e93189e0c7bcc8898e1392e562a57b267c4b00daf98f5f26e9e66c97abc6a933aaf6a9bc1fd57cdeb","ssdeep":"","tlshash":"cf01658d4f51789f940982204192c68b99a19c99b17bf1094d61bb7d02098b177c472f","first_seen":"2026-02-13T02:34:07.010314Z","last_seen":"2026-02-13T19:48:24.028172Z","times_seen":2,"resource_available":false,"data":null}},"time_used":337,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":337,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/elementos.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/elementos.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 13416\r\nlast-modified: Fri, 23 Apr 2021 08:12:44 GMT\r\netag: \"6082817c-3468\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13416,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d44364dcf3c03bc947f1cd1c6eb83305","sha1":"f2b2ca52754d8a6559bd3473f91ca00db6e8e29c","sha256":"c54ed9b09d8ca38888174b355e25ee26982553284358bd20a4cdbcb8870cb101","sha512":"a3bfdb08f1294690151181c7db94dcab1b13f74da498ae5c3059e61f509a34df7ca5c7facf616bfd1de81c9a3772a797960b78a1641160adceb28a554fefcf43","ssdeep":"192:HOL/NgaFSrOfSkjhvbnriUUuDASnAkwYmrZWQ1ET9exlORNh35+qfh09+ufhIHTN:uL1gaYOakMUUuDwZW0+RDTWMufhiN","tlshash":"8252c09ee074253f88d2681c6aca8fab4eda7dec812db839d10174cb514ad17371b807","first_seen":"2026-02-13T02:34:07.018193Z","last_seen":"2026-02-13T19:48:24.028904Z","times_seen":2,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/bgs/bg.jpg","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/bgs/bg.jpg HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/index.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"19e63c2241dd8a6f5f504c110b52fa75-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9Q3KGWQ3X3CAKKPF3JZ\r\ncontent-length: 491547\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":491547,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced","md5":"f364b7d0a49566891789d291b8b2e53f","sha1":"ca992c64a92b92b73e15d45dc03d1e67381533f7","sha256":"5403e840f97f7ffb869438c3eb08671cbf06fda6afd99d7f4ac80c1775f5c61b","sha512":"c4942c784bcab22a9428fb79a2e2ad853ea930951fe5955b7096579a3c4bc5747751a04f53d70479cbeb47b3b12ff2f7672a4042d830c338746105dc2bd1c96f","ssdeep":"12288:xcLNwcYy1RIVXcB3f8FToUyCHffyOJFwejqB53DVtJGz:xcL6hXcVfkbyC/L2CqB53ht8z","tlshash":"94a42381486f8eeeffd807b983511680df51e541ad5b61f9ee9eb420dc01e19ae0cc6e","first_seen":"2026-02-13T02:34:07.020997Z","last_seen":"2026-02-13T19:48:24.029791Z","times_seen":2,"resource_available":false,"data":null}},"time_used":510,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":264,"receive":246,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/images/buy.png","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /images/buy.png HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/png\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"6e6effe163da2ffd159494b5839129f0-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8Q9QSTZPZMCF1KCH8NZHG\r\ncontent-length: 2185\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2185,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 190 x 190, 8-bit/color RGBA, non-interlaced","md5":"5ab67c81c51cff4e2a31edc1b7d773e0","sha1":"9d398ab57745ea3de20a2291ca3916480f49550d","sha256":"de162522e4e3ecf2141bc745a4f8014607f3ade8196bd1a554c55ad34a7795a9","sha512":"f423a3693c34f26a9bcdf551206763ae3bc99f87a68729eaf94559a15ceecaec705a54905583200c17927dbf8bd0fb21790961b21f7d8a980670f479b9219c49","ssdeep":"","tlshash":"c3412cb0e2b3e79d5254196f858ec1ac48920f19bc30f2252c86b59478fb4ee5f43a68","first_seen":"2026-02-13T02:34:07.169999Z","last_seen":"2026-02-13T19:48:24.030507Z","times_seen":2,"resource_available":false,"data":null}},"time_used":621,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":621,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"anonella.xyz/public/assets/sound/trash.mp3","fqdn":"anonella.xyz","domain":"anonella.xyz","tld":"xyz"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://anonella.xyz/","date":"2026-02-13T19:47:53.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anonella.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 23:36:01 GMT","end":"Sun, 12 Apr 2026 23:36:00 GMT"},"fingerprint":{"sha1":"B7:AB:D8:19:E9:BA:73:D6:07:30:2E:8D:2E:2B:15:A9:F5:7D:52:EC","sha256":"7A:FF:FD:14:C2:5D:2D:B8:AE:DD:2A:91:2B:F1:14:CC:6C:99:8F:39:2F:8C:51:0A:2B:00:05:78:2C:84:23:8C"}}},"request":{"raw":"GET /public/assets/sound/trash.mp3 HTTP/1.1\r\nHost: anonella.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://anonella.xyz/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-range: bytes 0-28142/28143\r\ncontent-type: audio/mpeg\r\ndate: Fri, 13 Feb 2026 19:47:53 GMT\r\netag: \"9a5d226a3fa205dcaf62de5aabc6bd5a-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KHC8QA15103K5E09JHCA75BH\r\ncontent-length: 28143\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":28143,"size_decoded":0,"mime_type":"audio/mpeg","magic":"Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo","md5":"140320d9defe25596259bc4c112bce7e","sha1":"d353b2a6aa554daf61c902f916b9287d8eb9b38a","sha256":"a699e5f75d5b66cf56639c564a4256c9dfa5976ba0f2687de96112bcb8b7c861","sha512":"a66c87a388d46ddf9d2b90aa963d6941d1996b21d0a7a084f22eac295d668401d320146f800ad45f97aae1461534d22b487d37ccf3076a2a11a08f75cc351167","ssdeep":"384:r9EQO2KvbOFdtQFB3S4niM3g0SuhJFGb3V98bzbFpmsy8NWA48mng1HX2lfE0by:r9EczS68iMLS6fGLP+zBkD8NW16+fEQy","tlshash":"0bc2e0426aaad8daf9d00fbe541f7a76e2a30d1a2d78dfd8941c33b4053b54273317a0","first_seen":"2026-02-13T02:34:07.002091Z","last_seen":"2026-02-13T19:48:24.031307Z","times_seen":2,"resource_available":false,"data":null}},"time_used":408,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":407,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"anonella.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/elementos_tamano.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/elementos_tamano.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3706\r\nlast-modified: Fri, 23 Apr 2021 08:12:44 GMT\r\netag: \"6082817c-e7a\"\r\nexpires: Sat, 13 Feb 2027 19:47:54 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3706,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ee89667045fe08647a02019dc70982dc","sha1":"f712f0ef43500f9377f9a4a940d3575e3515f294","sha256":"a62a366ef0080249df25bc506a186fddbd3806917068e8d76cfa3eaf89d38f01","sha512":"a8a73acb6fd113a611ed8d99565f28076829fbd6503aecac4dcfa90770e0e191d8f8ec01934af743a2926555f887c92b73accbcce8cae043bbe7ab3f68bbd3b9","ssdeep":"","tlshash":"ec716d20476e24d0c0ad79ac19cd52274f2e424f038c469406d73a4d10c42bf7eebd59","first_seen":"2026-02-13T02:34:07.070067Z","last_seen":"2026-02-13T19:48:24.03221Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn2.kidmons.com/games/paintonline/assets/elementos_paleta.png","fqdn":"cdn2.kidmons.com","domain":"kidmons.com","tld":"com"},"ip":{"addr":"51.89.42.70","port":443,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn2.kidmons.com/games/paintonline/index.php","date":"2026-02-13T19:47:54.995Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn2.kidmons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 13:38:38 GMT","end":"Sun, 19 Apr 2026 13:38:37 GMT"},"fingerprint":{"sha1":"BB:00:D5:D5:CB:FC:27:0D:4C:FB:76:8B:92:0B:EF:1D:8B:B2:4A:4F","sha256":"F5:13:28:F0:75:3E:EB:62:AD:42:85:F0:0D:64:DC:A0:2C:6F:F7:97:C2:A4:A4:81:69:7C:40:A2:BF:2E:58:67"}}},"request":{"raw":"GET /games/paintonline/assets/elementos_paleta.png HTTP/1.1\r\nHost: cdn2.kidmons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn2.kidmons.com/games/paintonline/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 13 Feb 2026 19:47:55 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3888\r\nlast-modified: Fri, 23 Apr 2021 08:12:44 GMT\r\netag: \"6082817c-f30\"\r\nexpires: Sat, 13 Feb 2027 19:47:55 GMT\r\ncache-control: max-age=31536000\r\nvary: Accept\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3888,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0f84af3d60d97af0adddfb246f6b3c10","sha1":"028b8486bfbebd3102c13052c34bb7aec9c8b971","sha256":"99daa5aeddf770cb7ce8386525348201ebe92c4cebcef1bc157b4ac43d77c3da","sha512":"03f69c433a7d43be7c63ae8cc3404cb0dcbe7f9baa7a809ab89cc6c54df93a0f889a6f88cb69f061fa7d7b36e5385f9533da7cfe2f2ee6454afab6751b49dae5","ssdeep":"","tlshash":"9c818d445012f92aef56fcb399a1da0df2d6a85486cacc9243f0090b04b32737a611e3","first_seen":"2026-02-13T02:34:07.035883Z","last_seen":"2026-02-13T19:48:24.033355Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-13","alert":"Sinkholed","trigger":"cdn2.kidmons.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}