{"report_id":"b724b83f-7556-4804-a5cf-c04eebeae439","version":6,"status":"done","tags":[],"date":"2025-10-19T20:06:21Z","url":{"schema":"http","addr":"mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"172.67.208.131","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"title":"مسلسل Dexter الموسم الرابع الحلقة 3 الثالثة مترجمة - وي سيما WECIMA ماي سيما MYCIMA"},"submit":{"url":{"schema":"http","addr":"mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"172.67.208.131","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-23T20:06:21Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":26}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"mycima.page","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"jw.amselragman.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"jw.amselragman.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"jw.amselragman.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"vk.palybestar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"vk.palybestar.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"vk.palybestar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"delaybagelblur.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"delaybagelblur.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"delaybagelblur.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"amt3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-10-12T22:16:17.945241Z","alert_count":0,"request_count":1,"received_data":18391,"sent_data":395,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"kettledroopingcontinuation.com","ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-09-01","domain_rank":196057,"first_seen":"2025-07-30T15:18:19.355595Z","last_seen":"2025-10-12T22:55:24.916727Z","alert_count":6,"request_count":2,"received_data":85514,"sent_data":972,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.show-sb.com","ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-20","domain_rank":187612,"first_seen":"2024-08-31T03:46:04Z","last_seen":"2025-10-13T03:57:20.808603Z","alert_count":1,"request_count":1,"received_data":2077,"sent_data":484,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"mivalyo.com","ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-04","domain_rank":487363,"first_seen":"2025-08-02T13:15:44.095468Z","last_seen":"2025-09-27T19:19:32.558201Z","alert_count":0,"request_count":19,"received_data":1391387,"sent_data":8548,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}]},{"fqdn":"creative-sb1.com","ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-01","domain_rank":22211,"first_seen":"2025-08-08T09:32:32.509707Z","last_seen":"2025-10-13T03:05:29.919249Z","alert_count":12,"request_count":6,"received_data":184761,"sent_data":2781,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"flushpersist.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-07-01","domain_rank":23810,"first_seen":"2025-07-08T10:43:12.76905Z","last_seen":"2025-10-15T01:24:42.348327Z","alert_count":6,"request_count":3,"received_data":1590,"sent_data":2266,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"site-assets.fontawesome.com","ip":{"addr":"104.18.40.68","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-10-18","domain_rank":380600,"first_seen":"2022-02-10T06:20:21Z","last_seen":"2025-10-13T22:19:55.573453Z","alert_count":0,"request_count":6,"received_data":2139667,"sent_data":3172,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"vk.palybestar.com","ip":{"addr":"172.241.53.93","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-04","domain_rank":5312659,"first_seen":"2025-08-01T00:19:58.820366Z","last_seen":"2025-10-18T05:49:54.48464Z","alert_count":3,"request_count":1,"received_data":1366,"sent_data":391,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-10-15T05:47:09.33032Z","alert_count":9,"request_count":3,"received_data":257889,"sent_data":1204,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"bvtpk.com","ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-03-16","domain_rank":37068,"first_seen":"2025-05-21T11:34:02.786268Z","last_seen":"2025-10-14T17:31:24.383852Z","alert_count":0,"request_count":1,"received_data":111115,"sent_data":404,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"wayfarerorthodox.com","ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-08-08T11:06:50.216151Z","last_seen":"2025-10-13T03:06:18.160605Z","alert_count":16,"request_count":8,"received_data":11857,"sent_data":7779,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"mycima.page","ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":11,"request_count":11,"received_data":654115,"sent_data":5347,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Yoast SEO:25.7","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Gravatar","description":"Gravatar is a service for providing globally unique avatars.","website":"https://gravatar.com","common_platform_enumeration":"","icon":"Gravatar.png","categories":["Miscellaneous"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]}]},{"fqdn":"jw.amselragman.com","ip":{"addr":"23.109.253.85","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-06-27","domain_rank":0,"first_seen":"2025-09-29T22:00:27.83887Z","last_seen":"2025-09-29T22:00:27.838871Z","alert_count":3,"request_count":1,"received_data":1428,"sent_data":429,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2025-10-13T00:46:10.295271Z","alert_count":0,"request_count":1,"received_data":834,"sent_data":429,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"secure.gravatar.com","ip":{"addr":"192.0.73.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"domain_registered":"2004-07-15","domain_rank":16323,"first_seen":"2012-05-22T05:36:38Z","last_seen":"2025-10-12T22:51:58.933502Z","alert_count":0,"request_count":1,"received_data":1736,"sent_data":479,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2025-10-15T11:24:47.291649Z","alert_count":4,"request_count":2,"received_data":754,"sent_data":801,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"delaybagelblur.com","ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-08-27","domain_rank":0,"first_seen":"2025-09-29T22:00:27.834346Z","last_seen":"2025-10-09T21:22:10.004502Z","alert_count":6,"request_count":2,"received_data":216839,"sent_data":867,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"amt3.com","ip":{"addr":"139.45.195.9","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2004-03-18","domain_rank":8122,"first_seen":"2025-04-23T17:00:21.322227Z","last_seen":"2025-10-15T22:03:08.308749Z","alert_count":1,"request_count":1,"received_data":826,"sent_data":586,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"professionaltrafficmonitor.com","ip":{"addr":"3.125.32.186","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-01-23","domain_rank":16376,"first_seen":"2025-01-25T08:56:07.448138Z","last_seen":"2025-10-12T22:34:05.876953Z","alert_count":0,"request_count":5,"received_data":1620,"sent_data":2458,"comment":"","tags":null,"fingerprints":null},{"fqdn":"p16-ad-sg.tiktokcdn.com","ip":{"addr":"2.23.13.27","port":443,"asn":20940,"as":"Akamai International B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2017-09-20","domain_rank":2789250,"first_seen":"2025-08-29T12:48:37.175172Z","last_seen":"2025-10-18T11:34:13.707458Z","alert_count":0,"request_count":2,"received_data":1956092,"sent_data":970,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-10-12T22:12:24.910527Z","alert_count":0,"request_count":3,"received_data":31516,"sent_data":1304,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-10-12T22:15:22.841346Z","alert_count":0,"request_count":1,"received_data":90497,"sent_data":410,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-10-12T22:12:25.402635Z","alert_count":0,"request_count":7,"received_data":143962,"sent_data":3566,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pixibay.cc","ip":{"addr":"172.67.207.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-03-18","domain_rank":362650,"first_seen":"2025-08-01T20:54:23.92846Z","last_seen":"2025-10-15T16:57:10.796455Z","alert_count":0,"request_count":2,"received_data":1241,"sent_data":868,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-10-12T22:12:10.358486Z","alert_count":0,"request_count":2,"received_data":855032,"sent_data":833,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"sharevid.online","ip":{"addr":"172.67.190.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-10-21","domain_rank":0,"first_seen":"2025-09-29T22:00:27.814681Z","last_seen":"2025-09-29T22:00:27.814681Z","alert_count":0,"request_count":1,"received_data":1655,"sent_data":536,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"414ff80e7351ffdec971d44e2b24ce72","sha1":"bf37844183f8f0dbd6ca657e5354f2b268af70f9","sha256":"8a4fbfbda33bf6114fd554982b00255993f110d26bffd063fd58e2115978d5af","sha512":"ab672e1bc867f28a02716442db38581e454ce91b977a28fba35c7941013c3e0f8a94d83e38b7770d3cc17181e346d74ea1fe699914853135788719cc0e6fa539","ssdeep":"384:6Rg3LGjYkb9mmKH4NKl8lTrgbiKYuJu+fVU2ODLcSySc7w:6CGjYkb/T0biKYuJVfOBLc1ScM","tlshash":"0192b6adb2c2306581f61166162fb716b63310257807a055ba39ccd47e3ee87e16bfbc","size":19575,"data":"","first_seen":"2025-09-29T22:00:38.911534Z","last_seen":"2025-11-29T07:44:56.422059Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/wp-content/themes/mycima/js/teamwork-ajax.js","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ecdab97e39ce75fa80db88d3cce14304","sha1":"aab69ad845bda07f965c69979a20fc3d19848982","sha256":"91e5da0e5d4b81688c6c93a68ad3e2f599a6a065c69bae0aeaa5c227ed4d9c5c","sha512":"d4ced31cf138e32ce12b612f0dd614b6445b2ae7cadbe2c6b7612589aeca693516006a5b1aa9fc2f5c3856cbf8f31cf5656264dbe5301eaf40e2dac8772468d7","ssdeep":"","tlshash":"b821f3b90f3841629777967ee06b1818f6b6b8130301e915782d16448ff6552c40eefb","size":1336,"data":"","first_seen":"2025-07-27T11:25:48.411621Z","last_seen":"2026-03-27T22:31:05.03019Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9a29d5d1dd756b743383418931503f0f","sha1":"6da83812bf4876440e91546d0f683864008f7f0c","sha256":"d80b7efb44f925b07882256f83ac91b9918834e0f10c8e7aa1f3bbbc6052cfa7","sha512":"fabe4e69c38ecfc89cdb2a59d5a31ea693f8a572f8b8889d2fad7a8da50fbe21d0e5324b74d82c9a24406f5f928e268ed5430044bc0b8d7cdafb9d00d8bf0438","ssdeep":"","tlshash":"6bc02b8c210f1c7055f727008f3fb700b043321494d0bd31481a23045d30e07eb54850","size":153,"data":"","first_seen":"2025-09-29T22:00:38.913147Z","last_seen":"2026-03-27T22:31:05.071232Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0845c595cc911dbe2d388479c11c1839","sha1":"9bd202c13b6c162bb9b868b015f833e9e978b0ce","sha256":"b688fdb238c646febc3996004998d9d2b85e508c4e89b10af0817210d1c7562e","sha512":"513fade0678e843a040f89adb8ebb2bb06bc02e47d20f656cca2bfae45018824bb5faffc4dbef27eccee0eeffaacf19dd786488d4dc0e9ad0709f4deb3b40620","ssdeep":"","tlshash":"bfb09b0465845d97559459f535387d67ced313117824545165c8d446ed51411cc5c187","size":117,"data":"","first_seen":"2025-10-19T20:06:35.085698Z","last_seen":"2025-11-29T07:44:56.430537Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/player/jw8/provider.hlsjs.js?v=42","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b88ce761b9ebc2a7859a2e03b33ce1ed","sha1":"70d94f3c48460af13fc14eea9e5969f8f28d1a3a","sha256":"0b009d01bf513b1059d8ee15e1a8b57faeb5f8066c0f47d2cf8e1dd2454e5b28","sha512":"0bf83a6b3d8d20918df3ecfd29f7016549a8d8c8cc4aa439018295d55ebf7e136397e0fca72ae0e4bc9eebcd3384261c9a4a492b6e4d43e1fc1acd3ce872c24a","ssdeep":"6144:Fy9gZtOSTvzXBukG/xu08Q9Eu961Q3/nqJxgEMLew9rrqwZk6:MyvvG/xu0pU1cqJxgEIZF","tlshash":"aca43bdd77a5a42642c2a1a5903f4607633b7d0a340dc1acfa2be9d75db8849b03bf74","size":461504,"data":"","first_seen":"2025-04-01T21:32:19.721472Z","last_seen":"2026-04-02T13:28:52.612627Z","times_seen":602,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/wp-includes/js/jquery/jquery.min.js","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87553,"data":"","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-04T02:29:40.605981Z","times_seen":684324,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1f410d118a79ce6aff13bbb469e4e722","sha1":"ff50a218777c2ec78ba07df7d8c4b7ab548053c1","sha256":"92fe957de85c8f14be7f26339fd3fa5bdf3b267c66ac23c2c192f1d5eea1926f","sha512":"fae034e1f514addd1df09dbd87a411f91c5fed254325f30441104d8a3a2bf203875abb25bbeb34aef9122bc775bf94def6183e7b621f3c6d1b6e15917b0a781a","ssdeep":"","tlshash":"1cf07dafeae7253105b37a51ad0bc2417421162a50068c3c792c81401f2285609f2e92","size":628,"data":"","first_seen":"2025-08-22T23:08:47.074124Z","last_seen":"2026-03-27T22:31:05.072809Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5a082f7160ca315fc22beedc0047a892","sha1":"e676f21d812d885c15dbc1d0effdab9bb7c7ba85","sha256":"2e092ef8c63816dddeaff7a7fdea7b41ad70cb2beb95e8ab7f9b22d805843d18","sha512":"ebea9c3d79f462e6834e7c4620e3549dca1352ca5f1235e3b5bd2d999fa9d5d16ae180b9c00b8c9bcb1a083f60309ae6c2511308deb9517e526eb55fbd41ea07","ssdeep":"1536:Bztaz+AmjgWhIXY+PLWZ99b+nZceNcvufGovTEtqkBTl50Wc+DAXIRB:BztazcIXY8LWZ99bw1cvufGovTEt5TlB","tlshash":"5e934180b2c05c6d1387bb7a370ae0d7f58b185864ce8c4fe0a57c61668d767b9e89f4","size":95463,"data":"","first_seen":"2025-10-19T20:06:35.095076Z","last_seen":"2025-11-29T07:44:56.442371Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"da5b8026544aa56f39bed8ffed0b7b00","sha1":"c4f65b479af42a2d6109a4f52a7b0c5e21146ac0","sha256":"9b02a9919ec635e8f6bc86de4424d3bdd5f61be1325bebb6377c5f58803cf485","sha512":"cc6b1747a458237e3a92a7643499a056a4c0774da33046e0ad1583a7bbea4351a942dcd30481ca317685bc22e2d6cc9af3857d3e4e6edd7d04ccd20ed7b1a229","ssdeep":"96:rhrmfmPaeyVQQuf3iIrMJdKxjW3HzFwq93ap44v2B3lPG1K:rhrmfmaSMJdKxAHz+E3E44v2B3lPG1K","tlshash":"0ca11114b2f12655003f38718e8f01187e61a81b971fdd41747d19da9fc4eb0daf9596","size":4725,"data":"","first_seen":"2025-08-22T23:08:47.077919Z","last_seen":"2026-03-30T23:23:37.335619Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-KKSM1SN99C","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fabb6e7216fc8b1d7746702d9f638118","sha1":"5f222780d8d10cbc9b7e085892b2b0b72852d5b1","sha256":"639d04bf0cbdd484366a37bcd113f9c9eb20ed3e2afd2b6d3057371d2906de56","sha512":"d4dc2da8ce5747d4f92dea93467e90688d62f51f0726a867d40181aadfa94b7c2f4b9e208ce0af24907b3ed3f4f49bf9209c38f7b93147d950442163c5e011fa","ssdeep":"6144:5Bh6reF8GT+q5yNnkEt7FJM+avVPiRdcsDOuJeG064l1cYH095SWtyA:X4rqHyq5yNnkEt7FF6PwcO4lnA","tlshash":"17941a8e73c674269396f078503f018ba57b29a2f45cc896f189cce42d74a9a4277f7c","size":425767,"data":"","first_seen":"2025-10-19T20:06:34.909775Z","last_seen":"2025-10-19T20:06:34.909775Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/v/abh8f3lot3g8","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"13734aa9c93c039107d6e183ad18d72a","sha1":"782638bcb9e092580c491b7c0f0c65a131512118","sha256":"87081bc5290094ee96abe8489cf1a4fb57c2efff22e52efda12a6b0364a57239","sha512":"df2e4f06c219375291fbebf57b3bcd1d2bf2fa4d7d285788b4f550563b490f13e4e5f2aee28ae73ed17b9cb2dd5226f5eb828c7d1987802bb46b85341aa0af54","ssdeep":"","tlshash":"aac02bcc211e4c7041f727408b3ff600b4023324d5d4ad32491d33085e30e17d744810","size":153,"data":"","first_seen":"2025-05-10T11:08:49.303884Z","last_seen":"2026-04-01T19:35:17.315956Z","times_seen":285,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/v/abh8f3lot3g8","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7469399f6ae776a44b60a1b0089c1488","sha1":"0ed10e160f95020286084ad24a3270d392ec969d","sha256":"6c5e3c9031fe7ef7cd1c462518248bdbf82f2a17592cee0ac9cdc0c850738cfa","sha512":"7ec861fcca18d1ce9d727564a1dafadf0acaf09f52b98faecc09062ecf9bb15fe9ed77b2903f406f995065a1a66881cb6b2d044594ea7c50513b0f53d25634d7","ssdeep":"","tlshash":"77f09ea53cc98435e336116362afa159745969382c4abc15c84c88853695dfa08af54c","size":505,"data":"","first_seen":"2025-05-10T11:08:49.304654Z","last_seen":"2026-04-01T19:35:17.318266Z","times_seen":250,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jw.amselragman.com/rl19eKtRzoPKZJh/114552","fqdn":"jw.amselragman.com","domain":"amselragman.com","tld":"com"},"ip":{"addr":"23.109.253.85","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"848667c49f5d3aef59cd65ed276cd7ae","sha1":"bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763","sha256":"cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8","sha512":"4248ad0e684224ba8503b1e73517aae6ffe4431cd16b7633d2ccbf4b96f845e318dbee175d19cd4676ca37353f53add2231ed167ad6c4aa0d9fe185f7359238c","ssdeep":"","tlshash":"f23000000000000000cc00000000000000000000c000000000000000000000003c0000","size":5,"data":"","first_seen":"2025-04-24T10:17:49.831301Z","last_seen":"2026-04-04T01:04:03.853848Z","times_seen":14774,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/7e/d7/d7/7ed7d7480d354d6a5551c0d1dea04047.js","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"1ac85c7089591ad3d3b94f5016c668f0","sha1":"67cabc1681d576452a972e808bbd1e6a015d7571","sha256":"345bd9b2d9452e8d23a367e77ee884dafe12a5749c0bca870f2b6d6e9e4adec0","sha512":"353afb9ecb1209f7b39fb71264eeab353357b3ee0f1a36e03dcb3736f84ec99903e32efc5f7e17394e307cb87f978602a88007d926d8f269e7caf433b2de22e8","ssdeep":"1536:UXasDEFAkM9IWf3pDTf0zpxftTgA4VEIaU44Ru37oIXDWeGXMtb4cnSzB:2Dxk4+BgA4VEIaU44McBeGXMtb4/","tlshash":"a083f948bb82b869425630ba332ff01af15a4c421de8d454dc57f8d96fb8b1de637e24","size":84163,"data":"","first_seen":"2025-10-19T20:06:35.036129Z","last_seen":"2025-10-19T20:06:35.036129Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/js/jquery.cookie.js","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ae0c2c5d8f01f7d35bb698bb618a62f7","sha1":"63556a22ddea1c5f23a5cf7d0b6d35c7aab54e20","sha256":"75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc","sha512":"eac94ca9d884692af8bdf12aa6e902a3be4eed0772ad8f2932ac1c3328b83a7351cdf743a409bbc0a3cd385956c08d3203d51c572bb1680489e37330fe27a2bb","ssdeep":"96:L4BZxb64Ng7V8cNwpGylRCsKZcj1JXulL6M/aGByLskPSP4lBCClf1wgCyC:LQnb6eg7DgCsk8fgZJkPSPa+gCyC","tlshash":"2e91fd293a0d231d149353f57aee10c8a930d632216ad46c744cb6b06f00c63ddfbbea","size":4331,"data":"","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-04-02T14:58:36.908103Z","times_seen":4342,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/js/jquery.min.js","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-04T02:23:44.928154Z","times_seen":444674,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/js/xupload.js","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"98f99724f09ee7524d3e2ad085f43332","sha1":"3a1b48d327c1bb5c1675b5d63d7806006b18b671","sha256":"90c38291318a91efee3b33b2ab5dcc4338fd5a85ff913afa631dfd26267a7eac","sha512":"057c3096700dd08e1d09e93402b60454c92a3567df1510c698e486fbf82df8e5f23aaf063376b6b5c139d27e8aa773f01a0e036260bed96bd4fb5c86a7b79ca9","ssdeep":"192:7IKE9YGs1axsrl6IsZWnrbll621w+4UWdRebMQ4WdReDyYQaQv7OsaaFg+BnqGQZ:EGy+tBlV9GRebVReDyYS7OsaaF10fq3u","tlshash":"e722774abaa339912a7730350bbf52043b398407114aca54bd5cd6c4af8452897ffbfd","size":10716,"data":"","first_seen":"2023-03-07T15:52:27Z","last_seen":"2026-04-01T19:35:17.30488Z","times_seen":605,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/v/abh8f3lot3g8","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c5c8b941c69cd605a0a888be226e09d2","sha1":"ac6de9d282f66025bf3e0c9d6d433b672313c3a2","sha256":"c437b7943c01c4c5257abc969abd9df74cd6ace1f6c9884e2ed5d5724d2f4682","sha512":"4c270e77e0f463a5044e597cc28e1783c64b738847010ebb36c25c92b70562b11b81f5a4c9da63f099234056439818119ba217362be78cb62a2d389129d904de","ssdeep":"","tlshash":"7201bd25b7ad1124c23b3067e93bf6c7f43d00325411ec4efe4ce59863a199b2d7a9a5","size":843,"data":"","first_seen":"2025-10-19T20:06:35.113089Z","last_seen":"2025-10-19T20:06:35.113089Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/js/jquery.min.js","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-04T02:23:44.928154Z","times_seen":444674,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/disable-devtool@0.3.7","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f71da0117b47fe056c382d44f7c1af53","sha1":"c384c695d7a74e1e4272b13f9d5942d0f24d099d","sha256":"2a741550c18b132b0ef573f818fc79d6c09169be71d538b968ceac551c178ad3","sha512":"3f0e1a1f193757f55530bc655d93d3b84a257a6dc0ebd3d9ecccb227f50a0ae3dd213bee4275b14554b9a76815b9dfa15f0447ab13e7dea7d2ec4de94734aef2","ssdeep":"192:m65oNqiwnCpJWhMpdhu8nPVOCzEtPi/BxsqaEGtxiAIxMwoMElkUik2K0GywNC:mJ3+CH7p+8nPVQtPGjsqAtcA8J2wziC","tlshash":"8672c5ccb5c3b07057b7aab9507f054ab2356d56888c8050b23e95f82c7856ec277f6d","size":17266,"data":"","first_seen":"2023-12-22T04:40:27Z","last_seen":"2026-03-29T07:03:56.99059Z","times_seen":1245,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"delaybagelblur.com/14/c9/2e/14c92e452cdd222d9945b23d5999913a.js","fqdn":"delaybagelblur.com","domain":"delaybagelblur.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"db2ce5664b6626ae4a15918cf6559b79","sha1":"2e72d48c853afb70676b2e51a5f3bf76f1ef1708","sha256":"fafcb17b67c5adab46fc0dee0f4e2a2559c8501d278f055ed72b80a6305039f4","sha512":"078892b4aff3264d962d8f1167738b6c9428a2fe90a3118420f3b3ace5c781b53a47dba186f5007931af0882294cd8d525fe4d3a6b66fc4cb73afbd98d623c34","ssdeep":"1536:RwaDYewrZykjTzY67ytOUS5VlIXga6kSFf02mdBV4mCzCgiA0eQpE0I9iRrvQ:xnkT9RCgZ0eQp29iRrvQ","tlshash":"4ba3a4883f40f17d0796b47a323fa61af0791a01509cd69cf107f1a8ae6674ab43fe65","size":106642,"data":"","first_seen":"2025-10-19T20:06:35.055899Z","last_seen":"2025-10-19T20:06:35.055899Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/v/abh8f3lot3g8","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ef442b6813103a459ed63305bb000c36","sha1":"18784d7df30b2cce42a34ca6a870cfeb593d0338","sha256":"7f8525726b211d32b48621806f3d20c4353b8e391790a29585cb74192036f4da","sha512":"1eb7321b2f57d6b4ceda68175b13cb9880c5e3295f40a498933ea8f19c0d354e3d430411f427f97a1a9d98546f44f3b0c1bd8d4f2c5156f8693e329c2bb88162","ssdeep":"","tlshash":"abb0121b26ccf066c035a53dc920b8d7fd3e10348001cf8c12843428b3030091c848b6","size":98,"data":"","first_seen":"2025-10-19T20:06:35.116281Z","last_seen":"2025-10-19T20:06:35.116281Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/v/abh8f3lot3g8","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4850721277c7d8758ba7c9ec2256469b","sha1":"6ffc7ffe25c8cc9f8b8aeaa0409becfb8bf76e26","sha256":"18e4d0daeea338888efa2cd480b1981e06f9aafd175bda6a119db7009d6c949c","sha512":"30e0892bb77bbd63a705339aa0c64fb29267d661ed2f9f5b5931e4c8a8765928f2146e849d7efc3a334cc2df194aba866075cb57192204ea630c0161f66b3203","ssdeep":"","tlshash":"7290021d55215a70d08205fe6555b0606032110095295b24b5426054244e1428271546","size":53,"data":"","first_seen":"2023-03-29T22:26:00Z","last_seen":"2026-03-14T01:45:00.947957Z","times_seen":389,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/v/abh8f3lot3g8","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"76cc6a7775b7b653ba5a7d7f9cea4eb4","sha1":"6484c7b286038e9a60c38f4adc61e6ba30062c91","sha256":"a00f1ced7d3bab63e82c08fdb0b05b0e9659805756c15b085c2b9804671302c9","sha512":"38c92e616452c2021d351efc393e49b83c1405721bcab7c63eb809eb040a9cb77d87e2f9bac91373a0853d198f76616ed1759e7024a8b5b0d3d0398da48738db","ssdeep":"","tlshash":"aaa022000300b80280000cccb000c8a820ec330380c20200f223fa0eea38282c03300e","size":60,"data":"","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-04-02T13:28:52.644231Z","times_seen":1027,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/v/abh8f3lot3g8","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"64ee6c09a6676d29a7e32a534f2ba965","sha1":"257c1b8c02dafda68e6deb9f209890ae7149aa84","sha256":"bb31180827cdca4d777cdca760933a9b26895a492999be2c802151cea38acd82","sha512":"cf0ca2ebd1b207566e634a1eaf4024492e63e72c3db30fa2dab2dce910ff2870c2d36628b89ad50b2a59d1096db4367b1236150ac30334f5b73fcc12b2ed8668","ssdeep":"192:lVt0B+xLj0h6AAIDkjfgwSy7W9FeCSauF7u3q2aEvYrUY:lv0BKLYdAa0JSy7IFeNo3qOvS/","tlshash":"a6225bbee1a280b2c59547a8752f1206b7ff0a546476c022f7ddd9cf3092684c2fa782","size":10409,"data":"","first_seen":"2025-10-19T20:06:35.125037Z","last_seen":"2025-10-19T20:06:35.125037Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/v/abh8f3lot3g8","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"2709a1a5d00f734a76a5d43f2997645f","sha1":"74e4e3989b26b7ee174b9028cae0f9c058197393","sha256":"db79a897bc9a33f80ba5f9e09ad4680472c6fb90e60f666ce56a21549a741c8a","sha512":"634fcaad95b5816e937197f0f880f7e2540d9b57481f84de97e22f38a79505e37b1bc7ccf54def4f1dd1fd575082c5f28b94659414782a9a10a3e4d75a9b41b5","ssdeep":"","tlshash":"313167b63128347c82e6166f7cfb664df06756512d1ed044612ce5607828fb9b6338ce","size":1530,"data":"","first_seen":"2025-07-12T10:21:47.751176Z","last_seen":"2026-04-01T19:35:17.328026Z","times_seen":200,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-04T02:31:23.493676Z","times_seen":593513,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89476,"data":"","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-04-04T02:31:27.874616Z","times_seen":217437,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/js/localstorage-slim.js","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ba6facacb00551830393d637195804cf","sha1":"77d2d2802ee44767b33a2d679945cc3efa3619cc","sha256":"41bb37c8133d8e5c128820cfbe03bcbf63ce256bcbd60a1a76143472d8668e38","sha512":"90aa07250eb414ec22765ab6922f593ed3186faecc02008f0331c3e3807cace76861e01028142015308341e955f151b609d08b7d354ff2d27e0ff04ebfde81f9","ssdeep":"","tlshash":"ea41118275e1d9904be004e728b0c002e638992e705d62d0f7b7dd827c9909bcfb57fa","size":2064,"data":"","first_seen":"2023-03-07T15:52:27Z","last_seen":"2026-04-02T14:58:36.927958Z","times_seen":1477,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/ad?type=764753947163","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6374a71794fb1b28a620e89fb3453bae","sha1":"ff2b29384e980be738e9e1affd60c6f0e5606cca","sha256":"32f12bce51e57ec5c4f423f5f01b81e40c96c6449ec90abaff1430d82a3994bf","sha512":"4d8da9b65bd0b6bc5ef22f1e6722c65af615d3b2003ad34f55e0396a62bf69fed40bbae2922b8d36189dd5e000a24b246915e29392ff84144422e6485a0a3e41","ssdeep":"96:vmiVe9hBjHujaKvsUSgtZix6G9yhAWfnb4JG0681v8:vmMChBjHCsgtZixpohdfbwG0681v8","tlshash":"ce8110c466d168c00347a676373ab1eaf82b9dac39c47c59f5417c90f692c20e6e597c","size":4127,"data":"","first_seen":"2025-02-26T03:12:32.193263Z","last_seen":"2026-04-01T19:35:17.266136Z","times_seen":293,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/v/abh8f3lot3g8","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9bdf551ba365b7ed6e77becec7fb6e23","sha1":"2383b6902d774c6f2a6b98f642650b7d639d8530","sha256":"05f2822c157acf0dcda7b6d501166776dedfcf5124bc3097f5a5a8566425eb38","sha512":"d7a9f488193615865496b3e6a84256aebc82339be7050da630b02a76b58c4557e860e5e69bf8f251cf2a87fec1e92556f623a31317fbdd730b0565611936fb23","ssdeep":"192:tpWKHfwpyE5wkGT4XBG7vtUldE1kJrzo4gEEn11CW01XUQEXS1NvCWGWPWBW7tT9:bfw4k7R8tUM1orzo6KjS7uBQF1l","tlshash":"1f322c7d59840874c1da13e8f8bfa318b13a2c10ae14d58df9baf98413796c766b7d84","size":11564,"data":"","first_seen":"2025-10-19T20:06:35.132715Z","last_seen":"2025-10-19T20:06:35.132715Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/player/jw8/vast.js?v=32","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1b3eb53abc624a51f5e226d08758ddf3","sha1":"6cca061ec7c41313ec2027eaaca76fa9dfad750b","sha256":"73788e3233d5113578082f78869724925d3e4dd2c9d02fdc0bf84d6aed3a768e","sha512":"c6c7bbc31213d98134d98087ad912f1244b2dc7c7914247baac80d534663ab75135c004bf5473044db9e082302477b9d812b0a0db4c5f21b3e27508c26c265c5","ssdeep":"1536:twVnle2Qmbe005pkZ/gbxRYpYItN6X6ud7srzIjpitB39BsLIYOONMQHMkBxLNwO:tEnPRIN1D2zXkIYdN7Hnf","tlshash":"acb308872399d52247e484e960344212b335060f780a83acf67dfdef1d5ea4b76bab74","size":112211,"data":"","first_seen":"2025-04-01T21:32:19.700252Z","last_seen":"2026-04-02T13:28:52.634565Z","times_seen":561,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-48ZJD1VPGZ","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"67ebcb51ce1915e96a5d5c38718ca0c6","sha1":"42de1d094ec8279eb63745e243f44be3532dff62","sha256":"7cdeaa1f85a401a14616188b3901b3cdb269471e7e16f9103aed456167caa779","sha512":"1130777dcf2b554e4f5fee2352ffc11ef27bc7e00a235f8bcc10925f4bf627637f30d5e800fa16fad9c1bf8b502a28a93bb8b73f000abf1aef54182f7f65e0e3","ssdeep":"6144:KB+6reF8Gp+q5yNnkEt7FJM+avVPiRdcsDOuJeG064l1cYH095SWtyA:ENrqHMq5yNnkEt7FF6PwcO4lnA","tlshash":"d594198e73c674269396f078503f018ba57b29a2f45cc896f189cce42d74a9a4277f7c","size":428077,"data":"","first_seen":"2025-10-19T20:06:34.905677Z","last_seen":"2025-10-19T20:06:34.905677Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"286da3347eef52dae529375b74cdfc5e","sha1":"d4a872ff7fab3ae580c524606c5f54ca19a9ab6a","sha256":"31dd52ee751b37fa41441d6bbf13f9cd2c28aabebe5be920694a226d9bb9f1d4","sha512":"eb4776a8aab45ecc98381c9fada1755ae355028932f44f15ae3aa2bb0129abb89cd69a2c8154a33ccc8fd07cd602f1e0c2e962828a06b3ccd3f71e09f3dcfe98","ssdeep":"1536:I8zmHlk4JQ9aO4kD9VaZ06GUqo54Az0SBYQ4+DIVVuBWw:jzsJkaO44I06GUb0S6z32Ww","tlshash":"08b33bc6226a241612bf8034445bed0eb5aecd8104cdcdb8e1e5b8662d78b16d3f7fd9","size":109923,"data":"","first_seen":"2025-10-17T15:21:38.182947Z","last_seen":"2025-10-20T20:31:42.986047Z","times_seen":96,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"delaybagelblur.com/51/3e/37/513e377770ba6c350ddd09d0a3200305.js","fqdn":"delaybagelblur.com","domain":"delaybagelblur.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f652600a60b84a72e60141cf8fe08f1c","sha1":"dc05f97d1f7cc6f2be9fce414c243f43d70dbb70","sha256":"2d4a9ccd5958f5da7325d97d242ba355a5ff7fbcdbdc270ff37b4e9bc84d276c","sha512":"0182842c8a90ba9b96331d5a0b1542de7f78005e93deacd9212aaa0a1ffc87c0ff7c93207c1269de6267bf39680e70c6ec2fdfeec176810b305f4e3e5f51124b","ssdeep":"1536:96VClg42zlOOJeH708AqNEiYNfNDlMMugC:O42dEOqofNDlMD","tlshash":"36b3c7483f80f1ac0267a073123fa55af1298e4e519cd25cf342e8f45dad796f93ab64","size":108509,"data":"","first_seen":"2025-10-19T20:06:35.043191Z","last_seen":"2025-10-19T20:06:35.043191Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce1f62f444ed3435d27ee8f1f8e8b56e","sha1":"7abd224c4bda3a55ca560b595a7411cf157d2965","sha256":"25563d8089ea53ef3b0a126977d48511d076a57b610f38950ba01b17dec9b759","sha512":"6267af378544435b803e093b954874a2cc056236bb1369b8912e60308bb553d72e77bef84f25c6893759052b8b5ab3be8ccf144b53d2f2180293623b6bd73a01","ssdeep":"192:Va3sDKsRalaZ4crcYmeV+VHJmQxdCnV8oDeQToJ:am39V+VHUACnn+","tlshash":"4002320849fad921c01da13e203e3664f7240a53ac5abfd8bb8451055fde96f79b903f","size":8627,"data":"","first_seen":"2025-10-19T20:06:35.136493Z","last_seen":"2025-10-19T20:06:35.136493Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cc39d06a363f88ef2f86117856fd2072","sha1":"16cd004acc453ab7a9ac9734137e620c5f22de77","sha256":"d03a5178cf733bbf75beed6e6f6936776191d1ecea2296505245b99f31dcb6cd","sha512":"74103682821aa2715c1b94a7e81ad68569afabe8e8240669bb5b2eaaa32091507f841c8a25c30796ced80e087d8b8e43046a6fffa4c5fe27b2820c2359bccc70","ssdeep":"48:wQcpBcEqcHEmQc73W3yc/1V3QRgkz84fHb0xTpdAT6dTxJ4TBJAYT4TCTwcjFIcg:OfmT16gWND2/JOJfIOPeG68Kfs+","tlshash":"8b91410672d051f911bf31a365475048b5718c3781dacd61b8bda4b42f2f8a0e6b9d7f","size":4259,"data":"","first_seen":"2025-08-22T23:08:47.081188Z","last_seen":"2026-03-30T23:23:37.338525Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3b980f20a9d01719762558147d04afd2","sha1":"b3934859348286ff23ec419cc2ddae5727973e3f","sha256":"fe33ffe64833b0f41960388e680d3acd96b538d5e051e2209dd23da2548440ae","sha512":"66f4f7476cb6a3c22f5026ce92a84a4a6427965197f93733ea5a69f27a9a0a7363af1f0b22e126532ec541e703e78014f0e2cf9f99be2641ed664e0cad5e2d94","ssdeep":"","tlshash":"1401c052ab91425b6e1f061b038af14821e10013cd4dde4d7a3e679d0ff98a2d15edc6","size":716,"data":"","first_seen":"2025-02-08T21:38:16.954675Z","last_seen":"2026-03-30T23:23:37.339064Z","times_seen":33,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-04T02:02:25.009538Z","times_seen":203437,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","fqdn":"sharevid.online","domain":"sharevid.online","tld":"online"},"ip":{"addr":"172.67.190.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0d43126fad68fe2c979d6a117ae97cc5","sha1":"79598fd5a47cd4cd6abf84a090310f1ef6b2977b","sha256":"fc1fd07c7cc51c082eca5bbb70fec30c863b608b78ba6913e39165433972c386","sha512":"7deaec454dd216866a2d6093a0c352839c184462b31117e53b375d60d61dc4fe2bfd0bd92d58bf37dd9e0f49058d09dcf9bf13663834a25d80939bdc4f4a0ac6","ssdeep":"","tlshash":"c72000000300000000000000000000000030000000000000000000000c000000000000","size":3,"data":"","first_seen":"2023-03-07T12:58:59Z","last_seen":"2026-04-04T01:28:49.675366Z","times_seen":376,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/player/jw8/jwplayer.js?v=6","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"581ff912c413cd78a30f5c212f42271a","sha1":"79af689432d0f20cd1d951eb9436711da07decd4","sha256":"c708d26c24b48c3343e8cc7879d07e8ca6f23d1cc1e5df165a9f8e24a7c5830e","sha512":"c6185ea9db6db8786aa1636537595a5f061745caf287602beafc2dca984b1eceafeb3651109cad8cf45be3dba2a76a201758c6aaa7d7fb1adc8e07e95a39f41b","ssdeep":"1536:ELyl/ByW1iqxGJaGB2lAqU6ePRtwoIWz0Bk+5cm3wUn+yUi3LAalYqlkcRPUeJaQ:L4pknUi3LAbdhHwSm","tlshash":"99e339a631c2f4a613e264c7e47a4005f1790988744de8a4faacecd67956907b1b3ffc","size":148052,"data":"","first_seen":"2025-04-01T21:32:19.723959Z","last_seen":"2026-04-02T13:28:52.626488Z","times_seen":603,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/js/jquery.cookie.js","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ae0c2c5d8f01f7d35bb698bb618a62f7","sha1":"63556a22ddea1c5f23a5cf7d0b6d35c7aab54e20","sha256":"75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc","sha512":"eac94ca9d884692af8bdf12aa6e902a3be4eed0772ad8f2932ac1c3328b83a7351cdf743a409bbc0a3cd385956c08d3203d51c572bb1680489e37330fe27a2bb","ssdeep":"96:L4BZxb64Ng7V8cNwpGylRCsKZcj1JXulL6M/aGByLskPSP4lBCClf1wgCyC:LQnb6eg7DgCsk8fgZJkPSPa+gCyC","tlshash":"2e91fd293a0d231d149353f57aee10c8a930d632216ad46c744cb6b06f00c63ddfbbea","size":4331,"data":"","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-04-02T14:58:36.908103Z","times_seen":4342,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/assets/jquery/player.js?type=mainstream\u0026u=43405\u0026v=2.0","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"95f335e82f86e7e226fb0d72a8daeed3","sha1":"403f27ee7a0ddbd7cf6e31a8637d89aba9c4e307","sha256":"16a18c83647fbc0438206b9a80dfe4626ee1de1d79c59af9cc4337eb0a9b93e6","sha512":"7d1060ab24d04e149a090b8f0e01affcbbfc4870434667fcfc7bc0126a2ff8f447a6f7c2a578e40464b98be36f469bca033ced9240ee09cb4839068367d9ebe4","ssdeep":"192:tQDu55eTGY8C37QMfVZmVzHFwSkrxAJcqqr4oo4bMvT:ayIy8rdYz2UoRbMvT","tlshash":"df0261052f40146563b24feab62f60e2f06d2d0f3f064093f539f89975ae522eee9971","size":8281,"data":"","first_seen":"2025-09-14T10:15:32.123442Z","last_seen":"2025-11-28T20:42:16.629067Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/player/jw8/jwplayer.core.controls.js?v=42","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc91b5efc8f4bb2482c2d7d5d8d9b691","sha1":"5db922c4c6caf3a7d22f57a21670281d5c31994b","sha256":"f061c139ad68d7ed1360ab6a2c8842466d2913582468c48eb2d1ee2a651fb495","sha512":"f1e175f4658e4cb1c603875c81f3b96caaab74346c78d9b320e564f0a09a8518b11123509351bfa5229ac9d867d56c6afc1118ce7c368ff1ce729de877c7d694","ssdeep":"3072:+jY7nFuuslX/Na3u6NxIeLSJhy1yiSS64pOknRBb9Wsr9BbrC3YLrmYRJ:2Yx5U/Na3JpLSJhyJOaRBRtBHzLrmYRJ","tlshash":"e9640932214252359aea82da66514604b3398085f516cfacff2ceddd4c6e9c731fabb4","size":331116,"data":"","first_seen":"2024-12-01T14:07:01.698179Z","last_seen":"2026-04-02T13:28:52.627773Z","times_seen":668,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/utility/default/robot/2/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6326c600df01e3bfb9b40e1aa08176f8","sha1":"6b4fb754d29b297b539bf62ba9b4eaf0f33f314a","sha256":"df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3","sha512":"641aaeecb9b89bcc319cabfef18f76faa9b1ba79f9de30c6d07f22d385fc78ac3f11a718fe9ec96f8a13d82e3dff4ca34944ccb449a4ef8e378ad65dfad581c0","ssdeep":"1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri","tlshash":"eb83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","size":84384,"data":"","first_seen":"2023-03-07T01:10:11Z","last_seen":"2026-04-04T02:03:46.574007Z","times_seen":10356,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/wp-includes/js/jquery/jquery-migrate.min.js","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","size":13577,"data":"","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-04-04T02:28:41.86713Z","times_seen":637860,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vk.palybestar.com/rBUgDi4k9GCWE/128630","fqdn":"vk.palybestar.com","domain":"palybestar.com","tld":"com"},"ip":{"addr":"172.241.53.93","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"848667c49f5d3aef59cd65ed276cd7ae","sha1":"bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763","sha256":"cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8","sha512":"4248ad0e684224ba8503b1e73517aae6ffe4431cd16b7633d2ccbf4b96f845e318dbee175d19cd4676ca37353f53add2231ed167ad6c4aa0d9fe185f7359238c","ssdeep":"","tlshash":"f23000000000000000cc00000000000000000000c000000000000000000000003c0000","size":5,"data":"","first_seen":"2025-04-24T10:17:49.831301Z","last_seen":"2026-04-04T01:04:03.853848Z","times_seen":14774,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbs?c=1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:06:01.064Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nCookie: uid_id2=a11b0847-7f13-4f2d-a938-83530f8cdc0d:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27452573=1; slec7ed7d7480d354d6a5551c0d1dea04047=[6233296]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 19 Oct 2025 20:06:01 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":662,"timings":{"blocked":283,"dns":1,"connect":93,"send":0,"wait":94,"receive":0,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/impr.gif?sid=H4sIAAAAAAAC_1SSz2skxRvGq7M5fNnvQdTgSXEOHlY0k-rpnsyMi6zGmDUYk5CN5OBBqquqJ2V6utqq7unJnIIB2eN486DQeSbZ-GNZ9Q8Ql4m3AdERWXLYiD_-AEHdo8gkA4vv4X3f5tOH53neev8gOyMeMna6_obuqihic9UyLV3ZUrHQuS2tbpZcWqZXS1sqnvevljrjZtovuJ5fps-Wrku-o-cq1KXUpW5pSRkZ6s7cOYVKbjfccoOW_UrZrfromP9-28yBZQ5E-4w8BiVGj_wWvgXFB4hbXy5Ku5Pq5PlXW1nEUm3QFsdvxjuxzmO0Hq6hcRDGx5O_oe2IkA-noOPjiQPo9uHYAQI1IlNP3EcQH09kImgfXSgNIsgYgfg_8vYAMhpAsQG43ocSPxCAC6yuIW7dWtUmZ7sXlI3piEw_-BMqH5Hp-zOIW3cWItUp3dBRliodW3TCAqozgGoOkGQnSLtTUPkJePoelPiOzD1YQdw6XLORhhKnzzDXDWjdr83WQteb9cOKmGUNrz5b96oeDetccCrOI1LhAMxeQmYdZMpBFjrIEgctcVryad3nLvPmw4bgNeoz3xcyoI16hVLW4DVkfKy9hzTpgUc9cLOHxOxhR_Vgsruw2wWscGBTgrYokEuC3BLkjCBXBHlKkLeLIxHZii1uichmgTuZlcn0ir5OmwfsSKdNGRMw04MRxaFK3rX74Omlfje0oq_HjQVp0WeBKA6SM_LoOFYHv3-MHXlaqklREzW_ToVX9cU8q1arLqfCFZJRn_o1WFVA2Skw66CrRuQ1_IxEjcjTw58QsBPY6ARcOWDZU2B5AbZdoBt_YbeZkW0lyjqOVCwhdIEknUa66xxEZ-Tx_sbmwt3zA7_95PeQfPjS_-5dfjHp3wM3BRJT4B31LUEzutnf0Dk53NC5JV-tJalqqS4bH_9GylI5_dnrcjfXRiwv2t6nL_MxGK-3N6VNV1gsVNy05PMFJYQ0S9pwSb5etlsyWM_s9kJm4ixZWX9labmVGGmt0vEATI3I5Y-eA1cjMnPl2vnDrv71K3iyB5sMr_0z0_3l-p0ZWE0QJA4iRRDJIZkUWFDAyod-Ajn85o8LdmBvomkcsHQfcatA2xRoRwVY1IPNLvXTxAyv_eidF4LI6QeRcQ6DyEQfXORk1Wkp9GSFU1qvzbtePZSu5wseVut-Q8wz6nkSqR1t_734yb8BAAD__yDH7v17BAAA","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:06:01.063Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1SSz2skxRvGq7M5fNnvQdTgSXEOHlY0k-rpnsyMi6zGmDUYk5CN5OBBqquqJ2V6utqq7unJnIIB2eN486DQeSbZ-GNZ9Q8Ql4m3AdERWXLYiD_-AEHdo8gkA4vv4X3f5tOH53neev8gOyMeMna6_obuqihic9UyLV3ZUrHQuS2tbpZcWqZXS1sqnvevljrjZtovuJ5fps-Wrku-o-cq1KXUpW5pSRkZ6s7cOYVKbjfccoOW_UrZrfromP9-28yBZQ5E-4w8BiVGj_wWvgXFB4hbXy5Ku5Pq5PlXW1nEUm3QFsdvxjuxzmO0Hq6hcRDGx5O_oe2IkA-noOPjiQPo9uHYAQI1IlNP3EcQH09kImgfXSgNIsgYgfg_8vYAMhpAsQG43ocSPxCAC6yuIW7dWtUmZ7sXlI3piEw_-BMqH5Hp-zOIW3cWItUp3dBRliodW3TCAqozgGoOkGQnSLtTUPkJePoelPiOzD1YQdw6XLORhhKnzzDXDWjdr83WQteb9cOKmGUNrz5b96oeDetccCrOI1LhAMxeQmYdZMpBFjrIEgctcVryad3nLvPmw4bgNeoz3xcyoI16hVLW4DVkfKy9hzTpgUc9cLOHxOxhR_Vgsruw2wWscGBTgrYokEuC3BLkjCBXBHlKkLeLIxHZii1uichmgTuZlcn0ir5OmwfsSKdNGRMw04MRxaFK3rX74Omlfje0oq_HjQVp0WeBKA6SM_LoOFYHv3-MHXlaqklREzW_ToVX9cU8q1arLqfCFZJRn_o1WFVA2Skw66CrRuQ1_IxEjcjTw58QsBPY6ARcOWDZU2B5AbZdoBt_YbeZkW0lyjqOVCwhdIEknUa66xxEZ-Tx_sbmwt3zA7_95PeQfPjS_-5dfjHp3wM3BRJT4B31LUEzutnf0Dk53NC5JV-tJalqqS4bH_9GylI5_dnrcjfXRiwv2t6nL_MxGK-3N6VNV1gsVNy05PMFJYQ0S9pwSb5etlsyWM_s9kJm4ixZWX9labmVGGmt0vEATI3I5Y-eA1cjMnPl2vnDrv71K3iyB5sMr_0z0_3l-p0ZWE0QJA4iRRDJIZkUWFDAyod-Ajn85o8LdmBvomkcsHQfcatA2xRoRwVY1IPNLvXTxAyv_eidF4LI6QeRcQ6DyEQfXORk1Wkp9GSFU1qvzbtePZSu5wseVut-Q8wz6nkSqR1t_734yb8BAAD__yDH7v17BAAA HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nCookie: uid_id2=a11b0847-7f13-4f2d-a938-83530f8cdc0d:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27452573=1; slec7ed7d7480d354d6a5551c0d1dea04047=[6233296]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 19 Oct 2025 20:06:01 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nSet-Cookie: iprc_l+cde492b44e61654ad8f0f17d2b131984=6233296; expires=Mon, 20 Oct 2025 20:06:01 GMT; path=/; secure; SameSite=None\niprc_l:6233296=1; expires=Mon, 20 Oct 2025 20:06:01 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ca6970cc64c32866880cc185a21b0ef4\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/wp-includes/js/jquery/jquery.min.js","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycima.page","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 14:20:04 GMT","end":"Sat, 17 Jan 2026 15:17:32 GMT"},"fingerprint":{"sha1":"1E:85:F7:D5:D8:82:49:4C:C1:88:93:C8:CE:79:1B:D7:2B:A3:D1:A6","sha256":"41:D8:77:B3:D8:93:7A:56:F6:A0:00:8C:38:A6:BC:DC:93:93:B9:B0:2D:19:67:8B:1A:BB:F1:73:F0:B6:7C:E4"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1\r\nHost: mycima.page\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:05:57 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nlast-modified: Mon, 28 Aug 2023 17:14:23 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: no-referrer\r\naccess-control-allow-origin: *\r\netag: W/\"64ecd5ef-15601\"\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Pgn3JQcjB617MzpS%2FcGedNhC7mHne3xYO4jkT2fM6PBftbg%2FLZeidPSHG6Qmt3dFSBOkoSV8sBuUjghDLBI9gEfEwLDPFFl0rQ%3D%3D\"}]}\r\ncf-ray: 9912e4a74d637127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":87553,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-04T02:29:40.605981Z","times_seen":684324,"resource_available":true,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"mycima.page","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/wp-includes/js/jquery/jquery-migrate.min.js","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycima.page","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 14:20:04 GMT","end":"Sat, 17 Jan 2026 15:17:32 GMT"},"fingerprint":{"sha1":"1E:85:F7:D5:D8:82:49:4C:C1:88:93:C8:CE:79:1B:D7:2B:A3:D1:A6","sha256":"41:D8:77:B3:D8:93:7A:56:F6:A0:00:8C:38:A6:BC:DC:93:93:B9:B0:2D:19:67:8B:1A:BB:F1:73:F0:B6:7C:E4"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1\r\nHost: mycima.page\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:05:57 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nlast-modified: Fri, 09 Jun 2023 05:49:24 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: no-referrer\r\naccess-control-allow-origin: *\r\netag: W/\"6482bd64-3509\"\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dz7x62dt5MX5hr2Ell4uSIWNmB3MnZUxUx6zVWpNMdV69vboFgyCEJ2KXAE8tNY0Y2pPX7Pnov5q1F0zjsNayS8zqGWvQwAu6Q%3D%3D\"}]}\r\ncf-ray: 9912e4a74d647127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13577,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13479)","md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-04-04T02:28:41.86713Z","times_seen":637860,"resource_available":true,"data":null}},"time_used":242,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":242,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"mycima.page","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mycima.page\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 8488\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 16 Oct 2025 13:11:02 GMT\r\nexpires: Fri, 16 Oct 2026 13:11:02 GMT\r\ncache-control: public, max-age=31536000\r\nage: 284095\r\nlast-modified: Tue, 16 Jul 2019 03:31:11 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8488,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 8488, version 1.0","md5":"b405dddf4639fdf946fed00d4b91139c","sha1":"5df4eb97753c51715b996fcec1dec7e55877404b","sha256":"b0d3610919043227b56c8d5130e2ead271a067bb1b930678d5af24bbbae7c16f","sha512":"464dd37a90388638c100ed485a9d8071bc9a62fab7aaae8d54d063df4662cca68fc01a480506e9887cd805e9175e419d66430beb2dfda28215b7f6d9e1f8adfd","ssdeep":"192:xfOLJKmVpNoWxtIgCc6L783UKShq0JSKqlnTOfAa7tAIaJcScvnizTh:yvVBVClIkU0MKYTYAC/Uh","tlshash":"d702a0dccd41ac9fea84c2f4c4a78ec14a893be10ad0b44187c5d7994dbedcdd5c981a","first_seen":"2023-05-06T09:49:57Z","last_seen":"2026-04-03T17:29:03.121399Z","times_seen":581,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/ad?type=764753947163","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:05:59.772Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mivalyo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 07:27:07 GMT","end":"Tue, 23 Dec 2025 08:26:47 GMT"},"fingerprint":{"sha1":"C9:EA:7B:D7:92:AA:85:BD:03:49:A7:87:AA:FF:3B:FB:4E:EB:54:DF","sha256":"A5:A8:7B:E8:D7:E3:97:83:3F:E9:6F:66:15:D5:83:FB:85:3D:CE:FB:33:7C:6C:76:73:A6:17:E6:2D:DC:E6:C5"}}},"request":{"raw":"GET /ad?type=764753947163 HTTP/1.1\r\nHost: mivalyo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/v/abh8f3lot3g8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:05:59 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2viWVVj7%2BNFNTIehw6KAba2OBugWK0ETKJPa85mf2MNgK0kJefD%2BOVMqKoAoLZ9I%2B47yRYsECowliNADpNlkrINpiTdr18QvP0a%2F\"}]}\r\nlast-modified: Sat, 22 Feb 2025 04:47:09 GMT\r\netag: W/\"101f-62eb3ccbaf1b9\"\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9912e4b88c5f0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4127,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4127), with no line terminators","md5":"6374a71794fb1b28a620e89fb3453bae","sha1":"ff2b29384e980be738e9e1affd60c6f0e5606cca","sha256":"32f12bce51e57ec5c4f423f5f01b81e40c96c6449ec90abaff1430d82a3994bf","sha512":"4d8da9b65bd0b6bc5ef22f1e6722c65af615d3b2003ad34f55e0396a62bf69fed40bbae2922b8d36189dd5e000a24b246915e29392ff84144422e6485a0a3e41","ssdeep":"96:vmiVe9hBjHujaKvsUSgtZix6G9yhAWfnb4JG0681v8:vmMChBjHCsgtZixpohdfbwG0681v8","tlshash":"ce8110c466d168c00347a676373ab1eaf82b9dac39c47c59f5417c90f692c20e6e597c","first_seen":"2025-02-26T03:12:32.193263Z","last_seen":"2026-04-01T19:35:17.266136Z","times_seen":293,"resource_available":true,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/dl?op=get_slides\u0026length=2985\u0026url=https://pixibay.cc/abh8f3lot3g80000.jpg","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:06:00.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mivalyo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 07:27:07 GMT","end":"Tue, 23 Dec 2025 08:26:47 GMT"},"fingerprint":{"sha1":"C9:EA:7B:D7:92:AA:85:BD:03:49:A7:87:AA:FF:3B:FB:4E:EB:54:DF","sha256":"A5:A8:7B:E8:D7:E3:97:83:3F:E9:6F:66:15:D5:83:FB:85:3D:CE:FB:33:7C:6C:76:73:A6:17:E6:2D:DC:E6:C5"}}},"request":{"raw":"GET /dl?op=get_slides\u0026length=2985\u0026url=https://pixibay.cc/abh8f3lot3g80000.jpg HTTP/1.1\r\nHost: mivalyo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/v/abh8f3lot3g8\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:06:00 GMT\r\ncontent-type: text/vtt\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3FUtFaluXk6mpPrkcEfTmv67kDlz0ON0Hkh3Y59IYxJqdXOJAj1p%2FlGeMWfBgpZx0H2pdL5ULssGTwGkWkUwtta4F7uQ0pNXepei\"}]}\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9912e4bb5cb70daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9228,"size_decoded":0,"mime_type":"text/vtt","magic":"WebVTT subtitles, ASCII text","md5":"7c3e04fe12b325dea3c481624b042d2a","sha1":"c7d05fe1a70af5f987a204ab63b5b6c0a58a16f7","sha256":"833e70a3d318d416d71c8fb872bbdc64c81a3ce6f6fa4c10402925cba70dc01d","sha512":"1be969b24b051a72065f13deee2bb8ad7630c25e9e102c58ab6e39238ce5e0aae9e78ace21564f37e89b8f20333c18b45772f349914e6f43810244b2ed464bdb","ssdeep":"48:LdSMljlNKIMU4kVU4x1ibMZ7q+2ZsVXAmt8qR8JaUWpTWznkhR2Qf:LDjfKIj1UeiYIZQAMjTWzkhRHf","tlshash":"c1129fe687a4987ee5da4651e3e6785ee213358fbdedc050f4b0346bb8ec27c8c104a5","first_seen":"2025-10-19T20:06:34.876532Z","last_seen":"2025-10-19T20:06:34.876532Z","times_seen":1,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":196,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Findex.html\u0026l=1331\u0026fd=150","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:06:00.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Findex.html\u0026l=1331\u0026fd=150 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nCookie: uid_id2=a11b0847-7f13-4f2d-a938-83530f8cdc0d:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27452573=1; slec7ed7d7480d354d6a5551c0d1dea04047=[6233296]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 19 Oct 2025 20:06:00 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/utility/default/robot/2/css/magic.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:06:00.575Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/utility/default/robot/2/css/magic.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sharevid.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:06:00 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 08 Apr 2025 16:16:09 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"67f54bc9-affe\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 13800\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L3zw50EDBwK8HOtx8Tnei4a3LBWobOOlFSqTrzPEdsjohsjhkNWuU2hk955z5%2BP6BWbaCItToanYzGJvZA2kPhsqdenKb9FVnpCyQReg\"}]}\r\ncf-ray: 9912e4be1cc556bb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45054,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"bcd1967f8c2604f55f57197de0ae895e","sha1":"c31a10c3ecde74b50450a0a1ad21aa474ff05e7d","sha256":"787eac5d9417257a04de7b18ef21f5ec887de3aee642ceba9a7d56a8209eea2a","sha512":"b37f1a61bbe740bc29308e664227701366ac978d4fbed081f13c47200edd74a792ab980559a236cff39ae27d3fda3ffffef3f1ac2dc420612b616496b44e9df8","ssdeep":"384:lQLl1pRp0itimTKDbObwHuHXFlF7FPFSWRyYyRZZZaZjZPfbfUO3OipypE:GpRp0itiFbObwHuHXFlF7FPFSWX","tlshash":"b913276b2dd2114086564365a3fe6b2c261c85c31c6becfab3a218ce8f1567c53db61f","first_seen":"2025-06-11T18:18:27.729381Z","last_seen":"2026-04-04T02:03:46.423591Z","times_seen":5428,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":81,"dns":0,"connect":1,"send":0,"wait":17,"receive":0,"ssl":80},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=a11b0847-7f13-4f2d-a938-83530f8cdc0d\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=513e377770ba6c350ddd09d0a3200305\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=20","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:06:01.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=a11b0847-7f13-4f2d-a938-83530f8cdc0d\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=513e377770ba6c350ddd09d0a3200305\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=20 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 19 Oct 2025 20:06:01 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 1\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 0f11a1bafb86d54afb5f6a9c70d492fb\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":654,"timings":{"blocked":280,"dns":1,"connect":91,"send":0,"wait":93,"receive":0,"ssl":185},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/wp-content/themes/mycima/UI//Assets/img/netflix.png","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycima.page","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 14:20:04 GMT","end":"Sat, 17 Jan 2026 15:17:32 GMT"},"fingerprint":{"sha1":"1E:85:F7:D5:D8:82:49:4C:C1:88:93:C8:CE:79:1B:D7:2B:A3:D1:A6","sha256":"41:D8:77:B3:D8:93:7A:56:F6:A0:00:8C:38:A6:BC:DC:93:93:B9:B0:2D:19:67:8B:1A:BB:F1:73:F0:B6:7C:E4"}}},"request":{"raw":"GET /wp-content/themes/mycima/UI//Assets/img/netflix.png HTTP/1.1\r\nHost: mycima.page\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:05:57 GMT\r\ncontent-type: image/png\r\ncontent-length: 3533\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FWDSdmTCme1OdoLOpfIwRbQKQ%2FAuY3JMSfCaHe1YmLxnPZk8rEcbNPykRSs8oKHsqszKpXvV1RGRO5Z4wKt2WOloDCGWSoi1xQ%3D%3D\"}]}\r\nlast-modified: Thu, 12 Sep 2024 13:02:25 GMT\r\netag: \"66e2e661-dcd\"\r\nreferrer-policy: no-referrer\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9912e4a74d677127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3533,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced","md5":"54110064037a44285faf10b2cbe55e87","sha1":"b2677d46ed052bfda6eecbb61ee5539349f5603d","sha256":"c5b633a4f58b811923c6d41cbe24939af6aebb02e6796169c1797f0eeb31bdd4","sha512":"fe627e8ae46c2cddd5ab686fb245b41e7c6a726ffc6591cc488bab8b96f4e9bd12794befed4446854d4c72eac33ba8264ef66c7b09a3909f0072fe3c0726ae2d","ssdeep":"","tlshash":"f6717ee9f61f7856b62556e5dd35f901a804bcc000cbe6c9d3c51d36cc8989008ebc4f","first_seen":"2023-05-07T18:59:16Z","last_seen":"2026-03-30T23:23:37.249916Z","times_seen":184,"resource_available":false,"data":null}},"time_used":369,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":368,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"mycima.page","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"site-assets.fontawesome.com/releases/v6.1.1/webfonts/fa-solid-900.woff2","fqdn":"site-assets.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"104.18.40.68","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 23 Aug 2025 21:04:01 GMT","end":"Fri, 21 Nov 2025 22:03:57 GMT"},"fingerprint":{"sha1":"CC:FF:C9:AB:7D:4F:0E:BD:2F:0D:51:59:D6:60:F9:CD:7D:68:E5:4B","sha256":"EF:79:B2:3F:26:48:FD:84:D5:42:BF:1E:35:73:D2:4A:8A:DB:54:C5:37:B0:F6:75:31:FE:6A:BC:D5:8A:F4:C2"}}},"request":{"raw":"GET /releases/v6.1.1/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: site-assets.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mycima.page\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://site-assets.fontawesome.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:05:57 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 329204\r\ncf-ray: 9912e4ac295a56c5-OSL\r\nx-amz-id-2: 7Fd0VBhoptpmGTAvN3UMX1q4NgAacPd30vhAx/RzLX+4csi3+wtyQW/Ts/+qXXxs71ppfbwM6QOn8dBvK2w+p92+6NTPNsxy\r\nx-amz-request-id: CR49R3908NFW4BWR\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 3000\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding\r\nlast-modified: Tue, 22 Mar 2022 15:42:55 GMT\r\netag: \"6ebcf9f18ded9c54f71ec1198c32aa52\"\r\ncache-control: public, max-age=31556926\r\naccept-ranges: bytes\r\nage: 9015\r\nexpires: Tue, 20 Oct 2026 01:54:43 GMT\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":329204,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 329204, version 769.768","md5":"6ebcf9f18ded9c54f71ec1198c32aa52","sha1":"06695b645047b29c333edac0c78a97922a135ad9","sha256":"f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62","sha512":"3e1d714cb85f332718496fb050df282f71a0979ea71884bde441e229682070bfc66cc3633dd89bd47ade6f50f808e94cc5d8860a4938de7b29427a43b938e042","ssdeep":"6144:mBnb+K2f2sr8Yf7thk3sZ9Md1Mr+4nifNKrGMGG/64fTioUkqRaEwB:mp+Qsr1fw3n4rBifNKrnR/64fuoUveB","tlshash":"8a6423e105a419496eb5b1b9103f2162e20464bf69f29c7fb2b8f33931eb35e5052f27","first_seen":"2023-04-06T19:37:17Z","last_seen":"2026-04-03T19:20:48.28419Z","times_seen":6668,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/player/jw8/jwplayer.js?v=6","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:05:59.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mivalyo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 07:27:07 GMT","end":"Tue, 23 Dec 2025 08:26:47 GMT"},"fingerprint":{"sha1":"C9:EA:7B:D7:92:AA:85:BD:03:49:A7:87:AA:FF:3B:FB:4E:EB:54:DF","sha256":"A5:A8:7B:E8:D7:E3:97:83:3F:E9:6F:66:15:D5:83:FB:85:3D:CE:FB:33:7C:6C:76:73:A6:17:E6:2D:DC:E6:C5"}}},"request":{"raw":"GET /player/jw8/jwplayer.js?v=6 HTTP/1.1\r\nHost: mivalyo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/v/abh8f3lot3g8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:05:59 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tgdAvZFvGMBFH0vqIkTKIuTBKsDJi27eJ72wXC%2BLTQP8P3CRWgMEERamKL80kAZKKX7b1IJ2a7pr4O8wtk1yqAYL7oAZzwh2G9CQ\"}]}\r\nlast-modified: Fri, 28 Mar 2025 05:48:51 GMT\r\netag: \"24254-631609ffc56c0\"\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\nage: 369\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9912e4b88c5d0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":148052,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65503)","md5":"581ff912c413cd78a30f5c212f42271a","sha1":"79af689432d0f20cd1d951eb9436711da07decd4","sha256":"c708d26c24b48c3343e8cc7879d07e8ca6f23d1cc1e5df165a9f8e24a7c5830e","sha512":"c6185ea9db6db8786aa1636537595a5f061745caf287602beafc2dca984b1eceafeb3651109cad8cf45be3dba2a76a201758c6aaa7d7fb1adc8e07e95a39f41b","ssdeep":"1536:ELyl/ByW1iqxGJaGB2lAqU6ePRtwoIWz0Bk+5cm3wUn+yUi3LAalYqlkcRPUeJaQ:L4pknUi3LAbdhHwSm","tlshash":"99e339a631c2f4a613e264c7e47a4005f1790988744de8a4faacecd67956907b1b3ffc","first_seen":"2025-04-01T21:32:19.723959Z","last_seen":"2026-04-02T13:28:52.626488Z","times_seen":603,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pixibay.cc/abh8f3lot3g8.jpg","fqdn":"pixibay.cc","domain":"pixibay.cc","tld":"cc"},"ip":{"addr":"172.67.207.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:05:59.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pixibay.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Sep 2025 21:35:53 GMT","end":"Wed, 10 Dec 2025 22:34:09 GMT"},"fingerprint":{"sha1":"E6:A3:9E:B3:AF:60:C0:2D:99:51:CA:AC:FD:48:96:12:C7:E6:68:9B","sha256":"26:FF:91:61:26:88:B9:80:39:5F:76:A7:35:B8:89:8A:DD:69:DA:9B:B8:C3:22:70:70:7E:E7:3E:EE:C3:A7:06"}}},"request":{"raw":"GET /abh8f3lot3g8.jpg HTTP/1.1\r\nHost: pixibay.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sun, 19 Oct 2025 20:06:00 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QC12DIWbfajC6axVCeUPh44Wc4jhMj1fcNxSx5L1VQLaw%2FMSweFvnHE%2BO%2FMIn2XBa871Hfv0n7YfUv5igkzX9Owkf9rynQZX\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\netag: W/\"48b2e2b8-9\"\r\ncontent-encoding: br\r\ncf-ray: 9912e4b90a1c56c9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":686,"timings":{"blocked":72,"dns":4,"connect":1,"send":0,"wait":534,"receive":0,"ssl":73},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:06:01.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://sharevid.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 16 Oct 2025 12:56:02 GMT\r\nexpires: Fri, 16 Oct 2026 12:56:02 GMT\r\ncache-control: public, max-age=31536000\r\nage: 284999\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T02:31:26.319062Z","times_seen":713564,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/css/main.css","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:05:59.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mivalyo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 07:27:07 GMT","end":"Tue, 23 Dec 2025 08:26:47 GMT"},"fingerprint":{"sha1":"C9:EA:7B:D7:92:AA:85:BD:03:49:A7:87:AA:FF:3B:FB:4E:EB:54:DF","sha256":"A5:A8:7B:E8:D7:E3:97:83:3F:E9:6F:66:15:D5:83:FB:85:3D:CE:FB:33:7C:6C:76:73:A6:17:E6:2D:DC:E6:C5"}}},"request":{"raw":"GET /css/main.css HTTP/1.1\r\nHost: mivalyo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/v/abh8f3lot3g8\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:05:59 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 12 Nov 2022 12:05:52 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zV58hsg1SLakYDHTcxbNWnn2dU76X783GtbJAvskQCIj7GYmgCqWKQ7UEmAOj%2BwUsgMXNtvNvfVfPLTY6%2FYonWaCcP6aJnPKMR4u\"}]}\r\netag: \"636f8c20-c11b\"\r\nexpires: Wed, 22 Oct 2025 17:47:33 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\nage: 353906\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9912e4b88c5a0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49435,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text","md5":"51d559d2f974e61e564a5f8120a23a9a","sha1":"9eab84e6bf40cfca88aac7f6d849df54f27ac12d","sha256":"a01ef8569a9021b0315bf38d5d518a928d98efce576f56ac012c30f2b63e1cb6","sha512":"5a4a10a2083c3375306ea83736eb2f991cca894dd2f78582c18886609ba1ac725877abdee3ecbcb368d5bb3c57fe0b418e3d0a87bcca015d0fb8de5f51e8fdc8","ssdeep":"1536:AQV8FxnYgpery2vYsRwq9AOOGvC4DONaYi3Rz:AQVMxnYTy2v/AOOkdRz","tlshash":"c8239522a7812c0cf06bd1b67d6197d6233e4053d92b1f7c7ab93578c28e4e85173b9a","first_seen":"2023-04-09T22:09:53Z","last_seen":"2026-04-01T19:35:17.258141Z","times_seen":632,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/utility/default/robot/2/img/close.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:06:00.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/utility/default/robot/2/img/close.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:06:00 GMT\r\ncontent-type: image/png\r\ncontent-length: 7005\r\nserver: cloudflare\r\nlast-modified: Tue, 08 Apr 2025 16:16:11 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"67f54bcb-1b5d\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 6260530\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8H0qnTbdqS4PbqbWdY5z93vopfmuMSDsbwlFTHiY26e5qIXXDu6lwtzzAPDahBI3C220USkFG6RKfoc1fs7rH%2Bp7uO22s7hMXfVs2kL8\"}]}\r\ncf-ray: 9912e4be4ded56a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7005,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"5127599f81c439cb0cf21166da26e991","sha1":"a750620e45c25855fb32ede5f1adb69ad28c1eeb","sha256":"9402058e0a31e79cd70001ebb397de51144d6e638a482f33bcee9a94dc20a6ff","sha512":"4e01869e43212009dc3811b4fc2303c39ab9aa123ce034ff4df220539a1e65784835b6cb0873cea4f6de027a7dcf1dd440ac0631e6b9c9db9085804473e3a0a8","ssdeep":"192:FkknNHG5WNN4kVyitdix/Inm2I6BRvBevoIPkucZ:9nNmoN4kVyiswm2I6BFBpuI","tlshash":"dee17d19dda17e1005d57f8a2fef815243638390c2856282dced8c5237e40f1ec6e4cb","first_seen":"2025-07-04T18:28:09.283921Z","last_seen":"2026-03-23T06:05:48.044552Z","times_seen":3194,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":26,"dns":2,"connect":1,"send":0,"wait":14,"receive":1,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"site-assets.fontawesome.com/releases/v6.1.1/css/all.css","fqdn":"site-assets.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"104.18.40.68","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 23 Aug 2025 21:04:01 GMT","end":"Fri, 21 Nov 2025 22:03:57 GMT"},"fingerprint":{"sha1":"CC:FF:C9:AB:7D:4F:0E:BD:2F:0D:51:59:D6:60:F9:CD:7D:68:E5:4B","sha256":"EF:79:B2:3F:26:48:FD:84:D5:42:BF:1E:35:73:D2:4A:8A:DB:54:C5:37:B0:F6:75:31:FE:6A:BC:D5:8A:F4:C2"}}},"request":{"raw":"GET /releases/v6.1.1/css/all.css HTTP/1.1\r\nHost: site-assets.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:05:57 GMT\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\nx-amz-id-2: r/KWOTsDV3PhSvZOIYtorsobd6X8PLOhQH36+6DQBiMVj9vuhB0eyOUsEaLGMk8iY6gc1ZpI8nghf4BMQkOF8W+9ggo8Cgy3gSP+lixP/p8=\r\nx-amz-request-id: A1X92DS9AYWCFMPQ\r\nlast-modified: Tue, 22 Mar 2022 15:39:41 GMT\r\netag: W/\"325672b036bab9b57f6873aed5eccc43\"\r\ncache-control: public, max-age=31556926\r\ncf-cache-status: HIT\r\nage: 3292986\r\nexpires: Tue, 20 Oct 2026 01:54:43 GMT\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9912e4a78dfab4fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":498160,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65360)","md5":"325672b036bab9b57f6873aed5eccc43","sha1":"264f5db348311950380ad1bca79754ff593d87e2","sha256":"a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d","sha512":"50a041c49e4ddff318892b184e512c011b29e2f10b295448925103e0c6fac29b9514e832e4196dfac5d4773d530d17aa5ac9bae31c41036428049442c48d31e5","ssdeep":"3072:/r3CYP5vO+mDFwFyiFCIUMZ+sEx06eJls0ugtMHxx3/to4hQQ/:jCYVhmDeFyzPG6eJl9tMHD/toU","tlshash":"65b4e8a0a05520dcb3d7e60f5b02b629e4b3f33ed9814f5fe1d5484e0dd3a6871867aa","first_seen":"2023-04-05T03:57:11Z","last_seen":"2026-04-02T03:17:13.541275Z","times_seen":6065,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":21,"dns":13,"connect":1,"send":0,"wait":120,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/wp-content/uploads/2025/09/f259d341ed3473e51e8101dd71305530-5.jpg","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycima.page","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 14:20:04 GMT","end":"Sat, 17 Jan 2026 15:17:32 GMT"},"fingerprint":{"sha1":"1E:85:F7:D5:D8:82:49:4C:C1:88:93:C8:CE:79:1B:D7:2B:A3:D1:A6","sha256":"41:D8:77:B3:D8:93:7A:56:F6:A0:00:8C:38:A6:BC:DC:93:93:B9:B0:2D:19:67:8B:1A:BB:F1:73:F0:B6:7C:E4"}}},"request":{"raw":"GET /wp-content/uploads/2025/09/f259d341ed3473e51e8101dd71305530-5.jpg HTTP/1.1\r\nHost: mycima.page\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:05:57 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 62102\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Cx6Zqub8tabekmRHOxCgnTvdbNYduV55XeOwU8OmrvqNrZaOgHKhE%2F0MU%2BG1E4U5dXG%2BswPEx3YOdi2Jfs%2F3CjCO5eSet5tiAA%3D%3D\"}]}\r\nlast-modified: Mon, 01 Sep 2025 18:04:02 GMT\r\netag: \"68b5e012-f296\"\r\nreferrer-policy: no-referrer\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9912e4ab0dcd7127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":62102,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", progressive, precision 8, 1000x1500, components 3","md5":"b5b9b4de26b397f0bfee7f4de53c902f","sha1":"15631299f2a269215f771d18cc9a30717553b24a","sha256":"1fbb62016675dd7231899a7a8aea991bf141513f2bb25a50c5008b00615d9148","sha512":"59a817f0a234cb45bb05bf14197ef2adc93263714519d2bda15f912edb19d1525b071c9493f2bc1cf231c5626ac65ab9fa7a14fcb9d98a2ec60e4a5ea192e061","ssdeep":"1536:rC+sVm1a2dVrITFd4ibcpICX6s1+5BuQuNXsNaDR/:rFqm1aIMpeICv1cBFuNX5l/","tlshash":"cc5302ae3ab6f8d1db5c85f025c26a7c5c80dc7469af400cb3b58e1d4ef821b72a6534","first_seen":"2025-10-19T20:06:34.898903Z","last_seen":"2025-11-01T22:29:51.156402Z","times_seen":2,"resource_available":false,"data":null}},"time_used":349,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":101,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"mycima.page","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jw.amselragman.com/rl19eKtRzoPKZJh/114552","fqdn":"jw.amselragman.com","domain":"amselragman.com","tld":"com"},"ip":{"addr":"23.109.253.85","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:05:58.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jw.amselragman.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Sep 2025 21:42:43 GMT","end":"Sun, 30 Nov 2025 21:42:42 GMT"},"fingerprint":{"sha1":"0C:AB:F1:6D:84:95:0B:61:FA:2E:98:43:DD:84:07:D6:51:BC:5D:8B","sha256":"A9:D9:CC:E2:47:23:5D:3F:D4:36:F1:48:F9:B6:19:7D:75:3A:FE:A9:26:77:FC:58:84:C8:90:AC:55:82:88:0B"}}},"request":{"raw":"GET /rl19eKtRzoPKZJh/114552 HTTP/1.1\r\nHost: jw.amselragman.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 19 Oct 2025 20:05:58 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://sharevid.online\r\naccess-control-allow-headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\naccess-control-max-age: 600\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nset-cookie: GL_UI4=eJw9jc1OhDAcB%2FkGddnkl%2FAA%2BwgtUtKrF1%2FBI2npn7UKdFMqq28v8eBtDjOZKIqSpka8FyekX0rgwrnsZSdaybpRqlZr2feCaSEZb8U0CTzYbQhKzxQyVNuifBjCniHXXq2mRr44Q3ONUnt338g3KbJVLYTy1Xqa3PdhqA%2FnkfLn7mC7HhwzJG5r0nOF8s2u5ijPj0g4O5%2BKCE%2B3WYXJ%2BWWwpoiRX70yhPgF1agCXZ3%2FQWlo%2BwzuBrjZDP%2F%2B3zi9c4bC0G5HQu7CO%2FlfoWNCFg%3D%3D; expires=Mon, 20-Oct-2025 20:05:58 GMT; Max-Age=86400; path=/; secure; SameSite=None\nGL_GI10=eJwVyL0KglAYh3HPmxiRFH9wqM2lVbRUcJOcU6ILCLEI4eArR%2B3rphq7i24j2ruAbHiG36NpGllTUFnDjDwnch1%2F6XiBD3ECpRmoqGCkrC75DUKB3BVIVRhnjWQ74a5q%2B19A%2FxuixGQty6u9Y9m1JVcNqG%2BUsKpZ5e0RojYEqGWDQM3B0iDOxgwkczPefN%2BDx%2FPTg814cd%2FOX8M9qG6gu0EY%2FgCjMSmZ; expires=Mon, 20-Oct-2025 20:05:58 GMT; Max-Age=86400; path=/; secure; SameSite=None\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"848667c49f5d3aef59cd65ed276cd7ae","sha1":"bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763","sha256":"cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8","sha512":"4248ad0e684224ba8503b1e73517aae6ffe4431cd16b7633d2ccbf4b96f845e318dbee175d19cd4676ca37353f53add2231ed167ad6c4aa0d9fe185f7359238c","ssdeep":"","tlshash":"f23000000000000000cc00000000000000000000c000000000000000000000003c0000","first_seen":"2025-04-24T10:17:49.831301Z","last_seen":"2026-04-04T01:04:03.853848Z","times_seen":14774,"resource_available":true,"data":null}},"time_used":263,"timings":{"blocked":120,"dns":79,"connect":18,"send":0,"wait":22,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"jw.amselragman.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"jw.amselragman.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"jw.amselragman.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-48ZJD1VPGZ","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:05:59.768Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:40:44 GMT","end":"Mon, 15 Dec 2025 08:40:43 GMT"},"fingerprint":{"sha1":"02:50:AA:DF:C5:16:76:73:9E:ED:AD:C4:E5:98:EB:E7:2D:B9:C3:33","sha256":"6C:68:2F:0A:C2:03:62:A1:8E:7B:3B:BB:D6:6D:96:A7:78:6C:78:0F:1D:F0:EB:77:84:A5:4A:DD:07:44:9B:DD"}}},"request":{"raw":"GET /gtag/js?id=G-48ZJD1VPGZ HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 19 Oct 2025 20:05:59 GMT\r\nexpires: Sun, 19 Oct 2025 20:05:59 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 141790\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":428077,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"67ebcb51ce1915e96a5d5c38718ca0c6","sha1":"42de1d094ec8279eb63745e243f44be3532dff62","sha256":"7cdeaa1f85a401a14616188b3901b3cdb269471e7e16f9103aed456167caa779","sha512":"1130777dcf2b554e4f5fee2352ffc11ef27bc7e00a235f8bcc10925f4bf627637f30d5e800fa16fad9c1bf8b502a28a93bb8b73f000abf1aef54182f7f65e0e3","ssdeep":"6144:KB+6reF8Gp+q5yNnkEt7FJM+avVPiRdcsDOuJeG064l1cYH095SWtyA:ENrqHMq5yNnkEt7FF6PwcO4lnA","tlshash":"d594198e73c674269396f078503f018ba57b29a2f45cc896f189cce42d74a9a4277f7c","first_seen":"2025-10-19T20:06:34.905677Z","last_seen":"2025-10-19T20:06:34.905677Z","times_seen":1,"resource_available":true,"data":null}},"time_used":147,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Fcss%2Fmagic.css\u0026l=45054\u0026fd=135","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:06:00.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Fcss%2Fmagic.css\u0026l=45054\u0026fd=135 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nCookie: uid_id2=a11b0847-7f13-4f2d-a938-83530f8cdc0d:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27452573=1; slec7ed7d7480d354d6a5551c0d1dea04047=[6233296]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 19 Oct 2025 20:06:00 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-KKSM1SN99C","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:40:44 GMT","end":"Mon, 15 Dec 2025 08:40:43 GMT"},"fingerprint":{"sha1":"02:50:AA:DF:C5:16:76:73:9E:ED:AD:C4:E5:98:EB:E7:2D:B9:C3:33","sha256":"6C:68:2F:0A:C2:03:62:A1:8E:7B:3B:BB:D6:6D:96:A7:78:6C:78:0F:1D:F0:EB:77:84:A5:4A:DD:07:44:9B:DD"}}},"request":{"raw":"GET /gtag/js?id=G-KKSM1SN99C HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 19 Oct 2025 20:05:57 GMT\r\nexpires: Sun, 19 Oct 2025 20:05:57 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 141539\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":425767,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"fabb6e7216fc8b1d7746702d9f638118","sha1":"5f222780d8d10cbc9b7e085892b2b0b72852d5b1","sha256":"639d04bf0cbdd484366a37bcd113f9c9eb20ed3e2afd2b6d3057371d2906de56","sha512":"d4dc2da8ce5747d4f92dea93467e90688d62f51f0726a867d40181aadfa94b7c2f4b9e208ce0af24907b3ed3f4f49bf9209c38f7b93147d950442163c5e011fa","ssdeep":"6144:5Bh6reF8GT+q5yNnkEt7FJM+avVPiRdcsDOuJeG064l1cYH095SWtyA:X4rqHyq5yNnkEt7FF6PwcO4lnA","tlshash":"17941a8e73c674269396f078503f018ba57b29a2f45cc896f189cce42d74a9a4277f7c","first_seen":"2025-10-19T20:06:34.909775Z","last_seen":"2025-10-19T20:06:34.909775Z","times_seen":1,"resource_available":true,"data":null}},"time_used":703,"timings":{"blocked":273,"dns":0,"connect":27,"send":0,"wait":66,"receive":76,"ssl":256},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/wp-content/uploads/2025/10/cropped-cropped-mycima-192x192.png","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:58.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycima.page","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 14:20:04 GMT","end":"Sat, 17 Jan 2026 15:17:32 GMT"},"fingerprint":{"sha1":"1E:85:F7:D5:D8:82:49:4C:C1:88:93:C8:CE:79:1B:D7:2B:A3:D1:A6","sha256":"41:D8:77:B3:D8:93:7A:56:F6:A0:00:8C:38:A6:BC:DC:93:93:B9:B0:2D:19:67:8B:1A:BB:F1:73:F0:B6:7C:E4"}}},"request":{"raw":"GET /wp-content/uploads/2025/10/cropped-cropped-mycima-192x192.png HTTP/1.1\r\nHost: mycima.page\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_KKSM1SN99C=GS2.1.s1760904358$o1$g0$t1760904358$j60$l0$h0; _ga=GA1.1.162558689.1760904358; pp_main_513e377770ba6c350ddd09d0a3200305=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:05:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 5538\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=itHJMQx96DXAS70dpL74JFISXg86C8yn91ROBWpxK8OpiMgxz5vrQIwYN%2BPDOKga00VlzIKnjgeDZLLuolwdGP4kOEM8O00lkQ%3D%3D\"}]}\r\nlast-modified: Wed, 08 Oct 2025 18:19:10 GMT\r\netag: \"68e6ab1e-15a2\"\r\nreferrer-policy: no-referrer\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9912e4aebe377127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5538,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"42a6045211438f05459b40c18c34aad6","sha1":"a6a0ecdb1d60d074e1c1e63915d2ca0c5f767326","sha256":"37d5e4c32d339dad62527150fb29393daf51ad56f9d150a620cab85f0e095025","sha512":"eb90ba45566c0d1ee55713ea24fadff5e85ab16b44e337d72d86984cd575f51bdcdb8d3552b2d02bd1cdcd1ee6a2305db226e1f8aeb33eb9fc7fcd030434ad82","ssdeep":"96:Zup9Cq+KoV3rAEPPtDwksudtKO98LPKDojbq3K9AT0KBJGuQuLc:ZuWq+jhPVsrU8LPKDly+BJz74","tlshash":"e9b190a1c1bd9e1d44cc77d3ef048c31e9deed4c96e1575c5834490e213b098ab5d68b","first_seen":"2025-09-20T20:53:44.6038Z","last_seen":"2026-03-27T22:31:05.062421Z","times_seen":26,"resource_available":false,"data":null}},"time_used":224,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":223,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"mycima.page","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/player/jw8/jwplayer.core.controls.js?v=42","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:06:00.011Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mivalyo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 07:27:07 GMT","end":"Tue, 23 Dec 2025 08:26:47 GMT"},"fingerprint":{"sha1":"C9:EA:7B:D7:92:AA:85:BD:03:49:A7:87:AA:FF:3B:FB:4E:EB:54:DF","sha256":"A5:A8:7B:E8:D7:E3:97:83:3F:E9:6F:66:15:D5:83:FB:85:3D:CE:FB:33:7C:6C:76:73:A6:17:E6:2D:DC:E6:C5"}}},"request":{"raw":"GET /player/jw8/jwplayer.core.controls.js?v=42 HTTP/1.1\r\nHost: mivalyo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/v/abh8f3lot3g8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:06:00 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hRiovqpyJVQMMbid7HWVxT4QumnTWzk3S7BjUBl4ceqD9Pw1TDrZO9775elAs9MXKYUnp8YKtFYyuT30WbR54bo1pwZP9T2DJgUu\"}]}\r\nlast-modified: Thu, 24 Oct 2024 08:24:46 GMT\r\netag: \"50d6c-62534bc2f2f80\"\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\nage: 3529\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9912e4ba0c920daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":331116,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65143)","md5":"bc91b5efc8f4bb2482c2d7d5d8d9b691","sha1":"5db922c4c6caf3a7d22f57a21670281d5c31994b","sha256":"f061c139ad68d7ed1360ab6a2c8842466d2913582468c48eb2d1ee2a651fb495","sha512":"f1e175f4658e4cb1c603875c81f3b96caaab74346c78d9b320e564f0a09a8518b11123509351bfa5229ac9d867d56c6afc1118ce7c368ff1ce729de877c7d694","ssdeep":"3072:+jY7nFuuslX/Na3u6NxIeLSJhy1yiSS64pOknRBb9Wsr9BbrC3YLrmYRJ:2Yx5U/Na3JpLSJhyJOaRBRtBHzLrmYRJ","tlshash":"e9640932214252359aea82da66514604b3398085f516cfacff2ceddd4c6e9c731fabb4","first_seen":"2024-12-01T14:07:01.698179Z","last_seen":"2026-04-02T13:28:52.627773Z","times_seen":668,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/ren.gif?sid=H4sIAAAAAAAC_1SSz2skxRvGq7M5fNnvQdTgSXEOHlY0k-7pnl8ushrXXYMxCdlIDh6kuqt6Uqamqq3qnp7MKRiQPY43DwqdZ5KNP5ZV_wBxmXgbEB2RJYeN-OMPENQ9ikwysPge3vdtPn14nuet9_ezU-Ijoydrb-iekJIuVMtu6dKmUEzntrSyUfLcsnu5tClULbhc6k6a6bzg-UHZfbZ0nUfbeqHieq7ruV7pmjA81t2FMwqR3G565aZbDiplrxqga_77bTMHljpgnVPyGAQbP_Jb_BZENIRqf3mV2-1UJ8-_2s4kTbVBhx29qbaVzhXaD9fYOIjV0fRvaDsm5MMZaHU0dQDdOZg4QCjGZOaJ-wjV0VQmws7hudJQgiuE7P_IO0NwOYSgQ0R6D4L9QICIYWUVqn1rRZuc7pxTOqFjMvvgT4h8TGbvz0G17yxK0S3d0DJLhVYW3biA6A4hWkMk2THS3gxEfowofQ-CfUcWHixDtQ9WrdQQ7OQZ6nmh2wjq8_XY8-eDuMLmadNvzDf8qu_GjYhFLjuLSMRDUHsBmXWQCQdZ7CBLHLTZSSlwG0HkUb8WN1lUdwMaBIyHbrNRcV3ajOrIoon2PtKkj0j2EZldJGYX26IPk92F3SpgmQObEnRYgZwT5JYgpwS5IMhTgrxTHDJpK7a4xaTNQm86K9PpFwOdtvbpoU5bXBFQ04dhxYFI3rV7iNILg15s2UBPGg3TYkBDVuwnp-TRSawOfv8Y2_ykVOeszupBw2V-NWA1Wq1WvchlHuPUDdygDisKCDsDah30xJi8hp-RiDF5evQTQnoMK48RCQc0ewo0L0C3CvTUF3aLGt4RrKyVFIqD6QJJOot0x9mXp-TxwfrG4t2zA7_95Pfg0eil_927-GIyuIfIFEhMgXfEtwQteXOwrnNysK5zS75aTVLRFj06Of6NlKZ89rPX-U6uDVu6avufvhxNwGS9vcFtukwVE6plyeeLgjFurmkTcfL1kt3k4VpmtxYzo7Jkee2Va0vtxHBrhVZDUDEmFz96DpEYk7lLV84edvWvXxElu7DJ6Mo_c71frt-Zg9UEYeJACgLJR2RaoGEByx_6Cfnomz_O2b69iZZxQNM9qHaBjinQkQWo7MNmFwZpYkZXfvTPCqF0BqE0zkEojfzgPCcrTkrVSujXGo0aj2ss9plf8Vmz6vJmQJu1oBlUkdrx1t9XP_k3AAD__9yvfiN7BAAA","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:06:00.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1SSz2skxRvGq7M5fNnvQdTgSXEOHlY0k-7pnl8ushrXXYMxCdlIDh6kuqt6Uqamqq3qnp7MKRiQPY43DwqdZ5KNP5ZV_wBxmXgbEB2RJYeN-OMPENQ9ikwysPge3vdtPn14nuet9_ezU-Ijoydrb-iekJIuVMtu6dKmUEzntrSyUfLcsnu5tClULbhc6k6a6bzg-UHZfbZ0nUfbeqHieq7ruV7pmjA81t2FMwqR3G565aZbDiplrxqga_77bTMHljpgnVPyGAQbP_Jb_BZENIRqf3mV2-1UJ8-_2s4kTbVBhx29qbaVzhXaD9fYOIjV0fRvaDsm5MMZaHU0dQDdOZg4QCjGZOaJ-wjV0VQmws7hudJQgiuE7P_IO0NwOYSgQ0R6D4L9QICIYWUVqn1rRZuc7pxTOqFjMvvgT4h8TGbvz0G17yxK0S3d0DJLhVYW3biA6A4hWkMk2THS3gxEfowofQ-CfUcWHixDtQ9WrdQQ7OQZ6nmh2wjq8_XY8-eDuMLmadNvzDf8qu_GjYhFLjuLSMRDUHsBmXWQCQdZ7CBLHLTZSSlwG0HkUb8WN1lUdwMaBIyHbrNRcV3ajOrIoon2PtKkj0j2EZldJGYX26IPk92F3SpgmQObEnRYgZwT5JYgpwS5IMhTgrxTHDJpK7a4xaTNQm86K9PpFwOdtvbpoU5bXBFQ04dhxYFI3rV7iNILg15s2UBPGg3TYkBDVuwnp-TRSawOfv8Y2_ykVOeszupBw2V-NWA1Wq1WvchlHuPUDdygDisKCDsDah30xJi8hp-RiDF5evQTQnoMK48RCQc0ewo0L0C3CvTUF3aLGt4RrKyVFIqD6QJJOot0x9mXp-TxwfrG4t2zA7_95Pfg0eil_927-GIyuIfIFEhMgXfEtwQteXOwrnNysK5zS75aTVLRFj06Of6NlKZ89rPX-U6uDVu6avufvhxNwGS9vcFtukwVE6plyeeLgjFurmkTcfL1kt3k4VpmtxYzo7Jkee2Va0vtxHBrhVZDUDEmFz96DpEYk7lLV84edvWvXxElu7DJ6Mo_c71frt-Zg9UEYeJACgLJR2RaoGEByx_6Cfnomz_O2b69iZZxQNM9qHaBjinQkQWo7MNmFwZpYkZXfvTPCqF0BqE0zkEojfzgPCcrTkrVSujXGo0aj2ss9plf8Vmz6vJmQJu1oBlUkdrx1t9XP_k3AAD__9yvfiN7BAAA HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nCookie: uid_id2=a11b0847-7f13-4f2d-a938-83530f8cdc0d:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27452573=1; slec7ed7d7480d354d6a5551c0d1dea04047=[6233296]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 19 Oct 2025 20:06:00 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nVary: Origin\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a805e7758d9a6a3dc4dd7102ccc40215\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:06:00.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 28 Aug 2025 13:14:02 GMT","end":"Wed, 26 Nov 2025 14:13:48 GMT"},"fingerprint":{"sha1":"7A:B2:21:7F:72:E3:39:3E:95:5D:FB:ED:BB:1C:7E:88:C4:7A:B1:B3","sha256":"FB:1D:6D:AF:DA:57:8D:9A:8B:B2:CC:FF:A2:55:C8:F3:71:3D:49:77:06:FC:4D:6F:16:91:61:6F:89:1C:A3:CB"}}},"request":{"raw":"GET /gid.js HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://mivalyo.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:06:00 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://mivalyo.com\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=080267ef0039425af136bd777cf83539; expires=Mon, 19 Oct 2026 20:06:00 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 9912e4bdda1656a9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"fe747d144847e873a1b370b35de9cc44","sha1":"a5980f524556920b3a46ce4cb9dd01f32de59fc9","sha256":"326f6137e4077e56aed9b6efaef33510cc5f2c8c111ab902a6bddf0646a1f491","sha512":"17d7c89ea192a2daaadd5aa411f9ec9dcbd14f1c30465113e4d19aabb72fd9c3f18e3cbd4eb101059cc8f1a610f9e42c2992773ebdd575208ea16fd8eede1957","ssdeep":"","tlshash":"f5a022e0200c08c0c0022a00282be280000a0002b008a28ba2ecb00002cf22c0bc0338","first_seen":"2025-10-19T20:06:34.918595Z","last_seen":"2025-10-19T20:06:34.918595Z","times_seen":1,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":32,"dns":5,"connect":1,"send":0,"wait":53,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Fjs%2Fscript.js\u0026l=6717\u0026fd=95","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:06:00.890Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Fjs%2Fscript.js\u0026l=6717\u0026fd=95 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nCookie: uid_id2=a11b0847-7f13-4f2d-a938-83530f8cdc0d:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27452573=1; slec7ed7d7480d354d6a5551c0d1dea04047=[6233296]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 19 Oct 2025 20:06:01 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":508,"timings":{"blocked":226,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/wp-content/themes/mycima/style.css","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycima.page","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 14:20:04 GMT","end":"Sat, 17 Jan 2026 15:17:32 GMT"},"fingerprint":{"sha1":"1E:85:F7:D5:D8:82:49:4C:C1:88:93:C8:CE:79:1B:D7:2B:A3:D1:A6","sha256":"41:D8:77:B3:D8:93:7A:56:F6:A0:00:8C:38:A6:BC:DC:93:93:B9:B0:2D:19:67:8B:1A:BB:F1:73:F0:B6:7C:E4"}}},"request":{"raw":"GET /wp-content/themes/mycima/style.css HTTP/1.1\r\nHost: mycima.page\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:05:57 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nlast-modified: Fri, 13 Sep 2024 15:42:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: no-referrer\r\naccess-control-allow-origin: *\r\netag: W/\"66e45d66-1a19e\"\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9bzpdvSvM%2F9a%2Fckh1%2BnuKQY850N%2B2Ofdkqot%2FZEkgAx5rg70De4aGGnQZIvzQCkqFZzMzM9p7s6k8cjryd6vhrYxHrzf3gzD7g%3D%3D\"}]}\r\ncf-ray: 9912e4a74d657127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":106910,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"407cfb6d9bcf4872263c8f882f856d02","sha1":"135e32c1e044799fb500a18d02845561c8a29657","sha256":"3dcf7d288fe3122604e6abf3aa41d02a85939351d6be4190fc1564d70204d36f","sha512":"3de4c4b623bbc901b097a861f62b7b81b8b3cf1a2f849f0712a5601e3235ed886fd4c4532aeaa4d87346aa780c2dd560bb0cd90586192a961366fa41953fc486","ssdeep":"3072:ribF6jhQ7e1oR16hOMOqtOKO/2uE6HHSGS:ribF6jhQ7e1oR16hOMOqtOKO/2uE6HHa","tlshash":"68a343975b770944b81be4a86fea179633194003910edd78bfac725c8fca1d8c5a3b8d","first_seen":"2025-09-29T22:00:38.850221Z","last_seen":"2026-03-27T22:31:05.059181Z","times_seen":21,"resource_available":false,"data":null}},"time_used":338,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":328,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"mycima.page","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vk.palybestar.com/rBUgDi4k9GCWE/128630","fqdn":"vk.palybestar.com","domain":"palybestar.com","tld":"com"},"ip":{"addr":"172.241.53.93","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.016Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vk.palybestar.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 17:45:45 GMT","end":"Sun, 07 Dec 2025 17:45:44 GMT"},"fingerprint":{"sha1":"39:56:32:93:3E:0B:BB:CC:67:C3:2A:F4:C1:A9:F4:AB:5D:14:04:F3","sha256":"BF:94:5E:A3:E6:05:73:C3:84:81:D0:48:B9:B9:BF:3F:DA:32:ED:49:E6:87:FC:F7:B6:54:60:EA:C2:66:47:71"}}},"request":{"raw":"GET /rBUgDi4k9GCWE/128630 HTTP/1.1\r\nHost: vk.palybestar.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 19 Oct 2025 20:05:57 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\naccess-control-max-age: 600\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nset-cookie: GL_UI4=eJw9jc1OhDAcB%2FkGddnkl%2FAA%2BwgtUtKrF1%2FBI2npn7UKdFMqq28v8eBtDjOZKIqSpka8FyekX0rgwrnsZSdaybpRqlZr2feCaSEZb8U0CTzYbQhKzxQyVNuifBjCniHXXq2mRr44Q3ONUnt338g3KbJVLYTy1Xqa3PdhqA%2FnkfLn7mC7HhwzJG5r0nOF8s2u5ijPj0g4O5%2BKCE%2B3WYXJ%2BWWwpoiRX70yhPgF1agCXZ3%2FQWlo%2BwzuBrjZDP%2F%2B3zi9c4bC0G5HQu7CO%2FlfoWNCFg%3D%3D; expires=Mon, 20-Oct-2025 20:05:57 GMT; Max-Age=86400; path=/; secure; SameSite=None\nGL_GI10=eJwVyL0KglAYh3HPmxiRFH9wqM2lVbRUcJOcU6ILCLEI4eArR%2B3rphq7i24j2ruAbHiG36NpGllTUFnDjDwnch1%2F6XiBD3ECpRmoqGCkrC75DUKB3BVIVRhnjWQ74a5q%2B19A%2FxuixGQty6u9Y9m1JVcNqG%2BUsKpZ5e0RojYEqGWDQM3B0iDOxgwkczPefN%2BDx%2FPTg814cd%2FOX8M9qG6gu0EY%2FgCjMSmZ; expires=Mon, 20-Oct-2025 20:05:57 GMT; Max-Age=86400; path=/; secure; SameSite=None\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"848667c49f5d3aef59cd65ed276cd7ae","sha1":"bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763","sha256":"cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8","sha512":"4248ad0e684224ba8503b1e73517aae6ffe4431cd16b7633d2ccbf4b96f845e318dbee175d19cd4676ca37353f53add2231ed167ad6c4aa0d9fe185f7359238c","ssdeep":"","tlshash":"f23000000000000000cc00000000000000000000c000000000000000000000003c0000","first_seen":"2025-04-24T10:17:49.831301Z","last_seen":"2026-04-04T01:04:03.853848Z","times_seen":14774,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":118,"dns":88,"connect":17,"send":0,"wait":21,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"vk.palybestar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"vk.palybestar.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"vk.palybestar.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.125.32.186","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://mycima.page\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:05:57 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://mycima.page\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=a11b0847-7f13-4f2d-a938-83530f8cdc0d:3:1; expires=Wed, 17 Oct 2035 20:05:57 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"3cdf270850d7f16830926cabf20dc51a","sha1":"e3e558c37fa39e38b6f7e95b99f7291fd96740dd","sha256":"3f66026370b73f1ccc2a2a15e6bdb6e28668d401d6b5bbead72f3fb78f83a7d5","sha512":"afd0e83545c0d7df3a0329778616ab252a44b61e7a4f308194014121236a33bb471ed6d6758160890b37d5631ee6bbeadae91593d854cc8fda7bb1e017b35be9","ssdeep":"","tlshash":"1990041043117110135704401c141fd353100f3d1c377331cc4cd4350c04757c315001","first_seen":"2025-10-19T20:06:34.926025Z","last_seen":"2025-10-19T20:06:34.926025Z","times_seen":1,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":120,"dns":11,"connect":21,"send":0,"wait":21,"receive":0,"ssl":89},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/wp-content/uploads/2025/08/nopic.jpg","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycima.page","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 14:20:04 GMT","end":"Sat, 17 Jan 2026 15:17:32 GMT"},"fingerprint":{"sha1":"1E:85:F7:D5:D8:82:49:4C:C1:88:93:C8:CE:79:1B:D7:2B:A3:D1:A6","sha256":"41:D8:77:B3:D8:93:7A:56:F6:A0:00:8C:38:A6:BC:DC:93:93:B9:B0:2D:19:67:8B:1A:BB:F1:73:F0:B6:7C:E4"}}},"request":{"raw":"GET /wp-content/uploads/2025/08/nopic.jpg HTTP/1.1\r\nHost: mycima.page\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:05:58 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CfL38fTayBlhX8S3ieNakZwliy0RAr4jEwE%2FLIbUy5%2BEPxrblu2WdWyIfysugZv8OVEPPPICa%2BWhcAjjpq1YCiITTMYe3Gv0Ww%3D%3D\"}]}\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\nlocation: https://mycima.page\r\nreferrer-policy: no-referrer\r\naccess-control-allow-origin: *\r\ncf-cache-status: BYPASS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9912e4ab1ddf7127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":64710,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":588,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":588,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"mycima.page","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/bevan/v12/4iCj6KZ0a9NXjG8dWCs.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/bevan/v12/4iCj6KZ0a9NXjG8dWCs.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mycima.page\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 19984\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 16 Oct 2025 12:07:16 GMT\r\nexpires: Fri, 16 Oct 2026 12:07:16 GMT\r\ncache-control: public, max-age=31536000\r\nage: 287921\r\nlast-modified: Tue, 01 Sep 2020 03:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19984,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 19984, version 1.0","md5":"0db10b5d1f471ef6c3a30158ff403106","sha1":"ea993e87704687d1399a3b1fd79aa84c47659c82","sha256":"e0e544b2864b4c3d7425f4eff9f9365b629abcbaf37f03d0bf5ba381f227d48a","sha512":"06eca6e403bb6a112a86433ea198883584de5d13a4dce7ad355b15536a819fd1589fd5388ca53736d4617d3bc29f26d5ac6158cfa470f7438383d1f2a4d5a997","ssdeep":"384:eNrzH4bYeBX2Rg2fiaGiXkrIlxybwxju1uR5MD8Bgg5j5eEaP1qL4lq2wuPc8:eNtwX2C2f1JXkUubwxjugCwL2q2VR","tlshash":"2e92d0119381347e707969710e12619ce8f01e64bdd9203e87aecc5f4e6a19a2a3ea5e","first_seen":"2023-05-07T18:59:16Z","last_seen":"2026-03-30T23:23:37.293558Z","times_seen":195,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:58.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycima.page","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 14:20:04 GMT","end":"Sat, 17 Jan 2026 15:17:32 GMT"},"fingerprint":{"sha1":"1E:85:F7:D5:D8:82:49:4C:C1:88:93:C8:CE:79:1B:D7:2B:A3:D1:A6","sha256":"41:D8:77:B3:D8:93:7A:56:F6:A0:00:8C:38:A6:BC:DC:93:93:B9:B0:2D:19:67:8B:1A:BB:F1:73:F0:B6:7C:E4"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: mycima.page\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_KKSM1SN99C=GS2.1.s1760904358$o1$g0$t1760904358$j60$l0$h0; _ga=GA1.1.162558689.1760904358; pp_main_513e377770ba6c350ddd09d0a3200305=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:05:59 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nreferrer-policy: no-referrer\r\naccess-control-allow-origin: *, https://mycima.page\r\naccess-control-allow-methods: GET, OPTIONS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nlast-modified: Sun, 19 Oct 2025 20:05:59 GMT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E0nP64fW5X7wegtUWp9v33DxChsbCnEmTHX7ULKKsv5JsJ1N3WSft0Z26lZ74UUzJRgkdw5NRh0ORkplA8Pk5px%2B0NVtoIMYSQ%3D%3D\"}]}\r\ncf-ray: 9912e4aede3b7127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Yoast SEO:25.7","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]}],"data":{"size":64710,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (14367)","md5":"62f84a1348d6418aefa9ae29e721e285","sha1":"83551fc456e9291ce704ea736dfe3d370e8440d9","sha256":"52d1add5bbe092eb164f0715c5c0de07f7d7fbac4d2f6908bca8206e191b7dc1","sha512":"ce0fa49082767b02abf052f36f25342449e94f12953ff771afcc847e53431461d16d08deb48c8721d9a11f30262e8639033f119b7362df631778486b260f5ae6","ssdeep":"1536:ChGvG1apAuCnm/T0rJVf8CiKbQ983utZcl:CK+xmmiKk983utZ4","tlshash":"3d53e7f061d89032015a56dea1693b1dff63441bea06b60133bc5dc9afa7ca381776bc","first_seen":"2025-10-19T20:06:34.933037Z","last_seen":"2025-10-19T20:06:34.933037Z","times_seen":1,"resource_available":false,"data":null}},"time_used":940,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":936,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"mycima.page","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:05:58.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 19 Oct 2025 20:05:58 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 949d906dc000d32dbfd33efc8580d287\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.125.32.186","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:05:58.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sharevid.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nCookie: uid_id2=a11b0847-7f13-4f2d-a938-83530f8cdc0d:3:1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:05:58 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://sharevid.online\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"3cdf270850d7f16830926cabf20dc51a","sha1":"e3e558c37fa39e38b6f7e95b99f7291fd96740dd","sha256":"3f66026370b73f1ccc2a2a15e6bdb6e28668d401d6b5bbead72f3fb78f83a7d5","sha512":"afd0e83545c0d7df3a0329778616ab252a44b61e7a4f308194014121236a33bb471ed6d6758160890b37d5631ee6bbeadae91593d854cc8fda7bb1e017b35be9","ssdeep":"","tlshash":"1990041043117110135704401c141fd353100f3d1c377331cc4cd4350c04757c315001","first_seen":"2025-10-19T20:06:34.926025Z","last_seen":"2025-10-19T20:06:34.926025Z","times_seen":1,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/sbar.json?key=7ed7d7480d354d6a5551c0d1dea04047\u0026uuid=a11b0847-7f13-4f2d-a938-83530f8cdc0d%3A3%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:05:59.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /sbar.json?key=7ed7d7480d354d6a5551c0d1dea04047\u0026uuid=a11b0847-7f13-4f2d-a938-83530f8cdc0d%3A3%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sharevid.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 19 Oct 2025 20:06:00 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4302\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://sharevid.online\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=a11b0847-7f13-4f2d-a938-83530f8cdc0d:3:1; expires=Sun, 26 Oct 2025 20:06:00 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Mon, 20 Oct 2025 20:06:00 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Mon, 20 Oct 2025 20:06:00 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Mon, 20 Oct 2025 20:06:00 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Mon, 20 Oct 2025 20:06:00 GMT; path=/; secure; SameSite=None\nu_pl27452573=1; expires=Mon, 20 Oct 2025 20:06:00 GMT; path=/; secure; SameSite=None\nslec7ed7d7480d354d6a5551c0d1dea04047=[6233296]; expires=Sun, 19 Oct 2025 20:06:05 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 4a1beed0a6313835f7329b0a25c5701e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5839,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"5bd002f18360ceda219b309b82d5e79e","sha1":"b151827b356eba07b6d80756162ba666702395e0","sha256":"39292c63ee156ea99fad7b8299a1d6834b085b877ed5f1417a5c54dcd8a2323a","sha512":"dda45bb3600826d56bf2dfb12a10b4d09e6de832042ad71a382c47173a6a05d2747fb83ec9b0b26610359d0ee1beba28c124d1d68f4ac9b065cbd6c8f560d922","ssdeep":"96:9zmQ3/sdP4eqkaXaQWfSSWTIxLrkCKld3s1HneMG3Jemw32vzvpWv:9zD3/Cmk5DfSSWTjl5s1HneV3Yncji","tlshash":"3bc18e259040aaa18dde8cb56d370dec5c6c1ff35ee28d74c237ed9e023b09e5e68911","first_seen":"2025-10-19T20:06:34.940765Z","last_seen":"2025-10-19T20:06:34.940765Z","times_seen":1,"resource_available":false,"data":null}},"time_used":927,"timings":{"blocked":310,"dns":28,"connect":92,"send":0,"wait":305,"receive":0,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/player/jw8/vast.js?v=32","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:05:59.943Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mivalyo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 07:27:07 GMT","end":"Tue, 23 Dec 2025 08:26:47 GMT"},"fingerprint":{"sha1":"C9:EA:7B:D7:92:AA:85:BD:03:49:A7:87:AA:FF:3B:FB:4E:EB:54:DF","sha256":"A5:A8:7B:E8:D7:E3:97:83:3F:E9:6F:66:15:D5:83:FB:85:3D:CE:FB:33:7C:6C:76:73:A6:17:E6:2D:DC:E6:C5"}}},"request":{"raw":"GET /player/jw8/vast.js?v=32 HTTP/1.1\r\nHost: mivalyo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/v/abh8f3lot3g8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:05:59 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TY9vUHQ2x1aeI8n2XYyUYsOp5ACUF0y8OLEzVQcbI9SjMMYhifxQZSjx4a%2BCaNZK4FUGlUPCO%2BUgpcrtVtLjrD1ucIIT8lCmcb%2B0\"}]}\r\nlast-modified: Tue, 10 Dec 2024 07:24:43 GMT\r\netag: \"1b653-628e55ff864c0\"\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\nage: 1777\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9912e4b9ac860daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":112211,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"1b3eb53abc624a51f5e226d08758ddf3","sha1":"6cca061ec7c41313ec2027eaaca76fa9dfad750b","sha256":"73788e3233d5113578082f78869724925d3e4dd2c9d02fdc0bf84d6aed3a768e","sha512":"c6c7bbc31213d98134d98087ad912f1244b2dc7c7914247baac80d534663ab75135c004bf5473044db9e082302477b9d812b0a0db4c5f21b3e27508c26c265c5","ssdeep":"1536:twVnle2Qmbe005pkZ/gbxRYpYItN6X6ud7srzIjpitB39BsLIYOONMQHMkBxLNwO:tEnPRIN1D2zXkIYdN7Hnf","tlshash":"acb308872399d52247e484e960344212b335060f780a83acf67dfdef1d5ea4b76bab74","first_seen":"2025-04-01T21:32:19.700252Z","last_seen":"2026-04-02T13:28:52.634565Z","times_seen":561,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/utility/default/robot/2/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:06:00.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/utility/default/robot/2/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sharevid.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:06:00 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 08 Apr 2025 16:16:09 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"67f54bc9-1610\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 13800\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8LOYj9gVaC3CWr9cKkQUfMhC2dIZtiHUIpmPQDK84qMb%2BtS4dzloO6wBdIYJTV4Wq9F69SIh7fzV996Cp0sV2p3UBx%2FLJDvv4WA7OI4A\"}]}\r\ncf-ray: 9912e4be1ccd56bb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5648,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"1622d5dbd3ee323f1f251cb3de7b1f03","sha1":"bf821b06f4b67fc40dbd4398e00be1e12b566d41","sha256":"58789b7eb6e198a1a16151797ce4b1218e36c8708a9cd8a1808cdc40b21b1bb8","sha512":"4e0dfd40e4363c28d49965b28566cb98bd98b3de021cc4ebd60f15f7ff4bb2238d8534f3c98d162a5c2c54c24e15a3fd3db60e04ddef648d8a0752f3d69ca2d3","ssdeep":"96:5zlzMUmZ1CfICcfXgCfViOtAYiY5mnM0pfionq4OHBCHLmOCp0PkuCo1CCJ0xFCL:fMFInadiOyXnM0M0srv4Dv","tlshash":"e0c12fa617650204750bd8563e126f17a7688043ef0fd9b86ed2240c8fca6ce96e378f","first_seen":"2025-07-06T07:29:12.192872Z","last_seen":"2026-03-16T08:29:14.362113Z","times_seen":1118,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":82,"dns":3,"connect":1,"send":0,"wait":15,"receive":0,"ssl":77},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/utility/default/robot/2/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:06:00.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/utility/default/robot/2/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sharevid.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:06:00 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 08 Apr 2025 16:16:14 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U%2F95qVAKA2%2BdAqyuV1vd1cd6TEtgsMhEdsYkRIWE6YSpXpR5RmSL%2FIzV%2F9q0RV6HlPQOp9tPY3gGDNZ29N%2FKk%2FG%2B9HrshOKjf1YD%2FuTg\"}]}\r\nage: 13800\r\ncf-cache-status: HIT\r\netag: W/\"67f54bce-20dc\"\r\ncontent-encoding: br\r\ncf-ray: 9912e4bf3ded56bb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8412,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"066cc70a926c6ed2bd892cb5b2ef2127","sha1":"6ba3eb39830a2ef9e522cf28d779d25359a12587","sha256":"3a81ae28e6ed4c4b72715adf753ffb80cea10bccdb8aa81053fbcfa7d935a560","sha512":"d63b0c210b2b76569b7b79df20c58b3571fff409090fe40b1e7ffeeb219fe3991cfc82bf0889c30a29b18dff878910d4c3480dad8a85fb9cb10180124309f5ba","ssdeep":"96:KyLqrYLHwX1O/D3cYmeDjlwjeqFczLCDsnvuRQs01GKyBspfkxzUXe2lJK9zbdro:dLF4crcYmeV+VHJmQxdCnV8oDeQToS","tlshash":"ee02310809fad521d01da13e203e3265f7244a53ac5abed8bb8451055fded6fb9b903f","first_seen":"2025-07-06T07:29:12.196612Z","last_seen":"2026-03-16T08:29:14.391925Z","times_seen":1376,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"p16-ad-sg.tiktokcdn.com/obj/ad-site-i18n-sg/202505195d0de54407a968bc43d896fd","fqdn":"p16-ad-sg.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.23.13.27","port":443,"asn":20940,"as":"Akamai International B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:06:01.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 07 Mar 2025 05:26:04 GMT","end":"Wed, 08 Apr 2026 05:26:03 GMT"},"fingerprint":{"sha1":"AB:A5:D2:DF:CE:6C:6D:AE:DD:36:C7:0F:CC:E1:32:1D:76:C7:35:C0","sha256":"75:76:14:5C:F5:BB:65:0D:C6:06:2B:2A:07:FA:50:AF:47:D8:3D:E9:63:80:10:B1:BA:42:B3:0B:51:AE:A7:9B"}}},"request":{"raw":"GET /obj/ad-site-i18n-sg/202505195d0de54407a968bc43d896fd HTTP/1.1\r\nHost: p16-ad-sg.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://mivalyo.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 797566\r\nimagex-fmt: png2png\r\nlast-modified: Sat, 18 Oct 2025 17:30:13 GMT\r\nnw-session-id: 20251019013013ED4399F14D7926CD6CC2ms67j12tt\r\nnw-session-trace: 2025-10-18T17:30:13.896697767Z 74\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-length: 797566\r\nx-powered-by: ImageX\r\nx-response-date: Sat, 18 Oct 2025 17:30:13 GMT\r\nx-tt-logid: 20251019013013ED4399F14D7926CD6CC2\r\nx-request-ip: fdbd:dc51:ff:1:1:245:2:46\r\nx-response-cinfo: fdbd:dc51:ff:1:1:245:2:46\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 0126282891bc51fb24322ca3dc41539fa554b55e2312c22125d713edd015c3d1af7b0e3b8cd7882e95b2a64d5488cb94b3f3f96b529cccd20878abab1c62431183e8151dcba8e3dcb9d1373a7e148043fd0c3c6a22f93cbaa53b8fd7efb5ed807e45a4fd76f41ed3e26330f5fd80a778ba\r\nx-tt-trace-id: 00-251020040601B3BAD0312B60C432D012-4BFB54DC5D0FB925-00\r\nserver: TLB\r\nx-origin-response-time: 77,23.193.181.19\r\ncache-control: max-age=31440252\r\ndate: Sun, 19 Oct 2025 20:06:01 GMT\r\nx-cache: TCP_MISS from a2-23-13-23.deploy.akamaitechnologies.com (AkamaiGHost/22.3.0-fcd174d50fb223c8364cec3c4b3f29c6) (-)\r\nx-cache-remote: TCP_MISS from a23-1-233-229.deploy.akamaitechnologies.com (AkamaiGHost/22.3.0-fcd174d50fb223c8364cec3c4b3f29c6) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=miss;type=static\r\nserver-timing: cdn-cache; desc=MISS, edge; dur=273, origin; dur=72, inner; dur=2\r\nx-parent-response-time: 317,23.1.233.229, 345,2.23.13.23\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":797566,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced","md5":"4e403ff958d5e12504fcf5d9dc7cccc8","sha1":"6c0e09449e6284ac9ba9a55e287d1c5465aa6cf8","sha256":"7597c111ef6fb83ed592572605fcad1f108c45fd2455a76c2eb621f905362ea7","sha512":"8a4a563ef8cc20877b30077e5ce2c8c2a140af2fd8e716a49694aadf7c27fcef94972110f4827c4e6884395f5d16e1b97c2f45e774542179838cce980a62d6e3","ssdeep":"12288:qKHA59y4mVUu6DbxiQGc5oIEE0Hl0vCFSazq8TpWXzGkMcHsqGr4IY+ig2s3CLf:HUy4m+zLGcgqvCFPuO0Dm0CpY+ihs3c","tlshash":"ca05235c3b8c488fc96725e3839887f2a6544c501a4a7fe721aa7e4d7cf84f8ec64138","first_seen":"2025-09-09T12:45:33.122305Z","last_seen":"2025-10-19T20:06:34.955027Z","times_seen":2,"resource_available":false,"data":null}},"time_used":750,"timings":{"blocked":73,"dns":54,"connect":1,"send":0,"wait":348,"receive":256,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/js/localstorage-slim.js","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:05:59.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mivalyo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 07:27:07 GMT","end":"Tue, 23 Dec 2025 08:26:47 GMT"},"fingerprint":{"sha1":"C9:EA:7B:D7:92:AA:85:BD:03:49:A7:87:AA:FF:3B:FB:4E:EB:54:DF","sha256":"A5:A8:7B:E8:D7:E3:97:83:3F:E9:6F:66:15:D5:83:FB:85:3D:CE:FB:33:7C:6C:76:73:A6:17:E6:2D:DC:E6:C5"}}},"request":{"raw":"GET /js/localstorage-slim.js HTTP/1.1\r\nHost: mivalyo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/v/abh8f3lot3g8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:05:59 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Tue, 16 Nov 2021 10:32:06 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UdWjVY9zld43XbzbVpYV3nNuwhzSBAMLM6JsV21LEhHAN%2B1RyIUf0UgXTe74TJlcCSvrTY20iKzJvP2OG%2BFrnnFaDLNZrE7pZIqX\"}]}\r\netag: \"619388a6-810\"\r\nexpires: Wed, 22 Oct 2025 09:16:04 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\nage: 384594\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9912e4b88c5e0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2064,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2063)","md5":"ba6facacb00551830393d637195804cf","sha1":"77d2d2802ee44767b33a2d679945cc3efa3619cc","sha256":"41bb37c8133d8e5c128820cfbe03bcbf63ce256bcbd60a1a76143472d8668e38","sha512":"90aa07250eb414ec22765ab6922f593ed3186faecc02008f0331c3e3807cace76861e01028142015308341e955f151b609d08b7d354ff2d27e0ff04ebfde81f9","ssdeep":"","tlshash":"ea41118275e1d9904be004e728b0c002e638992e705d62d0f7b7dd827c9909bcfb57fa","first_seen":"2023-03-07T15:52:27Z","last_seen":"2026-04-02T14:58:36.927958Z","times_seen":1477,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/assets/jquery/player.js?type=mainstream\u0026u=43405\u0026v=2.0","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:05:59.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mivalyo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 07:27:07 GMT","end":"Tue, 23 Dec 2025 08:26:47 GMT"},"fingerprint":{"sha1":"C9:EA:7B:D7:92:AA:85:BD:03:49:A7:87:AA:FF:3B:FB:4E:EB:54:DF","sha256":"A5:A8:7B:E8:D7:E3:97:83:3F:E9:6F:66:15:D5:83:FB:85:3D:CE:FB:33:7C:6C:76:73:A6:17:E6:2D:DC:E6:C5"}}},"request":{"raw":"GET /assets/jquery/player.js?type=mainstream\u0026u=43405\u0026v=2.0 HTTP/1.1\r\nHost: mivalyo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/v/abh8f3lot3g8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:05:59 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0ZtwpAFxpbsIyCWd53TGZoKuIsIRR5Pk3%2BWEuTBXxmnhMKriGhbT76XA87F5s6O%2FDMRe1Oahw9gpXAjYQmbVeEeGm1qr0L7gJy%2BJ\"}]}\r\nset-cookie: lang=1; HttpOnly; Path=/; Domain=mivalyo.com\r\nexpires: Sat, 18 Oct 2025 20:05:59 GMT\r\nx-frame-options: DENY\r\nvary: accept-encoding\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9912e4b88c600daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8281,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (8281), with no line terminators","md5":"95f335e82f86e7e226fb0d72a8daeed3","sha1":"403f27ee7a0ddbd7cf6e31a8637d89aba9c4e307","sha256":"16a18c83647fbc0438206b9a80dfe4626ee1de1d79c59af9cc4337eb0a9b93e6","sha512":"7d1060ab24d04e149a090b8f0e01affcbbfc4870434667fcfc7bc0126a2ff8f447a6f7c2a578e40464b98be36f469bca033ced9240ee09cb4839068367d9ebe4","ssdeep":"192:tQDu55eTGY8C37QMfVZmVzHFwSkrxAJcqqr4oo4bMvT:ayIy8rdYz2UoRbMvT","tlshash":"df0261052f40146563b24feab62f60e2f06d2d0f3f064093f539f89975ae522eee9971","first_seen":"2025-09-14T10:15:32.123442Z","last_seen":"2025-11-28T20:42:16.629067Z","times_seen":10,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:06:00.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bvtpk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Sep 2025 16:15:33 GMT","end":"Mon, 08 Dec 2025 17:13:51 GMT"},"fingerprint":{"sha1":"57:53:1B:12:8D:B5:A7:B6:96:E2:B4:FE:90:A1:D8:FA:24:94:9A:B9","sha256":"4E:2A:10:4F:06:F6:4E:34:B3:5A:E6:9B:A2:C7:FC:B2:A4:7D:55:44:3D:06:2B:38:35:A7:52:1D:F2:4E:80:5E"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: bvtpk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:06:00 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-trace-id: ebe628126a97d38399a64997329bae64\r\ncache-control: public, max-age=600, s-maxage=1800\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 368\r\ncf-cache-status: HIT\r\nlast-modified: Sun, 19 Oct 2025 19:59:51 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GUOYYzjJfeeKDM%2FlCMgIHoGxpGZjVPsoJiFr5PasLjBG5rG0vRVBOkQKA8jo67fShNd%2BEQEX0tVKllSYIkuakDpxbYOdZ0PKBw%3D%3D\"}]}\r\ncf-ray: 9912e4ba9b6c75ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109923,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"286da3347eef52dae529375b74cdfc5e","sha1":"d4a872ff7fab3ae580c524606c5f54ca19a9ab6a","sha256":"31dd52ee751b37fa41441d6bbf13f9cd2c28aabebe5be920694a226d9bb9f1d4","sha512":"eb4776a8aab45ecc98381c9fada1755ae355028932f44f15ae3aa2bb0129abb89cd69a2c8154a33ccc8fd07cd602f1e0c2e962828a06b3ccd3f71e09f3dcfe98","ssdeep":"1536:I8zmHlk4JQ9aO4kD9VaZ06GUqo54Az0SBYQ4+DIVVuBWw:jzsJkaO44I06GUb0S6z32Ww","tlshash":"08b33bc6226a241612bf8034445bed0eb5aecd8104cdcdb8e1e5b8662d78b16d3f7fd9","first_seen":"2025-10-17T15:21:38.182947Z","last_seen":"2025-10-20T20:31:42.986047Z","times_seen":96,"resource_available":true,"data":null}},"time_used":170,"timings":{"blocked":79,"dns":4,"connect":1,"send":0,"wait":7,"receive":0,"ssl":74},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/utility/default/robot/2/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:06:00.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/utility/default/robot/2/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:06:00 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 08 Apr 2025 16:16:14 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3eXt6zm7DNhl6EXAsubTx%2BXuTh2XvBqYDPjWcYf4I4PwS%2F7eqTc4jWccM%2BHll%2F1ts5mUcg2frqhN0jMY%2B%2BFFRpT6NpkyYgP%2B54kY%2BKeC\"}]}\r\nage: 6260529\r\ncf-cache-status: HIT\r\netag: W/\"67f54bce-149a0\"\r\ncontent-encoding: br\r\ncf-ray: 9912e4be1cd056bb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84384,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32025), with CRLF line terminators","md5":"6326c600df01e3bfb9b40e1aa08176f8","sha1":"6b4fb754d29b297b539bf62ba9b4eaf0f33f314a","sha256":"df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3","sha512":"641aaeecb9b89bcc319cabfef18f76faa9b1ba79f9de30c6d07f22d385fc78ac3f11a718fe9ec96f8a13d82e3dff4ca34944ccb449a4ef8e378ad65dfad581c0","ssdeep":"1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri","tlshash":"eb83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","first_seen":"2023-03-07T01:10:11Z","last_seen":"2026-04-04T02:03:46.574007Z","times_seen":10356,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/wp-content/themes/mycima/js/teamwork-ajax.js","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycima.page","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 14:20:04 GMT","end":"Sat, 17 Jan 2026 15:17:32 GMT"},"fingerprint":{"sha1":"1E:85:F7:D5:D8:82:49:4C:C1:88:93:C8:CE:79:1B:D7:2B:A3:D1:A6","sha256":"41:D8:77:B3:D8:93:7A:56:F6:A0:00:8C:38:A6:BC:DC:93:93:B9:B0:2D:19:67:8B:1A:BB:F1:73:F0:B6:7C:E4"}}},"request":{"raw":"GET /wp-content/themes/mycima/js/teamwork-ajax.js HTTP/1.1\r\nHost: mycima.page\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:05:57 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nlast-modified: Thu, 12 Sep 2024 13:02:25 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: no-referrer\r\naccess-control-allow-origin: *\r\netag: W/\"66e2e661-538\"\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MjB1BBMV906SUFMgDjG0COqFEsstY%2BD7MJ7%2FZL3qOgDiSuD1y6iCYVtnmvknhNbWMrve0oKHUfY7hrLXLWIOtqVs8CBhWuSE6g%3D%3D\"}]}\r\ncf-ray: 9912e4a74d687127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1336,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"ecdab97e39ce75fa80db88d3cce14304","sha1":"aab69ad845bda07f965c69979a20fc3d19848982","sha256":"91e5da0e5d4b81688c6c93a68ad3e2f599a6a065c69bae0aeaa5c227ed4d9c5c","sha512":"d4ced31cf138e32ce12b612f0dd614b6445b2ae7cadbe2c6b7612589aeca693516006a5b1aa9fc2f5c3856cbf8f31cf5656264dbe5301eaf40e2dac8772468d7","ssdeep":"","tlshash":"b821f3b90f3841629777967ee06b1818f6b6b8130301e915782d16448ff6552c40eefb","first_seen":"2025-07-27T11:25:48.411621Z","last_seen":"2026-03-27T22:31:05.03019Z","times_seen":25,"resource_available":true,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"mycima.page","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"site-assets.fontawesome.com/releases/v6.1.1/webfonts/fa-regular-400.woff2","fqdn":"site-assets.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"104.18.40.68","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 23 Aug 2025 21:04:01 GMT","end":"Fri, 21 Nov 2025 22:03:57 GMT"},"fingerprint":{"sha1":"CC:FF:C9:AB:7D:4F:0E:BD:2F:0D:51:59:D6:60:F9:CD:7D:68:E5:4B","sha256":"EF:79:B2:3F:26:48:FD:84:D5:42:BF:1E:35:73:D2:4A:8A:DB:54:C5:37:B0:F6:75:31:FE:6A:BC:D5:8A:F4:C2"}}},"request":{"raw":"GET /releases/v6.1.1/webfonts/fa-regular-400.woff2 HTTP/1.1\r\nHost: site-assets.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mycima.page\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://site-assets.fontawesome.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:05:57 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 388900\r\ncf-ray: 9912e4ac496f56c5-OSL\r\nx-amz-id-2: kUNhwNBanQSNJYOgaehOPXDIpo6Rs3xNVDk/1yj3/bALYJ0YiBD6L4uFGhxsNMPKg9fVy72rL6OFYdPsoSxpDg==\r\nx-amz-request-id: 2D7BW95HC4V5TFZP\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 3000\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding\r\nlast-modified: Tue, 22 Mar 2022 15:42:55 GMT\r\netag: \"a927362a975051e5d7361d860d8ffba7\"\r\ncache-control: public, max-age=31556926\r\ncf-cache-status: HIT\r\nage: 9015\r\nexpires: Tue, 20 Oct 2026 01:54:43 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":388900,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 388900, version 769.768","md5":"a927362a975051e5d7361d860d8ffba7","sha1":"6b97f2ea63d6e7e04006d0366b87697fb4a594d0","sha256":"121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e","sha512":"aa2a13e377d7079ab805ba67f2c3d013d38864b8ca0f47349559a99ba2a64fc937e0b33a82445c38e322d413a5da5a21146ffba7db7329f4cfe46e7adc142ad6","ssdeep":"6144:RYYFamiEXWy7gNtlIg/TWPJDg9+u5+BKhDnlKwLhsiXqU1af8vl1zMelmm5uBJ3F:PFamBXWxlIgaPJk9h+BKlKYhsiXpaf86","tlshash":"7d8423a830e3b528f886f6e7d26bfcc246577766a7348071b10f534ab312b56911ed0e","first_seen":"2023-04-07T17:29:43Z","last_seen":"2026-04-03T19:20:48.19473Z","times_seen":5886,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","fqdn":"sharevid.online","domain":"sharevid.online","tld":"online"},"ip":{"addr":"172.67.190.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:58.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sharevid.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Oct 2025 00:02:09 GMT","end":"Thu, 08 Jan 2026 00:59:47 GMT"},"fingerprint":{"sha1":"0A:5C:39:58:97:86:F7:55:52:E0:18:44:03:96:8C:3B:4D:DC:52:D0","sha256":"47:CC:7B:85:86:80:92:8E:B3:29:16:A4:56:59:F1:7F:0A:D7:30:3C:3B:48:12:54:F8:1F:B4:D4:43:C2:00:94"}}},"request":{"raw":"GET /play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/ HTTP/1.1\r\nHost: sharevid.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:05:58 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QaY4RoHmpl39yDm1%2FBXicqcUSzg9OrvHr%2F8WzRMFOyOYTCgnTJA%2FEzeHjZo7UHN9z7MoXoQU1DoHm1pJqe30tKlK6m32QT9SiDtKhsg%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9912e4aecb71b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1095,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"1c7a47992505eb95ddb28783310accf1","sha1":"16bc89d703d39f7d43ba8b388a2cf6477775653c","sha256":"b79a125c51cb3a8a991ec984e254f4f43748753b284bb4ae129f42f3251213ce","sha512":"a95c3837604daeb5bf51bc51f7a777c6a004d7f8bbe266684ddc07cf889c842d9eaebb2cc598ba0509fec5d65788383c111008f5fc463fc22c4e423769d1bbb7","ssdeep":"","tlshash":"b511eb870d0741889811d080aff6e21ca25bd40ba756ca653efc31269f89b46ec933dc","first_seen":"2025-10-19T20:06:34.97706Z","last_seen":"2025-10-19T20:06:34.97706Z","times_seen":1,"resource_available":false,"data":null}},"time_used":429,"timings":{"blocked":85,"dns":55,"connect":1,"send":0,"wait":259,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:06:01.149Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://sharevid.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 16 Oct 2025 12:56:02 GMT\r\nexpires: Fri, 16 Oct 2026 12:56:02 GMT\r\ncache-control: public, max-age=31536000\r\nage: 284999\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T02:31:26.319062Z","times_seen":713564,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-19T20:05:55.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycima.page","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 14:20:04 GMT","end":"Sat, 17 Jan 2026 15:17:32 GMT"},"fingerprint":{"sha1":"1E:85:F7:D5:D8:82:49:4C:C1:88:93:C8:CE:79:1B:D7:2B:A3:D1:A6","sha256":"41:D8:77:B3:D8:93:7A:56:F6:A0:00:8C:38:A6:BC:DC:93:93:B9:B0:2D:19:67:8B:1A:BB:F1:73:F0:B6:7C:E4"}}},"request":{"raw":"GET /%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/ HTTP/1.1\r\nHost: mycima.page\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:05:56 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-pingback: https://mycima.page/xmlrpc.php\r\nlink: \u003chttps://mycima.page/?p=376035\u003e; rel=shortlink\r\nreferrer-policy: no-referrer\r\naccess-control-allow-origin: *, https://mycima.page\r\naccess-control-allow-methods: GET, OPTIONS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CiQrDxUCmVghLAeyLzIWvHbesYs05P1ZukocalRuZxG8w5oGfcWBYCYIAmOkXO4tgcCIQRsKr%2BiB4JYx1ADU1HbRwq9zbz8HN8Ww\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 19 Oct 2025 20:05:56 GMT\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9912e4a0ecd14e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Yoast SEO:25.7","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"jQuery Migrate","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Gravatar","description":"Gravatar is a service for providing globally unique avatars.","website":"https://gravatar.com","common_platform_enumeration":"","icon":"Gravatar.png","categories":["Miscellaneous"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]}],"data":{"size":235021,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (14367)","md5":"23a14bc69e8807a1a557aa0d5fa4bb05","sha1":"701641f53abaecf44e61d11331951ee688c6bc95","sha256":"de78aa71f8d4ac26ada95c18cf59f203e1b83e6459547c86b4425aa3ab3844b7","sha512":"a7a20913f66da8bf0de21bb4da947853525b4d366bc650c26097f91c676b8259f5c2eefc7cd37fb7b9e4da5aea39a8203b081e4e856cc287610a5b9da6f9ba3d","ssdeep":"3072:Cq1+xmmiKk983utZhlLnCNIBFXbztazcIXY8LWZ99bw1cvufGovTEt5Tl5jc+DAV:BQ2lLnC6Xq8xw1BTEt5Tl5M","tlshash":"b834e84062806c3b0357a7af7206755afa97142ae5c59c16f3bc1c105fcfaa3b5ba4f8","first_seen":"2025-10-19T20:06:34.982346Z","last_seen":"2025-10-19T20:06:34.982346Z","times_seen":1,"resource_available":false,"data":null}},"time_used":920,"timings":{"blocked":43,"dns":20,"connect":1,"send":0,"wait":834,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"mycima.page","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.gravatar.com/avatar/655d85ef2fafdb3a254153a3f76f5b26e93e89abc65f985e507373675e3b4e03?s=50\u0026d=mm\u0026r=g","fqdn":"secure.gravatar.com","domain":"gravatar.com","tld":"com"},"ip":{"addr":"192.0.73.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:58.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gravatar.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 19:44:01 GMT","end":"Sat, 10 Jan 2026 19:44:00 GMT"},"fingerprint":{"sha1":"9A:AD:B4:0D:78:72:BD:79:3B:85:71:6E:98:21:AA:57:5D:FE:A1:D8","sha256":"23:BF:7F:44:90:FB:07:43:D0:6E:80:2E:C0:31:09:27:0E:4B:CA:85:DA:67:94:AE:FF:06:30:93:B6:78:DB:53"}}},"request":{"raw":"GET /avatar/655d85ef2fafdb3a254153a3f76f5b26e93e89abc65f985e507373675e3b4e03?s=50\u0026d=mm\u0026r=g HTTP/1.1\r\nHost: secure.gravatar.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 19 Oct 2025 20:05:58 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1079\r\nlast-modified: Wed, 11 Jan 1984 08:00:00 GMT\r\nlink: \u003chttps://gravatar.com/avatar/655d85ef2fafdb3a254153a3f76f5b26e93e89abc65f985e507373675e3b4e03?s=50\u0026d=mm\u0026r=g\u003e; rel=\"canonical\"\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline; filename=\"655d85ef2fafdb3a254153a3f76f5b26e93e89abc65f985e507373675e3b4e03.jpg\"\r\naccept-ranges: bytes\r\nexpires: Sun, 19 Oct 2025 20:10:58 GMT\r\ncache-control: max-age=300\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: HIT arn 17\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=HIT;dur=0.0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1079,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 50x50, components 3","md5":"2cab3d3fa7d1e9235273cb250cbb4fd4","sha1":"33bc0249e0c5f076a60d80689b5671b80ec86aeb","sha256":"8f5cbefbc8471f12891d59199d120581251476c46ffcd8be2630b84513e556a3","sha512":"b3168e03f8c2625f4b4b0058b73c57bb9bb653dc0e68deb2fb8915e89a1fd7ab0efaa38852979f5e8ef18a6f276b126d5e878f3c441a92c89815c520cb03eb39","ssdeep":"","tlshash":"6f11727a47a207c4bc2786f789551ee2a2ec6ad539c1162b3ff042a2c651ac86c4c658","first_seen":"2025-02-19T13:00:33.303705Z","last_seen":"2026-04-04T02:49:27.436887Z","times_seen":944,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":29,"dns":10,"connect":8,"send":0,"wait":8,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=a11b0847-7f13-4f2d-a938-83530f8cdc0d\u0026eb=b4a1e9e656c69793df2b2d859c4669eb\u0026te=69580d858476b72643a9c5b309837f4c\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=1\u0026pk=7ed7d7480d354d6a5551c0d1dea04047\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=20","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:06:01.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=a11b0847-7f13-4f2d-a938-83530f8cdc0d\u0026eb=b4a1e9e656c69793df2b2d859c4669eb\u0026te=69580d858476b72643a9c5b309837f4c\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=1\u0026pk=7ed7d7480d354d6a5551c0d1dea04047\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=20 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 19 Oct 2025 20:06:01 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 1\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ae270bb9c790f8710dc08a65a47a2925\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":663,"timings":{"blocked":283,"dns":3,"connect":93,"send":0,"wait":95,"receive":0,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Changa:wght@200;300;400;500;600;700;800\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:42:00 GMT","end":"Mon, 15 Dec 2025 08:41:59 GMT"},"fingerprint":{"sha1":"E9:4F:AE:49:69:8C:15:95:B2:F7:9C:C0:6F:DA:FF:C6:06:1A:22:46","sha256":"89:56:CA:FF:85:BC:CA:ED:64:3B:13:28:77:62:7B:0C:FD:25:AB:78:F3:7E:B5:34:21:E4:79:F2:F9:D2:8C:E7"}}},"request":{"raw":"GET /css2?family=Changa:wght@200;300;400;500;600;700;800\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 19 Oct 2025 20:05:57 GMT\r\ndate: Sun, 19 Oct 2025 20:05:57 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11872,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (649)","md5":"b4ea6552ba0c21f84892bf5a62fd2b85","sha1":"27430bf11257fb8c5dc940e49cc92e99c17c8430","sha256":"06cdab14873920a27a27dcec0605f593b4f60cd9ba1c42db9e8a9dec1e6f8052","sha512":"e6746770e3f731f5a4be879d1bfb6896dd326f1d0919d1213b6c65fd52d8e585f8c16d68f3d92f4c2fed7ebd55cdf078536cca2f0100918b9431b4b5589ea12d","ssdeep":"192:s4ClEdBY4ClrdSF4ClKdzm4Cl5dsj4ClAdVc4Clnd254Clmd3Q:ulNlelzlslJlqlb","tlshash":"45326ae0482e4184bb875dc2638d6e27de1ea1a56484896c8bfd1b8fdcdbc26736174c","first_seen":"2025-09-11T04:51:49.081459Z","last_seen":"2026-04-03T13:40:17.187593Z","times_seen":74,"resource_available":false,"data":null}},"time_used":398,"timings":{"blocked":165,"dns":1,"connect":28,"send":0,"wait":50,"receive":0,"ssl":151},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrRpiYlJ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mycima.page\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 8948\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 16 Oct 2025 12:07:16 GMT\r\nexpires: Fri, 16 Oct 2026 12:07:16 GMT\r\ncache-control: public, max-age=31536000\r\nage: 287921\r\nlast-modified: Tue, 16 Jul 2019 03:31:22 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8948,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 8948, version 1.0","md5":"3ca4aaa12ffa2e1f165db59f857ee5b0","sha1":"1a72fa6677fa1b70f43d4a0abf3c309c211ee9fa","sha256":"d404f987f0d261c3eff16cd778fb138d5c604af7f361e609ef0b91bac16d7e67","sha512":"9aede3a19b6b6a0606e235d0adb2c7916e5a86e7e4193b00437c4d3868eddda61bc68d26777ebc12cf9ba379d86102a843e51a142db45c9042263db07a2be67b","ssdeep":"192:xKyvpRRv+hWRNsh1+eSwhUwennHvRVdLZ2yrkVq+69BVopMDZN5/eQ:pZ2sih15hcPTBZ2D+MKZX/eQ","tlshash":"3b02cfedf64c51b4d243907dcdeef28421a84d21aac699c2a78d8538c67de83fc58409","first_seen":"2023-05-07T18:59:16Z","last_seen":"2026-03-30T23:23:37.242202Z","times_seen":192,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.947Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:07:02 GMT","end":"Sat, 29 Nov 2025 00:07:01 GMT"},"fingerprint":{"sha1":"AD:4F:15:9E:60:62:A7:16:BA:4B:37:64:C6:01:6B:2B:99:47:89:BE","sha256":"44:74:EA:98:35:48:9C:28:63:20:61:17:18:F6:2B:0A:57:68:36:F4:EF:B0:67:1E:C0:7C:41:30:13:2C:02:F1"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 19 Oct 2025 20:05:58 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 111e9a5ab01313d0db933e7227964760\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":138,"timings":{"blocked":60,"dns":0,"connect":17,"send":0,"wait":18,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.125.32.186","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:05:59.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sharevid.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nCookie: uid_id2=a11b0847-7f13-4f2d-a938-83530f8cdc0d:3:1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:05:59 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://sharevid.online\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"3cdf270850d7f16830926cabf20dc51a","sha1":"e3e558c37fa39e38b6f7e95b99f7291fd96740dd","sha256":"3f66026370b73f1ccc2a2a15e6bdb6e28668d401d6b5bbead72f3fb78f83a7d5","sha512":"afd0e83545c0d7df3a0329778616ab252a44b61e7a4f308194014121236a33bb471ed6d6758160890b37d5631ee6bbeadae91593d854cc8fda7bb1e017b35be9","ssdeep":"","tlshash":"1990041043117110135704401c141fd353100f3d1c377331cc4cd4350c04757c315001","first_seen":"2025-10-19T20:06:34.926025Z","last_seen":"2025-10-19T20:06:34.926025Z","times_seen":1,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/js/xupload.js","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:05:59.769Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mivalyo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 07:27:07 GMT","end":"Tue, 23 Dec 2025 08:26:47 GMT"},"fingerprint":{"sha1":"C9:EA:7B:D7:92:AA:85:BD:03:49:A7:87:AA:FF:3B:FB:4E:EB:54:DF","sha256":"A5:A8:7B:E8:D7:E3:97:83:3F:E9:6F:66:15:D5:83:FB:85:3D:CE:FB:33:7C:6C:76:73:A6:17:E6:2D:DC:E6:C5"}}},"request":{"raw":"GET /js/xupload.js HTTP/1.1\r\nHost: mivalyo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/v/abh8f3lot3g8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:05:59 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 08 Oct 2021 14:16:42 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VpYJ8eW584NdUeZUwoATe%2FKagg%2BpbgI4VE16CPC%2FuWGl1fvtomUPsjWKw3AwWzq5FzPxAszhGGxrea%2BhG6LBGvwzk3JAxLj4hkHj\"}]}\r\netag: \"616052ca-29dc\"\r\nexpires: Wed, 22 Oct 2025 09:16:04 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\nage: 384594\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9912e4b88c5c0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10716,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"98f99724f09ee7524d3e2ad085f43332","sha1":"3a1b48d327c1bb5c1675b5d63d7806006b18b671","sha256":"90c38291318a91efee3b33b2ab5dcc4338fd5a85ff913afa631dfd26267a7eac","sha512":"057c3096700dd08e1d09e93402b60454c92a3567df1510c698e486fbf82df8e5f23aaf063376b6b5c139d27e8aa773f01a0e036260bed96bd4fb5c86a7b79ca9","ssdeep":"192:7IKE9YGs1axsrl6IsZWnrbll621w+4UWdRebMQ4WdReDyYQaQv7OsaaFg+BnqGQZ:EGy+tBlV9GRebVReDyYS7OsaaF10fq3u","tlshash":"e722774abaa339912a7730350bbf52043b398407114aca54bd5cd6c4af8452897ffbfd","first_seen":"2023-03-07T15:52:27Z","last_seen":"2026-04-01T19:35:17.30488Z","times_seen":605,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/stream/JqM13Gx-A5iO7OWweH2FBw/hjkrhuihghfvu/1760947559/4402762/master.m3u8","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:06:00.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mivalyo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 07:27:07 GMT","end":"Tue, 23 Dec 2025 08:26:47 GMT"},"fingerprint":{"sha1":"C9:EA:7B:D7:92:AA:85:BD:03:49:A7:87:AA:FF:3B:FB:4E:EB:54:DF","sha256":"A5:A8:7B:E8:D7:E3:97:83:3F:E9:6F:66:15:D5:83:FB:85:3D:CE:FB:33:7C:6C:76:73:A6:17:E6:2D:DC:E6:C5"}}},"request":{"raw":"HEAD /stream/JqM13Gx-A5iO7OWweH2FBw/hjkrhuihghfvu/1760947559/4402762/master.m3u8 HTTP/1.1\r\nHost: mivalyo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mivalyo.com/v/abh8f3lot3g8\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"HEAD"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:06:00 GMT\r\ncontent-type: application/vnd.apple.mpegurl\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0V2BQSJO%2B2eP%2BzaNGjEinlzesomyhv7JjDcrXhAqtSCUFfxdAGgXH3F0dHzNMoDkwz%2B%2FjbHU9uMolJxE6IyRcSgcvaZtI5fr%2B4Gt\"}]}\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9912e4bbacc00daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/vnd.apple.mpegurl","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":214,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":214,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/stream/JqM13Gx-A5iO7OWweH2FBw/hjkrhuihghfvu/1760947559/4402762/master.m3u8","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:06:00.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mivalyo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 07:27:07 GMT","end":"Tue, 23 Dec 2025 08:26:47 GMT"},"fingerprint":{"sha1":"C9:EA:7B:D7:92:AA:85:BD:03:49:A7:87:AA:FF:3B:FB:4E:EB:54:DF","sha256":"A5:A8:7B:E8:D7:E3:97:83:3F:E9:6F:66:15:D5:83:FB:85:3D:CE:FB:33:7C:6C:76:73:A6:17:E6:2D:DC:E6:C5"}}},"request":{"raw":"GET /stream/JqM13Gx-A5iO7OWweH2FBw/hjkrhuihghfvu/1760947559/4402762/master.m3u8 HTTP/1.1\r\nHost: mivalyo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/v/abh8f3lot3g8\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:06:00 GMT\r\ncontent-type: application/vnd.apple.mpegurl\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Lef1nprhz32K7I5uHpyZthLw6zE0yUtmQ%2B%2FEfp3C%2FpcrRaFDfn6Z3dd%2FOKq4fjOUGHA4P63Sq41uBJMY%2BUsRpx1DV1PzRoL%2BXB%2Bt\"}]}\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\ncf-ray: 9912e4bbcccb0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":283,"size_decoded":0,"mime_type":"application/vnd.apple.mpegurl","magic":"M3U playlist, ASCII text","md5":"194b6444925ccc0e0a2e5298c1bdbd3e","sha1":"f831c3522e3f306c659a639e86de089dab7ee133","sha256":"09921890a3cb5722cc861eb3f437880d11f6d1fab47abf02f9d2801d4cc2a36f","sha512":"f189f5e216ca04f8af888c39afcbc7e9cf43506b6113961543f8c856e574b7224007bd55ad019639d060fbd5b22995fdc2df92b68593bc35d33fb5b441321609","ssdeep":"","tlshash":"35d0c29eb43ee52a3420c8c949dc6216784a68fc098c6a74f08a00c889e6d342bba178","first_seen":"2025-09-09T12:45:33.149986Z","last_seen":"2025-10-19T20:06:35.00195Z","times_seen":2,"resource_available":false,"data":null}},"time_used":327,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":327,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p16-ad-sg.tiktokcdn.com/obj/ad-site-i18n-sg/202505195d0d5ec1b58bfcd445f0b8b5","fqdn":"p16-ad-sg.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.23.13.27","port":443,"asn":20940,"as":"Akamai International B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:06:02.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 07 Mar 2025 05:26:04 GMT","end":"Wed, 08 Apr 2026 05:26:03 GMT"},"fingerprint":{"sha1":"AB:A5:D2:DF:CE:6C:6D:AE:DD:36:C7:0F:CC:E1:32:1D:76:C7:35:C0","sha256":"75:76:14:5C:F5:BB:65:0D:C6:06:2B:2A:07:FA:50:AF:47:D8:3D:E9:63:80:10:B1:BA:42:B3:0B:51:AE:A7:9B"}}},"request":{"raw":"GET /obj/ad-site-i18n-sg/202505195d0d5ec1b58bfcd445f0b8b5 HTTP/1.1\r\nHost: p16-ad-sg.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://mivalyo.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 1155518\r\nimagex-fmt: png2png\r\nlast-modified: Sat, 18 Oct 2025 17:30:15 GMT\r\nnw-session-id: 2025101901301547D9C61F25CB597C6912pssgl12tt\r\nnw-session-trace: 2025-10-18T17:30:15.326596304Z 71\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-length: 1155518\r\nx-powered-by: ImageX\r\nx-response-date: Sat, 18 Oct 2025 17:30:15 GMT\r\nx-tt-logid: 2025101901301547D9C61F25CB597C6912\r\nx-request-ip: fdbd:dc53:5:567::13\r\nx-response-cinfo: fdbd:dc53:5:567::13\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 0126282891bc51fb24322ca3dc41539fa554b55e2312c22125d713edd015c3d1af02f0569a2aafb12b174476f23550884ee761501de5221a1af31c1601b38b910f28d016c6df6c3eb8ce34a71daaea63f7a7247437cdee7cecb905f3e262cf8b6a33c30c8fb568e939175e0cc94d68e4e71111ca753a08ad4273c1ea550e0fa0cc\r\nx-tt-trace-id: 00-2510200406027831E6C8DD854BB92506-4A2C4794304B3956-00\r\nserver: TLB\r\nx-origin-response-time: 287,23.192.47.212\r\ncache-control: max-age=31440253\r\ndate: Sun, 19 Oct 2025 20:06:02 GMT\r\nx-cache: TCP_MISS from a2-23-13-23.deploy.akamaitechnologies.com (AkamaiGHost/22.3.0-fcd174d50fb223c8364cec3c4b3f29c6) (-)\r\nx-cache-remote: TCP_MISS from a23-1-233-212.deploy.akamaitechnologies.com (AkamaiGHost/22.3.0-fcd174d50fb223c8364cec3c4b3f29c6) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=miss;type=static\r\nserver-timing: cdn-cache; desc=MISS, edge; dur=260, origin; dur=280, inner; dur=5\r\nx-parent-response-time: 526,23.1.233.212, 540,2.23.13.23\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1155518,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced","md5":"8c9cafd6b24719e5a20b69bef6e9cf05","sha1":"3a158aec65f48ebc57a523a6b693b234fc88de3b","sha256":"2a73aa148981e8f587c44fdc2002404909d11be0db82ff2cbd038013d557f131","sha512":"db2baa83f2d8a6f3b7ea7d52438f441bbdc2ea72ce37600a9603f734cdd8f071dcd4fbea82bcb9ba6dd154a0d51f0596dbfc5c77f0002035000df4d2430a7408","ssdeep":"24576:TQpqR92OZxzjBDBiHDoqrri0M620zEDFPDIHnFxINXgfqHVqg5AONXs:T4qRQ2zjfijo8rin7FPDIlxSXgf2Eg5Y","tlshash":"0925230d3bd42ceed85b1bd783185bb3a760dc94a2194f1519aabf48faf93c4c94112e","first_seen":"2025-09-09T12:45:33.112556Z","last_seen":"2025-10-19T20:06:35.00697Z","times_seen":2,"resource_available":false,"data":null}},"time_used":906,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":542,"receive":364,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/disable-devtool@0.3.7","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/disable-devtool@0.3.7 HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:05:57 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 6469\r\ncf-ray: 9912e4a7681e723c-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 0.3.7\r\nx-jsd-version-type: version\r\netag: W/\"4372-w4TGldenTh5CcrE/nVlC0PJNCZ0\"\r\ncontent-encoding: br\r\nx-served-by: cache-fra-eddf8230043-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 289882\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=DoMH4gvWdVPE7Z6TE0zaJ9F%2FlnGG6jEjlMNhs6z%2Fi0AWI3vgo9zU0rz%2FDnNCrwXxMbxinOJapS5qXDxISkW%2FI22iFFhspS9DqqfSYazYjH9sErJk607Quqq6zANw%2Fjk%2B0m0%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17266,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17245)","md5":"f71da0117b47fe056c382d44f7c1af53","sha1":"c384c695d7a74e1e4272b13f9d5942d0f24d099d","sha256":"2a741550c18b132b0ef573f818fc79d6c09169be71d538b968ceac551c178ad3","sha512":"3f0e1a1f193757f55530bc655d93d3b84a257a6dc0ebd3d9ecccb227f50a0ae3dd213bee4275b14554b9a76815b9dfa15f0447ab13e7dea7d2ec4de94734aef2","ssdeep":"192:m65oNqiwnCpJWhMpdhu8nPVOCzEtPi/BxsqaEGtxiAIxMwoMElkUik2K0GywNC:mJ3+CH7p+8nPVQtPGjsqAtcA8J2wziC","tlshash":"8672c5ccb5c3b07057b7aab9507f054ab2356d56888c8050b23e95f82c7856ec277f6d","first_seen":"2023-12-22T04:40:27Z","last_seen":"2026-03-29T07:03:56.99059Z","times_seen":1245,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":2,"dns":0,"connect":1,"send":0,"wait":13,"receive":1,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/v/abh8f3lot3g8","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:05:58.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mivalyo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 07:27:07 GMT","end":"Tue, 23 Dec 2025 08:26:47 GMT"},"fingerprint":{"sha1":"C9:EA:7B:D7:92:AA:85:BD:03:49:A7:87:AA:FF:3B:FB:4E:EB:54:DF","sha256":"A5:A8:7B:E8:D7:E3:97:83:3F:E9:6F:66:15:D5:83:FB:85:3D:CE:FB:33:7C:6C:76:73:A6:17:E6:2D:DC:E6:C5"}}},"request":{"raw":"GET /v/abh8f3lot3g8 HTTP/1.1\r\nHost: mivalyo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:05:59 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sat, 18 Oct 2025 20:05:59 GMT\r\nvary: accept-encoding\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dkT9P71ScChOTGvS63usGC57RxCNUfilsqem7B%2BG74wTo732HdAE1xpqJFQwl3vCU%2BHgD3DlnQpNUF3eNFFqupaKAiP6fu79Qpsf\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nset-cookie: lang=1; HttpOnly; Path=/; Domain=mivalyo.com\r\ncf-ray: 9912e4b32898c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16670,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (10440)","md5":"34e465d4e9f221045b61bb8cc89e15e8","sha1":"8776a3508690b4126b6c768b66c000759bbe6b03","sha256":"13f4ff597bc7b0683486b51a05fa8d941f8bf18bad42d14be366b015857fe197","sha512":"740afcb6a2e07cce02ae96b7eab0ba77fcf7a6f7ba5856e70701e06867be4a3bde1d9d3539435a8e27edbb766b38733645404be9e51b61957fa4767806e9132f","ssdeep":"384:AI+ixljqyv0BKLYdAa0JSy7IFeNo3qOvS3YvMnwZx:AI+ixBqysxAayIgNo6Hp4","tlshash":"83725bbae999c036c1610259b53fb20db6ff0530b935d410f2dde59a3b91bc4c5baa81","first_seen":"2025-10-19T20:06:35.01573Z","last_seen":"2025-10-19T20:06:35.01573Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1200,"timings":{"blocked":204,"dns":6,"connect":1,"send":0,"wait":788,"receive":0,"ssl":198},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:05:59.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 19 Oct 2025 20:05:59 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 845feb9231fd91db04e15e6440325dd2\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/js/jquery.min.js","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:05:59.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mivalyo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 07:27:07 GMT","end":"Tue, 23 Dec 2025 08:26:47 GMT"},"fingerprint":{"sha1":"C9:EA:7B:D7:92:AA:85:BD:03:49:A7:87:AA:FF:3B:FB:4E:EB:54:DF","sha256":"A5:A8:7B:E8:D7:E3:97:83:3F:E9:6F:66:15:D5:83:FB:85:3D:CE:FB:33:7C:6C:76:73:A6:17:E6:2D:DC:E6:C5"}}},"request":{"raw":"GET /js/jquery.min.js HTTP/1.1\r\nHost: mivalyo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/v/abh8f3lot3g8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:05:59 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Tue, 02 Mar 2021 21:27:20 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=llROjXYB4C9LYRLyCQoFHNAQaLxirWf1RnE2OsrsyRofNrytw3RC%2FPRJRrdJf0LraOTP30FWv4bjx2l9%2BAllRIBWh68CBaovhy0Z\"}]}\r\netag: \"603eadb8-15d9d\"\r\nexpires: Sun, 26 Oct 2025 03:42:35 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\nage: 59003\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9912e4b87c590daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89501,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-04T02:23:44.928154Z","times_seen":444674,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/js/jquery.cookie.js","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:05:59.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mivalyo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 07:27:07 GMT","end":"Tue, 23 Dec 2025 08:26:47 GMT"},"fingerprint":{"sha1":"C9:EA:7B:D7:92:AA:85:BD:03:49:A7:87:AA:FF:3B:FB:4E:EB:54:DF","sha256":"A5:A8:7B:E8:D7:E3:97:83:3F:E9:6F:66:15:D5:83:FB:85:3D:CE:FB:33:7C:6C:76:73:A6:17:E6:2D:DC:E6:C5"}}},"request":{"raw":"GET /js/jquery.cookie.js HTTP/1.1\r\nHost: mivalyo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/v/abh8f3lot3g8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:05:59 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Tue, 31 May 2011 09:53:56 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vrDUe%2FlITHSObNKPPxaQO2ACw1%2FlGJ0vV6jpziKejq7t72NpjCE%2BbdNYlPWCk73lJbjENqDz5s7wqIPpaFep0uPu8jPMMlkiOfRf\"}]}\r\netag: \"4de4bab4-10eb\"\r\nexpires: Sat, 25 Oct 2025 07:28:26 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\nage: 131853\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9912e4b88c5b0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4331,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"ae0c2c5d8f01f7d35bb698bb618a62f7","sha1":"63556a22ddea1c5f23a5cf7d0b6d35c7aab54e20","sha256":"75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc","sha512":"eac94ca9d884692af8bdf12aa6e902a3be4eed0772ad8f2932ac1c3328b83a7351cdf743a409bbc0a3cd385956c08d3203d51c572bb1680489e37330fe27a2bb","ssdeep":"96:L4BZxb64Ng7V8cNwpGylRCsKZcj1JXulL6M/aGByLskPSP4lBCClf1wgCyC:LQnb6eg7DgCsk8fgZJkPSPa+gCyC","tlshash":"2e91fd293a0d231d149353f57aee10c8a930d632216ad46c744cb6b06f00c63ddfbbea","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-04-02T14:58:36.908103Z","times_seen":4342,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/js/jquery.min.js","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:05:59.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mivalyo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 07:27:07 GMT","end":"Tue, 23 Dec 2025 08:26:47 GMT"},"fingerprint":{"sha1":"C9:EA:7B:D7:92:AA:85:BD:03:49:A7:87:AA:FF:3B:FB:4E:EB:54:DF","sha256":"A5:A8:7B:E8:D7:E3:97:83:3F:E9:6F:66:15:D5:83:FB:85:3D:CE:FB:33:7C:6C:76:73:A6:17:E6:2D:DC:E6:C5"}}},"request":{"raw":"GET /js/jquery.min.js HTTP/1.1\r\nHost: mivalyo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/v/abh8f3lot3g8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:05:59 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Tue, 02 Mar 2021 21:27:20 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BZvppkGiujKNtdQcTVQRMlCSYwRn4dHwy%2FFcI0JRu%2BNO5EqYeRieutvrCad%2B48Y9pwCPPWxk4Oj5b6G3ylxyOO%2FUaAq0AtITWjvT\"}]}\r\netag: \"603eadb8-15d9d\"\r\nexpires: Sun, 26 Oct 2025 03:42:35 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\nage: 59003\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9912e4b8ec660daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89501,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-04T02:23:44.928154Z","times_seen":444674,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/stream/JqM13Gx-A5iO7OWweH2FBw/hjkrhuihghfvu/1760947559/4402762/index-f1-v1-a1.m3u8","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:06:00.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mivalyo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 07:27:07 GMT","end":"Tue, 23 Dec 2025 08:26:47 GMT"},"fingerprint":{"sha1":"C9:EA:7B:D7:92:AA:85:BD:03:49:A7:87:AA:FF:3B:FB:4E:EB:54:DF","sha256":"A5:A8:7B:E8:D7:E3:97:83:3F:E9:6F:66:15:D5:83:FB:85:3D:CE:FB:33:7C:6C:76:73:A6:17:E6:2D:DC:E6:C5"}}},"request":{"raw":"GET /stream/JqM13Gx-A5iO7OWweH2FBw/hjkrhuihghfvu/1760947559/4402762/index-f1-v1-a1.m3u8 HTTP/1.1\r\nHost: mivalyo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/v/abh8f3lot3g8\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:06:00 GMT\r\ncontent-type: application/vnd.apple.mpegurl\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xGYK0p0eDfOhIH5HQax3Nd3Fnofq8aM1dL7xJcXkUXpJmn08UFv2MQSTlZvGeKM%2BtCqA366LlnOn%2BrWygt8OK9GdlfUVvowJybyu\"}]}\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\ncf-ray: 9912e4bddd390daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30335,"size_decoded":0,"mime_type":"application/vnd.apple.mpegurl","magic":"M3U playlist, ASCII text","md5":"44d75ef55bb1186e5a3afe2d19776760","sha1":"55aab43313c8d33ec31945f6ba4226bcee403ae3","sha256":"a655ad7fe77bbe3c5359ad1daf319c2e8c408e3734a5f855f40e47f4bc0c3add","sha512":"f38df2e9129a328c0bc6d38152f75025370f2b23a4eb530cbb963676bfc7428b9bb8ab6dbb3d26a04faddcebcd05dc82255e833dbf049edd7f48e6a79818e415","ssdeep":"192:TCiwhphA4S/OcN0rCiUD6oNoVh3CGTFkfQDw:TxwJTKUCGTFTw","tlshash":"6ad2b6bede46318c6a8d0c54b771b4a89562fb7ffcf466c8a584a2f90cb0c97d52081d","first_seen":"2025-10-19T20:06:35.029688Z","last_seen":"2025-10-19T20:06:35.029688Z","times_seen":1,"resource_available":false,"data":null}},"time_used":458,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":214,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/utility/default/robot/2/img/banner.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:06:00.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/utility/default/robot/2/img/banner.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:06:00 GMT\r\ncontent-type: image/png\r\ncontent-length: 29534\r\nserver: cloudflare\r\nlast-modified: Tue, 08 Apr 2025 16:16:11 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"67f54bcb-735e\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 2222612\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F7LM%2BncL0MVa2FId7JJuosHwkMVueiOeDNQOpOghOL8a0DSyQtgIbsDWZiqheUBrZBSVav4daexVD%2BR0BbRz7Hm1RgvK5qSsnfcJWf4e\"}]}\r\ncf-ray: 9912e4be5dfe56a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29534,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 400, 8-bit colormap, non-interlaced","md5":"563e092f6677dac51659d62dccd159bf","sha1":"d04ac2cbce54e7c4849bbe28ecef94b464f3246e","sha256":"9d9611a42fcdbfd80c5d0774a743891691d0a09ce3c9830ceab54e920dbb64e1","sha512":"c2e1135a6b532df9332a2cc53477df0f3a2e69be2b45ab5ced0d764b977b6bc4b1362775957b96c5ae7862c73dbcbfb07f115074f3b554ea1ec8ff3afe2f1dc8","ssdeep":"768:ftP+gBsKWXjW1Mg3j/xQkRSP8d2iOF4aI:12gBsnXiH3tkUoo","tlshash":"a1d2e1512e22c71b09c92debbe15d8f6f8617da7f835692d201db2ac906639fc2501dc","first_seen":"2025-07-06T07:29:12.195371Z","last_seen":"2026-03-16T08:29:14.392987Z","times_seen":1144,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":29,"dns":1,"connect":4,"send":0,"wait":11,"receive":1,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=519\u0026rd=519\u0026fd=109\u0026bv=25.10.2289\u0026tmpl=70","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:05:58.701Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=519\u0026rd=519\u0026fd=109\u0026bv=25.10.2289\u0026tmpl=70 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 19 Oct 2025 20:05:59 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":675,"timings":{"blocked":288,"dns":1,"connect":93,"send":0,"wait":97,"receive":0,"ssl":194},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/7e/d7/d7/7ed7d7480d354d6a5551c0d1dea04047.js","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:05:58.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /7e/d7/d7/7ed7d7480d354d6a5551c0d1dea04047.js HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 19 Oct 2025 20:05:59 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 32675\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 4e9d91d3c1a1a3278600a87988103309\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":84163,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"1ac85c7089591ad3d3b94f5016c668f0","sha1":"67cabc1681d576452a972e808bbd1e6a015d7571","sha256":"345bd9b2d9452e8d23a367e77ee884dafe12a5749c0bca870f2b6d6e9e4adec0","sha512":"353afb9ecb1209f7b39fb71264eeab353357b3ee0f1a36e03dcb3736f84ec99903e32efc5f7e17394e307cb87f978602a88007d926d8f269e7caf433b2de22e8","ssdeep":"1536:UXasDEFAkM9IWf3pDTf0zpxftTgA4VEIaU44Ru37oIXDWeGXMtb4cnSzB:2Dxk4+BgA4VEIaU44McBeGXMtb4/","tlshash":"a083f948bb82b869425630ba332ff01af15a4c421de8d454dc57f8d96fb8b1de637e24","first_seen":"2025-10-19T20:06:35.036129Z","last_seen":"2025-10-19T20:06:35.036129Z","times_seen":1,"resource_available":true,"data":null}},"time_used":751,"timings":{"blocked":278,"dns":1,"connect":92,"send":0,"wait":97,"receive":93,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:05:58.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:07:02 GMT","end":"Sat, 29 Nov 2025 00:07:01 GMT"},"fingerprint":{"sha1":"AD:4F:15:9E:60:62:A7:16:BA:4B:37:64:C6:01:6B:2B:99:47:89:BE","sha256":"44:74:EA:98:35:48:9C:28:63:20:61:17:18:F6:2B:0A:57:68:36:F4:EF:B0:67:1E:C0:7C:41:30:13:2C:02:F1"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 19 Oct 2025 20:05:58 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e23c1cb72c054ffcd4533c92713d9a4d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"site-assets.fontawesome.com/releases/v6.1.1/webfonts/fa-light-300.woff2","fqdn":"site-assets.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"104.18.40.68","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 23 Aug 2025 21:04:01 GMT","end":"Fri, 21 Nov 2025 22:03:57 GMT"},"fingerprint":{"sha1":"CC:FF:C9:AB:7D:4F:0E:BD:2F:0D:51:59:D6:60:F9:CD:7D:68:E5:4B","sha256":"EF:79:B2:3F:26:48:FD:84:D5:42:BF:1E:35:73:D2:4A:8A:DB:54:C5:37:B0:F6:75:31:FE:6A:BC:D5:8A:F4:C2"}}},"request":{"raw":"GET /releases/v6.1.1/webfonts/fa-light-300.woff2 HTTP/1.1\r\nHost: site-assets.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mycima.page\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://site-assets.fontawesome.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:05:57 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 424536\r\ncf-ray: 9912e4ac396956c5-OSL\r\nx-amz-id-2: /BrRvxlLlUXK3/+Py7PsQMJxBQh0UZlLmXbyGuhCGN6xLklO1O86eBYA3UcMpr2S2jkE9qug1m/D3fnld88F9ZNSjTE3A8pO\r\nx-amz-request-id: 2D7CRGW3TWBKHZ40\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 3000\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding\r\nlast-modified: Tue, 22 Mar 2022 15:42:55 GMT\r\netag: \"b7412eb0b0d0a37deffbb70250b4011d\"\r\ncache-control: public, max-age=31556926\r\naccept-ranges: bytes\r\nage: 9015\r\nexpires: Tue, 20 Oct 2026 01:54:43 GMT\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":424536,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 424536, version 769.768","md5":"b7412eb0b0d0a37deffbb70250b4011d","sha1":"b89ad9dfe0720d47eb134b6a32806f185cc12ee3","sha256":"515954fe1dc163277d36b51f79fe56265f6b6cf79f99e307bbf6e52b477b9c87","sha512":"c5dae743bad81c8cfcd0a2601a2cd3bbcd2309c585e2d1adfe29c0080a164f7765dc195e8888eafe0f74440e36c0935c2e9cf79fc2403356746b250644e3f945","ssdeep":"12288:KkKyDxLL2erLD0ZAvB71RJ8zfLtZI4M5zLs6:99rv0WB7omH","tlshash":"369423b1c45e589f1f2c51b183406b4a43d46ac8e24cbe360b32bdee797fd1095a63a7","first_seen":"2023-04-15T00:32:17Z","last_seen":"2026-04-03T15:15:32.275446Z","times_seen":3243,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"site-assets.fontawesome.com/releases/v6.1.1/webfonts/fa-regular-400.woff2","fqdn":"site-assets.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"104.18.40.68","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 23 Aug 2025 21:04:01 GMT","end":"Fri, 21 Nov 2025 22:03:57 GMT"},"fingerprint":{"sha1":"CC:FF:C9:AB:7D:4F:0E:BD:2F:0D:51:59:D6:60:F9:CD:7D:68:E5:4B","sha256":"EF:79:B2:3F:26:48:FD:84:D5:42:BF:1E:35:73:D2:4A:8A:DB:54:C5:37:B0:F6:75:31:FE:6A:BC:D5:8A:F4:C2"}}},"request":{"raw":"GET /releases/v6.1.1/webfonts/fa-regular-400.woff2 HTTP/1.1\r\nHost: site-assets.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mycima.page\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://site-assets.fontawesome.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:05:57 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 388900\r\ncf-ray: 9912e4ac396a56c5-OSL\r\nx-amz-id-2: kUNhwNBanQSNJYOgaehOPXDIpo6Rs3xNVDk/1yj3/bALYJ0YiBD6L4uFGhxsNMPKg9fVy72rL6OFYdPsoSxpDg==\r\nx-amz-request-id: 2D7BW95HC4V5TFZP\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 3000\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding\r\nlast-modified: Tue, 22 Mar 2022 15:42:55 GMT\r\netag: \"a927362a975051e5d7361d860d8ffba7\"\r\ncache-control: public, max-age=31556926\r\ncf-cache-status: HIT\r\nage: 9015\r\nexpires: Tue, 20 Oct 2026 01:54:43 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":388900,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 388900, version 769.768","md5":"a927362a975051e5d7361d860d8ffba7","sha1":"6b97f2ea63d6e7e04006d0366b87697fb4a594d0","sha256":"121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e","sha512":"aa2a13e377d7079ab805ba67f2c3d013d38864b8ca0f47349559a99ba2a64fc937e0b33a82445c38e322d413a5da5a21146ffba7db7329f4cfe46e7adc142ad6","ssdeep":"6144:RYYFamiEXWy7gNtlIg/TWPJDg9+u5+BKhDnlKwLhsiXqU1af8vl1zMelmm5uBJ3F:PFamBXWxlIgaPJk9h+BKlKYhsiXpaf86","tlshash":"7d8423a830e3b528f886f6e7d26bfcc246577766a7348071b10f534ab312b56911ed0e","first_seen":"2023-04-07T17:29:43Z","last_seen":"2026-04-03T19:20:48.19473Z","times_seen":5886,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"delaybagelblur.com/51/3e/37/513e377770ba6c350ddd09d0a3200305.js","fqdn":"delaybagelblur.com","domain":"delaybagelblur.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"delaybagelblur.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 08:07:17 GMT","end":"Tue, 25 Nov 2025 08:07:16 GMT"},"fingerprint":{"sha1":"3C:2A:BE:2E:C2:52:DE:66:B2:46:5E:FA:4E:96:A1:7A:8B:77:AB:12","sha256":"9D:50:0A:50:86:87:5E:84:A5:D7:18:03:58:D6:E7:5B:70:6A:30:EE:05:78:EC:31:F9:14:63:5A:EC:6F:C0:4B"}}},"request":{"raw":"GET /51/3e/37/513e377770ba6c350ddd09d0a3200305.js HTTP/1.1\r\nHost: delaybagelblur.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 19 Oct 2025 20:05:57 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 38808\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: delaybagelblur.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ca994126150491d6c24e8a3bfa052e7f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":108509,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"f652600a60b84a72e60141cf8fe08f1c","sha1":"dc05f97d1f7cc6f2be9fce414c243f43d70dbb70","sha256":"2d4a9ccd5958f5da7325d97d242ba355a5ff7fbcdbdc270ff37b4e9bc84d276c","sha512":"0182842c8a90ba9b96331d5a0b1542de7f78005e93deacd9212aaa0a1ffc87c0ff7c93207c1269de6267bf39680e70c6ec2fdfeec176810b305f4e3e5f51124b","ssdeep":"1536:96VClg42zlOOJeH708AqNEiYNfNDlMMugC:O42dEOqofNDlMD","tlshash":"36b3c7483f80f1ac0267a073123fa55af1298e4e519cd25cf342e8f45dad796f93ab64","first_seen":"2025-10-19T20:06:35.043191Z","last_seen":"2025-10-19T20:06:35.043191Z","times_seen":1,"resource_available":true,"data":null}},"time_used":794,"timings":{"blocked":294,"dns":14,"connect":92,"send":0,"wait":102,"receive":93,"ssl":195},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"delaybagelblur.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"delaybagelblur.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"delaybagelblur.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:05:57 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 27958\r\ncf-ray: 9912e4a7785d0b49-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb09ed3-15d84\"\r\nlast-modified: Mon, 04 May 2020 23:01:39 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1041482\r\nexpires: Fri, 09 Oct 2026 20:05:57 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=%2BbFHDbbp2EtCOayOZet0PvrUIXLWWafnqUkfAih4g0BwNaHCkdayVx3yg3ynmiw3mHBNfuHWcajDaVq%2BLJL7NGJfdIMCqYvXJoThaC6aNj8%2F7yJUzoT5sehhIkqWxVpkY%2BfBMk9A\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":89476,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-04-04T02:31:27.874616Z","times_seen":217437,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":16,"receive":2,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/tajawal/v3/Iurf6YBj_oCad4k1l5anHrFpiQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mycima.page\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 10580\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 16 Oct 2025 12:07:16 GMT\r\nexpires: Fri, 16 Oct 2026 12:07:16 GMT\r\ncache-control: public, max-age=31536000\r\nage: 287921\r\nlast-modified: Tue, 16 Jul 2019 03:31:01 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10580,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 10580, version 1.0","md5":"245d8f75ea8c5799e5de85a8a7bd4172","sha1":"7f546a6c551e87bb224124789c11fdb2f6429479","sha256":"2f96f4fd6fe569f64e044e0409274b2f2d79976497a9b275deb497dbbfc542b0","sha512":"1fb975a2f3d585341ca7527ccf3365ae1e870d25bac28fdee43bc4cca17da6c537a04d4d9ffb76bd0427c9f10e18e0f88ef413c338e53b823abd1e602b579e9c","ssdeep":"192:POQ7lMaChfz3dLB+J/C9ZPCF6Gld5+TWSrrYDOXgE2K/KN59lRiK9Ujmh/:T7lfCZzKJ/C9IsGHg+AgEJ/W5zUK9Uji","tlshash":"5e22c08a119e9469e1c5c9b72ce650b724d6c3a3b367dff685049e7d3e2ac004d2075e","first_seen":"2023-05-07T18:59:16Z","last_seen":"2026-03-30T23:23:37.242691Z","times_seen":197,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"delaybagelblur.com/14/c9/2e/14c92e452cdd222d9945b23d5999913a.js","fqdn":"delaybagelblur.com","domain":"delaybagelblur.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:05:58.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"delaybagelblur.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 08:07:17 GMT","end":"Tue, 25 Nov 2025 08:07:16 GMT"},"fingerprint":{"sha1":"3C:2A:BE:2E:C2:52:DE:66:B2:46:5E:FA:4E:96:A1:7A:8B:77:AB:12","sha256":"9D:50:0A:50:86:87:5E:84:A5:D7:18:03:58:D6:E7:5B:70:6A:30:EE:05:78:EC:31:F9:14:63:5A:EC:6F:C0:4B"}}},"request":{"raw":"GET /14/c9/2e/14c92e452cdd222d9945b23d5999913a.js HTTP/1.1\r\nHost: delaybagelblur.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 19 Oct 2025 20:05:58 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 38443\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 7\r\nHost: delaybagelblur.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 2e13a0648620bb3129c49e6bd690c4f1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":106642,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"db2ce5664b6626ae4a15918cf6559b79","sha1":"2e72d48c853afb70676b2e51a5f3bf76f1ef1708","sha256":"fafcb17b67c5adab46fc0dee0f4e2a2559c8501d278f055ed72b80a6305039f4","sha512":"078892b4aff3264d962d8f1167738b6c9428a2fe90a3118420f3b3ace5c781b53a47dba186f5007931af0882294cd8d525fe4d3a6b66fc4cb73afbd98d623c34","ssdeep":"1536:RwaDYewrZykjTzY67ytOUS5VlIXga6kSFf02mdBV4mCzCgiA0eQpE0I9iRrvQ:xnkT9RCgZ0eQp29iRrvQ","tlshash":"4ba3a4883f40f17d0796b47a323fa61af0791a01509cd69cf107f1a8ae6674ab43fe65","first_seen":"2025-10-19T20:06:35.055899Z","last_seen":"2025-10-19T20:06:35.055899Z","times_seen":1,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"delaybagelblur.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"delaybagelblur.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"delaybagelblur.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mycima.page\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 9864\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 16 Oct 2025 11:56:20 GMT\r\nexpires: Fri, 16 Oct 2026 11:56:20 GMT\r\ncache-control: public, max-age=31536000\r\nage: 288577\r\nlast-modified: Tue, 16 Jul 2019 03:31:06 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9864,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 9864, version 1.0","md5":"9751651b345afc0e49ca1a302c19a294","sha1":"05393c6e747f5e8a3c7fbee5fe15cad4c80837e1","sha256":"d5aa3e4c58493f8d3693be4962e94e08d14e178ef4f0be2a27369a8813498e54","sha512":"51ce004b61d11f3f96c1489049f88358362f1e6d5233726c553feae6b7f5dc67769216abc8c6d54330bce4e8e77ed0e15ce0df71cf68d75c510a1b7373cc5b32","ssdeep":"192:/QQ+nwTWyYxIsE5xhxSIzXMwl1AAKc8GvS+43Zd/PwFuFcKMFVNL:/T+nwHNhIIz8wtK0z4fPwqcxDp","tlshash":"d612bf9b22055e2d48664fbce3c3828257eb15f15827d4ba97a14344dcedac7f122c1d","first_seen":"2023-05-06T09:49:57Z","last_seen":"2026-04-03T17:29:03.091277Z","times_seen":579,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":82,"dns":1,"connect":7,"send":0,"wait":8,"receive":1,"ssl":71},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/player/jw8/provider.hlsjs.js?v=42","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:06:00.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mivalyo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 07:27:07 GMT","end":"Tue, 23 Dec 2025 08:26:47 GMT"},"fingerprint":{"sha1":"C9:EA:7B:D7:92:AA:85:BD:03:49:A7:87:AA:FF:3B:FB:4E:EB:54:DF","sha256":"A5:A8:7B:E8:D7:E3:97:83:3F:E9:6F:66:15:D5:83:FB:85:3D:CE:FB:33:7C:6C:76:73:A6:17:E6:2D:DC:E6:C5"}}},"request":{"raw":"GET /player/jw8/provider.hlsjs.js?v=42 HTTP/1.1\r\nHost: mivalyo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/v/abh8f3lot3g8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:06:00 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NbDEA4TTbZ4FPMZ2EJuxpl3%2FPHfZZepJLn9Sa5n3KHmn4tQE%2BVDxaB06DHbCi4PeqSw0PCFdlCRgywkmQpMU9kUX3KE0JEs9NuIf\"}]}\r\nlast-modified: Fri, 28 Mar 2025 05:48:27 GMT\r\netag: \"70ac0-631609e8e20c0\"\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\nage: 3529\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9912e4ba0c930daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":461504,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65501)","md5":"b88ce761b9ebc2a7859a2e03b33ce1ed","sha1":"70d94f3c48460af13fc14eea9e5969f8f28d1a3a","sha256":"0b009d01bf513b1059d8ee15e1a8b57faeb5f8066c0f47d2cf8e1dd2454e5b28","sha512":"0bf83a6b3d8d20918df3ecfd29f7016549a8d8c8cc4aa439018295d55ebf7e136397e0fca72ae0e4bc9eebcd3384261c9a4a492b6e4d43e1fc1acd3ce872c24a","ssdeep":"6144:Fy9gZtOSTvzXBukG/xu08Q9Eu961Q3/nqJxgEMLew9rrqwZk6:MyvvG/xu0pU1cqJxgEIZF","tlshash":"aca43bdd77a5a42642c2a1a5903f4607633b7d0a340dc1acfa2be9d75db8849b03bf74","first_seen":"2025-04-01T21:32:19.721472Z","last_seen":"2026-04-02T13:28:52.612627Z","times_seen":602,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/notifications/utility/default/robot/2/index.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:06:00.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Oct 2025 15:30:46 GMT","end":"Tue, 06 Jan 2026 16:29:13 GMT"},"fingerprint":{"sha1":"CE:BB:4F:68:2C:89:90:90:9F:0D:E4:DC:37:55:B5:DC:41:49:D6:F9","sha256":"52:3F:5E:43:C5:77:DF:EF:E5:AE:11:CA:C1:74:9E:6B:A8:63:B6:7A:C9:7F:8F:58:EF:05:C6:35:2F:C7:D2:9B"}}},"request":{"raw":"GET /sb/notifications/utility/default/robot/2/index.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sharevid.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:06:00 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Tue, 08 Apr 2025 16:16:07 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5%2FSmNnBaHjyyeafJOZvBhjymo7FW4Z6tl7g4km7msm%2F0CH7W3wAKUFDCFh%2B%2F4d0bnLfhlYevLFLWo71mmV3u%2Fgj4Rd6QJxbTSqsXgI4%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9912e4bc6a830b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":1331,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"6d925fca1f3623368e2c47f8ac18ea89","sha1":"3dc674f220a7ad1fa502fdd4bf353f836ece2c75","sha256":"34c0988a0d6428e37eab062e19df5661d32e9f8d11704ba50f78cdc430299712","sha512":"380f03a62b612643a9e5c252357c2bba326dd657460a03a292ad1a01e888d9390a5fc107f3cde290e3a011a1608f2253e0496703b1d474e4bf098dfa94802aca","ssdeep":"","tlshash":"7f214b4e3dadd57215c391563b702f6aa88ad6cfd90b9440b3fc4d508bd6b81cd43207","first_seen":"2025-07-06T07:29:12.190766Z","last_seen":"2026-03-16T08:29:14.378545Z","times_seen":1162,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":22,"dns":0,"connect":1,"send":0,"wait":117,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:300,400,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:06:00.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:42:00 GMT","end":"Mon, 15 Dec 2025 08:41:59 GMT"},"fingerprint":{"sha1":"E9:4F:AE:49:69:8C:15:95:B2:F7:9C:C0:6F:DA:FF:C6:06:1A:22:46","sha256":"89:56:CA:FF:85:BC:CA:ED:64:3B:13:28:77:62:7B:0C:FD:25:AB:78:F3:7E:B5:34:21:E4:79:F2:F9:D2:8C:E7"}}},"request":{"raw":"GET /css?family=Roboto:300,400,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 19 Oct 2025 20:06:00 GMT\r\ndate: Sun, 19 Oct 2025 20:06:00 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"a90fc2bf15e304ef3fa4e7f75b6a8608","sha1":"0f8c2853b49a7c206d75af99117482d80a60f869","sha256":"6e10be4b6befecf6f3d1ae34b727939e6da334a1f2d815fd325ba9c455520772","sha512":"0d1a14e11c436dadf51cc489592867eaff3cae2c4a95748d2a25614c984560ad3588fb95e2aaafd4060d4954594951d09e71ab36e9859fb8590198811f156fc4","ssdeep":"384:pwf5wgwPwrwyUw/qY4+w4wYwpwfMw1wWw6wyhw/qY4XwNwtw4wfdwkwDw3wyQw/P:pc70afUQRptmJKBLfhQE8YTYHw+fQQVl","tlshash":"b472ed91041700009b835ce223cebf35fe5f92117141d0b9abfd9b6badcbc6652693ad","first_seen":"2025-09-08T23:24:40.129975Z","last_seen":"2025-11-18T23:33:55.863403Z","times_seen":3582,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.125.32.186","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:06:00.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sharevid.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nCookie: uid_id2=a11b0847-7f13-4f2d-a938-83530f8cdc0d:3:1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:06:00 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://sharevid.online\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"3cdf270850d7f16830926cabf20dc51a","sha1":"e3e558c37fa39e38b6f7e95b99f7291fd96740dd","sha256":"3f66026370b73f1ccc2a2a15e6bdb6e28668d401d6b5bbead72f3fb78f83a7d5","sha512":"afd0e83545c0d7df3a0329778616ab252a44b61e7a4f308194014121236a33bb471ed6d6758160890b37d5631ee6bbeadae91593d854cc8fda7bb1e017b35be9","ssdeep":"","tlshash":"1990041043117110135704401c141fd353100f3d1c377331cc4cd4350c04757c315001","first_seen":"2025-10-19T20:06:34.926025Z","last_seen":"2025-10-19T20:06:34.926025Z","times_seen":1,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Righteous\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:42:00 GMT","end":"Mon, 15 Dec 2025 08:41:59 GMT"},"fingerprint":{"sha1":"E9:4F:AE:49:69:8C:15:95:B2:F7:9C:C0:6F:DA:FF:C6:06:1A:22:46","sha256":"89:56:CA:FF:85:BC:CA:ED:64:3B:13:28:77:62:7B:0C:FD:25:AB:78:F3:7E:B5:34:21:E4:79:F2:F9:D2:8C:E7"}}},"request":{"raw":"GET /css2?family=Righteous\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 19 Oct 2025 20:05:57 GMT\r\ndate: Sun, 19 Oct 2025 20:05:57 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":851,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"86d554f1a8fd02c121416c2535dbe844","sha1":"cbc3d18bb4d6f7238561f047584dfae4afd3c830","sha256":"93c76d30d5249ab23d9d6d7f4e824160e4248d9d7446d1f2f96bc9dd03bfd008","sha512":"da06a66be286aa79b77e292af0910d9486d241132692e0b5d6becca468adf79db111f1a8d61a1837e83c98ee5de215b2ea5dd9c7eb55036b916bb2f4d7fa1219","ssdeep":"","tlshash":"0c011ec1086b9240dbd74cca12cebe36ee0e72502481e834affd1488fcdac664312b1e","first_seen":"2025-06-11T21:33:44.954996Z","last_seen":"2026-04-01T23:33:59.233269Z","times_seen":389,"resource_available":false,"data":null}},"time_used":463,"timings":{"blocked":163,"dns":1,"connect":17,"send":0,"wait":117,"receive":0,"ssl":162},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"site-assets.fontawesome.com/releases/v6.1.1/webfonts/fa-brands-400.woff2","fqdn":"site-assets.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"104.18.40.68","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 23 Aug 2025 21:04:01 GMT","end":"Fri, 21 Nov 2025 22:03:57 GMT"},"fingerprint":{"sha1":"CC:FF:C9:AB:7D:4F:0E:BD:2F:0D:51:59:D6:60:F9:CD:7D:68:E5:4B","sha256":"EF:79:B2:3F:26:48:FD:84:D5:42:BF:1E:35:73:D2:4A:8A:DB:54:C5:37:B0:F6:75:31:FE:6A:BC:D5:8A:F4:C2"}}},"request":{"raw":"GET /releases/v6.1.1/webfonts/fa-brands-400.woff2 HTTP/1.1\r\nHost: site-assets.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mycima.page\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://site-assets.fontawesome.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:05:57 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 105768\r\ncf-ray: 9912e4ab685356c5-OSL\r\nx-amz-id-2: S7kxDCmXpN/832fg6EqRaVDL0Vaq4iTxfTFSCV7wAzV35hW36Yn9CuPyT28+PbOadHwZBZJdp3s=\r\nx-amz-request-id: 2D7EPYYS64Q3P291\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 3000\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding\r\nlast-modified: Tue, 22 Mar 2022 15:42:55 GMT\r\netag: \"ea24446014ea86d85129883a9511629f\"\r\ncache-control: public, max-age=31556926\r\naccept-ranges: bytes\r\nage: 9015\r\nexpires: Tue, 20 Oct 2026 01:54:43 GMT\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":105768,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 105768, version 769.768","md5":"ea24446014ea86d85129883a9511629f","sha1":"90fe0513c6a0ff1d8f564ec782fa54b559e7d3f8","sha256":"3701cbff3acccd80b1f2eede4311050514f7a64c2039eb77a77368fcd6e3de28","sha512":"e74fb5c9695d374de27fa93fe23ca771f499c93e387afdb443b8e6206122286eefdaa781d6704e71517d1c3d268d2bc0c66a52dfe443ce83dfa9b07819f0a426","ssdeep":"3072:brZ7WPxReYz0qE/GnTLcS86PNo5gL47hSHRZM:bRWPxRDziQkSrNugL4sbM","tlshash":"f8a3128905fe04fdd817d63c6f4d6d40b230ee325c5fc0668c3b429a225b78a6a1bb39","first_seen":"2023-04-07T16:36:25Z","last_seen":"2026-04-03T03:08:02.41264Z","times_seen":4398,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":23,"receive":4,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/js/jquery.cookie.js","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:05:59.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mivalyo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 07:27:07 GMT","end":"Tue, 23 Dec 2025 08:26:47 GMT"},"fingerprint":{"sha1":"C9:EA:7B:D7:92:AA:85:BD:03:49:A7:87:AA:FF:3B:FB:4E:EB:54:DF","sha256":"A5:A8:7B:E8:D7:E3:97:83:3F:E9:6F:66:15:D5:83:FB:85:3D:CE:FB:33:7C:6C:76:73:A6:17:E6:2D:DC:E6:C5"}}},"request":{"raw":"GET /js/jquery.cookie.js HTTP/1.1\r\nHost: mivalyo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/v/abh8f3lot3g8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:05:59 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Tue, 31 May 2011 09:53:56 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wjgjRfi35EhPOeC2zkm%2BEkwlSOBUY41fGGPQ%2BAmFJm539fYGbE9D9ZSHxV%2BxOJ9pJpQp6%2B%2Fa8%2F9TJm7Gi%2FiYPj7jzBJVB%2FvufxNB\"}]}\r\netag: \"4de4bab4-10eb\"\r\nexpires: Sat, 25 Oct 2025 07:28:26 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\nage: 131853\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9912e4b93c730daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4331,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"ae0c2c5d8f01f7d35bb698bb618a62f7","sha1":"63556a22ddea1c5f23a5cf7d0b6d35c7aab54e20","sha256":"75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc","sha512":"eac94ca9d884692af8bdf12aa6e902a3be4eed0772ad8f2932ac1c3328b83a7351cdf743a409bbc0a3cd385956c08d3203d51c572bb1680489e37330fe27a2bb","ssdeep":"96:L4BZxb64Ng7V8cNwpGylRCsKZcj1JXulL6M/aGByLskPSP4lBCClf1wgCyC:LQnb6eg7DgCsk8fgZJkPSPa+gCyC","tlshash":"2e91fd293a0d231d149353f57aee10c8a930d632216ad46c744cb6b06f00c63ddfbbea","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-04-02T14:58:36.908103Z","times_seen":4342,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Fcss%2Fstyle.css\u0026l=5648\u0026fd=135","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:06:00.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Fcss%2Fstyle.css\u0026l=5648\u0026fd=135 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nCookie: uid_id2=a11b0847-7f13-4f2d-a938-83530f8cdc0d:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27452573=1; slec7ed7d7480d354d6a5551c0d1dea04047=[6233296]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 19 Oct 2025 20:06:00 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":189,"timings":{"blocked":89,"dns":0,"connect":0,"send":0,"wait":99,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=a11b0847-7f13-4f2d-a938-83530f8cdc0d\u0026eb=b4a1e9e656c69793df2b2d859c4669eb\u0026te=69580d858476b72643a9c5b309837f4c\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=1\u0026pk=14c92e452cdd222d9945b23d5999913a\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=20","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:06:01.139Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=a11b0847-7f13-4f2d-a938-83530f8cdc0d\u0026eb=b4a1e9e656c69793df2b2d859c4669eb\u0026te=69580d858476b72643a9c5b309837f4c\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=1\u0026pk=14c92e452cdd222d9945b23d5999913a\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=20 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 19 Oct 2025 20:06:01 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 2\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 35d366a6961a9488c922b99faa4dd540\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":674,"timings":{"blocked":288,"dns":4,"connect":93,"send":0,"wait":97,"receive":0,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amt3.com/5/9615333/?oo=1\u0026js_build=iclick-v1.1598.0\u0026userId=080267ef0039425af136bd777cf83539\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=1","fqdn":"amt3.com","domain":"amt3.com","tld":"com"},"ip":{"addr":"139.45.195.9","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:06:01.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"amt3.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Sep 2025 05:18:13 GMT","end":"Sun, 28 Dec 2025 05:18:12 GMT"},"fingerprint":{"sha1":"07:CE:BC:65:68:14:E9:3D:A9:36:B2:F9:9B:EA:24:70:92:ED:15:21","sha256":"7E:B5:03:72:AF:6E:A6:99:87:96:AD:4D:D5:AA:4C:88:B3:63:32:D8:27:9F:0C:82:05:6A:40:FC:4F:1F:87:51"}}},"request":{"raw":"POST /5/9615333/?oo=1\u0026js_build=iclick-v1.1598.0\u0026userId=080267ef0039425af136bd777cf83539\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=1 HTTP/1.1\r\nHost: amt3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2586\r\nOrigin: https://mivalyo.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Sun, 19 Oct 2025 20:06:01 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://mivalyo.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":205,"timings":{"blocked":87,"dns":0,"connect":26,"send":0,"wait":31,"receive":0,"ssl":58},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"amt3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:57.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 19 Oct 2025 20:05:57 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 171b0c52e41b4c567baf956a9c16368f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":165,"timings":{"blocked":57,"dns":1,"connect":17,"send":0,"wait":32,"receive":18,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycima.page/wp-content/uploads/2025/10/cropped-cropped-mycima-32x32.png","fqdn":"mycima.page","domain":"mycima.page","tld":"page"},"ip":{"addr":"104.21.85.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mycima.page/%D9%85%D8%B3%D9%84%D8%B3%D9%84-dexter-%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85-%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9-%D8%A7%D9%84%D8%AD%D9%84%D9%82%D8%A9-3-%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9-%D9%85/","date":"2025-10-19T20:05:58.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycima.page","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 14:20:04 GMT","end":"Sat, 17 Jan 2026 15:17:32 GMT"},"fingerprint":{"sha1":"1E:85:F7:D5:D8:82:49:4C:C1:88:93:C8:CE:79:1B:D7:2B:A3:D1:A6","sha256":"41:D8:77:B3:D8:93:7A:56:F6:A0:00:8C:38:A6:BC:DC:93:93:B9:B0:2D:19:67:8B:1A:BB:F1:73:F0:B6:7C:E4"}}},"request":{"raw":"GET /wp-content/uploads/2025/10/cropped-cropped-mycima-32x32.png HTTP/1.1\r\nHost: mycima.page\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_KKSM1SN99C=GS2.1.s1760904358$o1$g0$t1760904358$j60$l0$h0; _ga=GA1.1.162558689.1760904358; pp_main_513e377770ba6c350ddd09d0a3200305=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:05:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 757\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6nb0wv%2FkXmA67iccbwjXyIoVHMjvdbriuQbGRVWMgstzERH7cPsKMLS1QVzL2BOfwEPP1oBrxEN2BBc%2FzG72Ib3YEP3EYKN1pQ%3D%3D\"}]}\r\nlast-modified: Wed, 08 Oct 2025 18:19:10 GMT\r\netag: \"68e6ab1e-2f5\"\r\nreferrer-policy: no-referrer\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9912e4aebe367127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":757,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"f38351156394a8d9de8ccc71a6e0c62c","sha1":"dcb163877db91c6cdb1d473e365fd5044c7070f3","sha256":"92ccf0998693585397d32f48926165731a9934051d50b28de71566ae686e2558","sha512":"0d26c2dabe5f714a597a9a2b7ef49ff63c2ee96a40164cb3cc9d8e51ca06f15583918db80fb57f6f51d905532cd306da54e70e2ee07da27b9618d00724b406e8","ssdeep":"","tlshash":"9601ca835b549168722c407fec0d240121e05a9d624a1ec832418dc4f300bf2bcdb38d","first_seen":"2025-09-20T20:53:44.595335Z","last_seen":"2026-03-27T22:31:05.027201Z","times_seen":28,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":226,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"mycima.page","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mivalyo.com/static/images/logo.svg","fqdn":"mivalyo.com","domain":"mivalyo.com","tld":"com"},"ip":{"addr":"172.67.200.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:06:00.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mivalyo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 07:27:07 GMT","end":"Tue, 23 Dec 2025 08:26:47 GMT"},"fingerprint":{"sha1":"C9:EA:7B:D7:92:AA:85:BD:03:49:A7:87:AA:FF:3B:FB:4E:EB:54:DF","sha256":"A5:A8:7B:E8:D7:E3:97:83:3F:E9:6F:66:15:D5:83:FB:85:3D:CE:FB:33:7C:6C:76:73:A6:17:E6:2D:DC:E6:C5"}}},"request":{"raw":"GET /static/images/logo.svg HTTP/1.1\r\nHost: mivalyo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/v/abh8f3lot3g8\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:06:00 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nlast-modified: Thu, 12 Dec 2024 03:07:33 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"1522-6290a03f40740\"\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block\r\nage: 1310\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Bj7qGwllWAkrSQ3aK%2FgzXHR50%2FrTXKzD7rqgmQ9qXx0Cc60CavRRXETF2Mai%2BS1WrzFTMcsZdYvmKuUvKsnyC07J8ORGQXAINzHG\"}]}\r\ncf-ray: 9912e4bb0cae0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5410,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"91604e91d7e9259d6a11de1a1ba58882","sha1":"d21a51acfe853ef77a7a60323403d8c2faab1b19","sha256":"ba47a482ea89b05034924ef4827213d6882feeba74e6c3e3a89b4bd18e792508","sha512":"6d6c864ea1f4e26f4aab78840ea5f53cb3fa8c7812cffe4348190b1775a5e12df2872c4d8f7289d14daf65fa17576517aa82aced2559cd3d4a1a336ca0c4ed2f","ssdeep":"96:wTQRmCzGPQGSg+kv2laDTshi9Fu/2byeitWp3f7UUtIEx0e:EHCiPhSgbdDTshmFQ2BpAG6e","tlshash":"25b133ca2230b764adcdc94c9f6395e5321ab4eab6b1ccc18b8f4f186e5d656f4049cc","first_seen":"2024-12-22T22:20:54.664178Z","last_seen":"2026-03-04T20:55:43.932598Z","times_seen":174,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pixibay.cc/abh8f3lot3g80000.jpg","fqdn":"pixibay.cc","domain":"pixibay.cc","tld":"cc"},"ip":{"addr":"172.67.207.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mivalyo.com/v/abh8f3lot3g8","date":"2025-10-19T20:06:00.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pixibay.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Sep 2025 21:35:53 GMT","end":"Wed, 10 Dec 2025 22:34:09 GMT"},"fingerprint":{"sha1":"E6:A3:9E:B3:AF:60:C0:2D:99:51:CA:AC:FD:48:96:12:C7:E6:68:9B","sha256":"26:FF:91:61:26:88:B9:80:39:5F:76:A7:35:B8:89:8A:DD:69:DA:9B:B8:C3:22:70:70:7E:E7:3E:EE:C3:A7:06"}}},"request":{"raw":"GET /abh8f3lot3g80000.jpg HTTP/1.1\r\nHost: pixibay.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mivalyo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 20:06:01 GMT\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Yx1wrAmjh2n9FhickpQQgz2rhWIKcebO8A%2BvMc6Ua7pSwJEIJEv08dsZrxZ2T3l7qf9CN9QWkAQVvyvx%2B6vh0c1OOSFgHFwCqxw%3D\"}]}\r\ncontent-encoding: br\r\netag: W/\"48b2e2b8-9\"\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9912e4beaf40783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":626,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":626,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.125.32.186","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://sharevid.online/play/aHR0cHM6Ly9taXZhbHlvLmNvbS92L2FiaDhmM2xvdDNnOA==/","date":"2025-10-19T20:06:00.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sharevid.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sharevid.online/\r\nCookie: uid_id2=a11b0847-7f13-4f2d-a938-83530f8cdc0d:3:1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 20:06:00 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://sharevid.online\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"3cdf270850d7f16830926cabf20dc51a","sha1":"e3e558c37fa39e38b6f7e95b99f7291fd96740dd","sha256":"3f66026370b73f1ccc2a2a15e6bdb6e28668d401d6b5bbead72f3fb78f83a7d5","sha512":"afd0e83545c0d7df3a0329778616ab252a44b61e7a4f308194014121236a33bb471ed6d6758160890b37d5631ee6bbeadae91593d854cc8fda7bb1e017b35be9","ssdeep":"","tlshash":"1990041043117110135704401c141fd353100f3d1c377331cc4cd4350c04757c315001","first_seen":"2025-10-19T20:06:34.926025Z","last_seen":"2025-10-19T20:06:34.926025Z","times_seen":1,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}