{"report_id":"bb508e81-f26a-4284-9efb-140c00623926","version":6,"status":"done","tags":[],"date":"2026-01-07T19:00:47Z","url":{"schema":"http","addr":"cima3bdo.com/","fqdn":"cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"cm.cima3bdo.com/","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"title":"سيما عبده Cimaabdo","dom":{"size":21780,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (646)","md5":"523a220c522aab873e029d73eea8b9d9","sha1":"a68a8995268e856a454cbf8b9be57277679814a6","sha256":"98f0e9cac71392a156642cce1fdf097f978c5760d92619749f0cca81b88a9008","sha512":"83433ecd18a8253277fd24e19d6537defa07f465c962c6b778862fe6d539988cfeb198bef37063b7857af7137cf9c9f70392edd8d431afadf96427128f117c07","ssdeep":"384:cPfbf0/fNfCI9wzUWJbLgf4FoFQF5bFCMqKq+Vu/yt4:cU9wzhJ/pFoFQF5bFCg4y6","tlshash":"53a2b5a30db54c621616ca14b7e5b94cdb6aae33c24efd91b2cd22485fc5ec3c407628","dom_hash":"domhashc5122e2356646e7c17da0c31d2114587","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"cima3bdo.com/","fqdn":"cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-11T19:00:47Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":12}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"acscdn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"increasinglypatientstared.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"increasinglypatientstared.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"static.cloudflareinsights.com","ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":4073,"first_seen":"2019-09-24T14:34:56Z","last_seen":"2026-01-04T22:23:09.64902Z","alert_count":0,"request_count":2,"received_data":40688,"sent_data":939,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"usrpubtrk.com","ip":{"addr":"172.67.186.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-16","domain_rank":6824,"first_seen":"2025-06-17T13:34:00.105327Z","last_seen":"2026-01-01T07:24:01.334994Z","alert_count":5,"request_count":1,"received_data":530,"sent_data":490,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cloudflareinsights.com","ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":895,"first_seen":"2020-10-23T05:27:50Z","last_seen":"2026-01-05T14:49:35.15391Z","alert_count":0,"request_count":2,"received_data":637,"sent_data":1044,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"increasinglypatientstared.com","ip":{"addr":"15.197.172.60","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2024-01-05","domain_rank":0,"first_seen":"2024-01-09T03:20:34Z","last_seen":"2024-12-14T18:50:29.15158Z","alert_count":2,"request_count":1,"received_data":254,"sent_data":462,"comment":"","tags":null,"fingerprints":null},{"fqdn":"mc.yandex.com","ip":{"addr":"87.250.251.119","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"domain_registered":"1998-09-24","domain_rank":45494,"first_seen":"2014-03-01T13:57:52Z","last_seen":"2026-01-06T10:23:23.667159Z","alert_count":0,"request_count":6,"received_data":9417,"sent_data":5842,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"mc.yandex.ru","ip":{"addr":"87.250.251.119","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"domain_registered":"1997-09-23","domain_rank":16498,"first_seen":"2012-05-21T09:38:30Z","last_seen":"2026-01-05T12:36:27.910072Z","alert_count":0,"request_count":1,"received_data":252233,"sent_data":415,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cima3bdo.com","ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-12-02","domain_rank":0,"first_seen":"2023-12-02T21:15:51Z","last_seen":"2024-01-31T09:36:12Z","alert_count":2,"request_count":1,"received_data":22324,"sent_data":481,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cm.cima3bdo.com","ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-12-02","domain_rank":0,"first_seen":"2026-01-07T19:00:48.658388Z","last_seen":"2026-01-07T19:00:48.658388Z","alert_count":24,"request_count":12,"received_data":761765,"sent_data":7371,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-01-04T22:18:41.67311Z","alert_count":0,"request_count":2,"received_data":827844,"sent_data":870,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"acscdn.com","ip":{"addr":"104.18.17.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-05-05","domain_rank":18769,"first_seen":"2020-05-06T08:07:13Z","last_seen":"2026-01-07T11:43:04.090051Z","alert_count":1,"request_count":1,"received_data":172119,"sent_data":414,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-58KJ33P7BQ","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9311bf7b7d7b09ebaaaca7c57845def3","sha1":"e6607d192f7082ebf50f0303bd1d8c0dc61bf5fc","sha256":"906663b3de4178de52aacb935416fd3996f63f2baa6e884d7be2c6acbc0ba3fa","sha512":"5a0de5021f93223fa190184252df0ef4442297fa7388b62006711b4a39a069f4e8f0ea73bb84c5cb065688b57206feba97ba3f2b8c78d7c40cb35c694176c1bb","ssdeep":"6144:4tNV1qT6Eh2phK74eHZWeXJjO67YM+TkORao5D1hqalt8c:Anqhwu4ai/TkOhd","tlshash":"fdb409cf73c63426929af478542f02cba9bb25e2b45d889bb1c9ccf01d3459a4167f78","size":523593,"data":"","first_seen":"2026-01-07T19:00:53.098517Z","last_seen":"2026-01-07T19:00:53.098517Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cm.cima3bdo.com/assets/themes/3arbserv/js/lazyload.min.js","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1d23afa4aa486436c71ca294a7e5952c","sha1":"0bd16ee7ec80690fadcba9c62446b21202604858","sha256":"511b6b281e846aa9ddb481bc88592b025b999d11a448f4f4c1d57c5743482d29","sha512":"2b0398cea7f49bf72fb76101bed06f08b79d5497ae1fe1d482480dcecb138d82f9806de3f3d5ca7ad4955b271bc8a010ebd907ed0de8434b34424e6b28b7bae4","ssdeep":"","tlshash":"6861558ebf527839f0167a9e431f3106663ed46f81854c54b089ece4ecec7961236d9a","size":3309,"data":"","first_seen":"2023-03-07T01:12:03Z","last_seen":"2026-04-03T01:07:30.88548Z","times_seen":108,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cm.cima3bdo.com/assets/themes/3arbserv/js/bootstrap.min.js","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5869c96cc8f19086aee625d670d741f9","sha1":"430a443d74830fe9be26efca431f448c1b3740f9","sha256":"53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef","sha512":"8b3b64a1bb2f9e329f02d4cd7479065630184ebaed942ee61a9ff9e1ce34c28c0eecb854458977815cf3704a8697fa8a5d096d2761f032b74b70d51da3e37f45","ssdeep":"768:o2rGy27UwlNqMl95qNmCFejhqs8snmi+CSFXfbx8Gf3Zq7Q:Jg73zhq0GvbJ3ZKQ","tlshash":"b6f28606b23031a147efb1e1525b020e7239696ee906907c78b99af53db9c48717bf3d","size":37045,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-04T02:27:36.926496Z","times_seen":75280,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cm.cima3bdo.com/","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f8bc2450c49fb0e8530909b95547c40b","sha1":"5f6077ada8359edeb50d1f87845e9815d0345bf9","sha256":"7e46d203d3b9a804ab2e490fb96fc9a4b2c6c9670473fb24e5439f581516489e","sha512":"5039cd7b315c3be88a8695d022955beb1c0dd2d042945931be8f0f54fef1c4669f0391219a5b1c52dca4609deede229c7a02f00099a1938102bbec1063353cf2","ssdeep":"","tlshash":"98b0123b8e13a4552d001310625f501d42d404778405ccd0b00c50001bc0202000d8d8","size":115,"data":"","first_seen":"2026-01-07T19:00:53.115934Z","last_seen":"2026-01-07T19:00:53.115934Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cm.cima3bdo.com/assets/themes/3arbserv/js/jquery.min.js","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"27ef0cf5b0aad238d1db627eeb3e267b","sha1":"975c4d7e65f82e15203ca553a5ba51c016a939d2","sha256":"3d65f9e788f7ef78d0e1e40bdce42caf85b1c2b18d8eb1ecc358b113d01265d6","sha512":"2bdc53ad1a5b25057eb246745493939e732e485f690ef65b652b3523ed90032714912b73faca829c24665fe2ca10f404a3d4de9d58168b6b46e2189ca0cf47c3","ssdeep":"1536:YP1vk7i6GUHdXXeyQazBu+4HhiO2AEeL/FoqqhJ7SerN5sVI6xcBIPv7E+nzms9t:74UdoqhJvNPqcBQ7MfWWca98Hrp","tlshash":"3093d8d9b7d67062977730b850bf510bb13a98eab80c4c60f1a4d8e47e74a89507bf2d","size":95844,"data":"","first_seen":"2023-03-07T01:12:03Z","last_seen":"2026-03-31T07:27:21.964427Z","times_seen":182,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cm.cima3bdo.com/","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a0e9f2d4ee7a46a39a0a5b85597f650a","sha1":"8fa5d799d57decffc3b7bc30a8d8831791203621","sha256":"c1043a5402fbbd05564cd8bac62271049425dec17270e00d23cd6240d856f183","sha512":"beeb9039afb69662a2a3212977d9f3a46c2c6fa1f34d7c39faceb3b95b78bc93ecad9bf8a56205b8179b72bf0b2be3aeacfeedaacf39a540cbc8e8f048c745c2","ssdeep":"","tlshash":"a4c02bcc320b1c7049f737008b3ffa00b0423214d4e06933880923085d30e17d784814","size":153,"data":"","first_seen":"2023-03-29T23:09:12Z","last_seen":"2026-01-07T19:00:53.117314Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cm.cima3bdo.com/","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d73b4649e6e47a3ca42c0a1c8fca1531","sha1":"b152ae20e4fe5caca7d9e58ac0019825168a627b","sha256":"307d5f049845d6e2a02c5332d07fc76bec85f8b3932d93d0abf754dc62ffde3f","sha512":"26a2e86f33d4d4d1cc99f757f92a5c14c5027bf5253500711540c5718a26b4276cce8cf2b19c09a6a09850c7095ef3cadb1f9573f54799bb20f76788686095fc","ssdeep":"","tlshash":"30f00e942cec44245373002927bba248b4396a292c0bed24f94c84822f99eac08bb90c","size":514,"data":"","first_seen":"2024-02-14T19:59:12Z","last_seen":"2026-01-07T19:00:53.118605Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cm.cima3bdo.com/","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5e13f7052a39f328fd87dea008800c1e","sha1":"3796a6d92f68cefeda297cbee84f149a58a0e682","sha256":"48cf3fc5ab22b96dce42a9a59eb129b8387bcb51e4abaab3c6d0f20564158e0c","sha512":"0e69b86b2abb8590676556e73d87f943872d5f0edc8d146757d23c329939b104d2d7bb9bec480763fab313fb82aa0b7d4e0c16e3ed9b5539418b52425fefc978","ssdeep":"","tlshash":"08e028da74510c7270ed05f533b1e138b153110868091d32cefdc92478189c74c134cc","size":341,"data":"","first_seen":"2024-08-19T18:42:29.300455Z","last_seen":"2026-01-07T19:00:53.119971Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","size":19948,"data":"","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-04T01:47:37.547507Z","times_seen":330090,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","size":19948,"data":"","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-04T01:47:37.547507Z","times_seen":330090,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cm.cima3bdo.com/","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"16cc35f022b068dc2aaa0cb6a26d84de","sha1":"3563a4ab6fce2638cab17adee938d0cd6a8616f8","sha256":"c2546dfa780807b0af1ba77c584d965af7a2cd65f192a02fc7e1b6aea4485056","sha512":"610cc679eba2fc19d4269b1095ae423fa06797baaee3a4cb8d9dc49f9322fb4d66afdd97c6d3f30b7f71145e851c2a742e6034f3fcc67b3ea14e373cde6c07a9","ssdeep":"","tlshash":"e311ab3999b126201167a0be433e163530b39223b164ca177e1e87802f44a2f52bebcc","size":925,"data":"","first_seen":"2025-08-30T03:28:36.913174Z","last_seen":"2026-01-07T19:00:53.121392Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"acscdn.com/script/aclib.js","fqdn":"acscdn.com","domain":"acscdn.com","tld":"com"},"ip":{"addr":"104.18.17.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"48250370347c7f2d054321e03c8e394f","sha1":"dce1356dc4ee7b2b650fc3b2fa5c75e2de60c840","sha256":"e3fd6b9ca5d9b8d65c6330aa94f08f24cd2b59e1834cd7c960ea6ea3417acf52","sha512":"37527c5fc8159f26120d652f8477a70703eb6fb1f30126ceb66f9a58e05ddc365a1cb34b82b5bdcb24b694036bfe2a7c3052a50d883b956cccf2e167a7188ae7","ssdeep":"3072:ZcmbG7ee6cW7n8GrMN1HDxlfm1VeDbclbsZpyQ:y/FW78GrufmyclbsZpyQ","tlshash":"f4f395083a9455037b4b6fbb271774e5e9062c4ab894099eb254bc74e2836b3fff1136","size":171200,"data":"","first_seen":"2025-12-17T14:33:37.34138Z","last_seen":"2026-01-13T14:12:13.867658Z","times_seen":466,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-WJQBCTB","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dd791fb63c31601071166ccad6b74943","sha1":"c74393fe50a489acde6b67d76807d118830f27d2","sha256":"9d35290398f1f7f3ba37d85ffd7d4d3a0d8bea4fa5a294388943399f0f50c12e","sha512":"0d7862c3fcef0970e3f76c02ea451302c852daaa556df14ea97ed14f781e4c15986e36577ab007cc2aaf9cc4bc05b28f5c67e3369ec3f31aaa203360d080b07b","ssdeep":"3072:CteUEtrIxV/I4AV0PbKsB67ZKrEv5wtfvvph3rkh8nbilXJjO67gxMOTkkakcup:uNV/xxEh2phQhYeXJjO67YMOTk9kcs","tlshash":"b85408cdb3da706683a3a474403f118bb17b69d1e84cc895f186d8d42e74aaa4237f7c","size":302997,"data":"","first_seen":"2026-01-07T19:00:53.103608Z","last_seen":"2026-01-07T19:00:53.103608Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.yandex.ru/metrika/tag.js","fqdn":"mc.yandex.ru","domain":"yandex.ru","tld":"ru"},"ip":{"addr":"87.250.251.119","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"79346c6ff3e59c5c9d6c1aa4ea219da8","sha1":"13129b1a008d9971071ad805aabae7fd93d4039f","sha256":"8983f794d15c2de1cbeb6308c6059a6957c19ebbf6b6c97936dcf48e72b3eda5","sha512":"fafec62f64dbef115359b314b2f1dc7ded854cb90413262d70bffbdaae8e7bf1b7883072cdee95ea3911bacda1184081730513d54809b4a18f3ba754393e990b","ssdeep":"3072:kTSBx1x5T59PJqno4huS8NdMlqRHusBja5pwSxqyCKc:kTSDP5T59PJMo4hiQqRDBu5p7xqy1c","tlshash":"9b34d7c976827472937334b4903f000bb2beac96f54c8965e186d9d57e389ac9237f2d","size":251393,"data":"","first_seen":"2025-12-24T17:36:43.25512Z","last_seen":"2026-01-15T06:47:13.603842Z","times_seen":433,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cm.cima3bdo.com/assets/themes/3arbserv/js/app.js?v=1","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8df3bdc02e6b417b84a257fad98ee46c","sha1":"4c201bc1e6e8f5793da598e065635cd0e1cf0386","sha256":"e8e13a2d0fd2ebcac53dfc0a73bf8665ebe4feb81d671735280542930ca46da0","sha512":"8ce5d938292c145321ce2056c87781709fff2ca033f7c1367232ebf964ab687d839cc7e821a1c8aaa7cb9bf96102b2ecbbf6d5fbd8f05266134e7714661017a2","ssdeep":"192:mPoo49RzcYU6l6JdYUmQz1//FIwWD32v9xAsj:092RzcYUaqqxKFIDcgM","tlshash":"4f627409b02028a395b773766a7f5604feb5412fc2019a66fdbc09d45f31c6ca272f9d","size":15658,"data":"","first_seen":"2023-03-29T23:09:12Z","last_seen":"2026-01-07T19:00:53.094823Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cm.cima3bdo.com/assets/themes/3arbserv/js/owlcarousel.js","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a03ec7d4c321f6999cc87d6e70b57432","sha1":"825511220ff79208ab53494147e877381ae14594","sha256":"c4678d58c58a630dc8c4456b6a2cda107fd71aac49cf640338ab91b648725f07","sha512":"4a69e421352cf0502a3f27c5e5d52a5d9c3ca98008337bce0bb919fe02231ae040cad0a310935bbe4233b188fb73d4e652f1d4eaea3cf13f826eca68caaad98b","ssdeep":"1536:yXZFH5ld7oIOdwyBhKT/dUP3Y0HXJsVa2fRjcN:yXBld7oIOdwy2doo0HZsVa2fRjcN","tlshash":"8e73b6e1b32e222f4ab6336456beb345f93dc525d10267ad78e8a5dc2491408436effc","size":79758,"data":"","first_seen":"2023-03-29T23:09:12Z","last_seen":"2026-01-07T19:00:53.107168Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cm.cima3bdo.com/assets/themes/3arbserv/images/logo.png","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:21.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cima3bdo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 07:17:26 GMT","end":"Mon, 09 Feb 2026 08:13:31 GMT"},"fingerprint":{"sha1":"EE:28:29:39:64:44:CD:FB:12:ED:FD:2F:8B:FD:ED:BF:FF:E3:FA:43","sha256":"B7:88:A0:BF:8A:AD:B6:4B:4C:E0:7F:FC:11:F9:31:96:AA:59:5F:F9:B3:20:7E:17:32:15:56:06:3F:A7:9F:E9"}}},"request":{"raw":"GET /assets/themes/3arbserv/images/logo.png HTTP/1.1\r\nHost: cm.cima3bdo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cm.cima3bdo.com/\r\nCookie: csrf_cookie_VideoOnline=4834c7d132edccb739ec5bc148fb3f57; ci_session=f78886e698079f4680b3bbe80f22ae5718c683cb\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 19:00:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 2035\r\npriority: u=4,i=?0\r\nlast-modified: Wed, 22 Feb 2023 02:03:27 GMT\r\ncache-control: public, max-age=31536000\r\nexpires: Thu, 29 Jan 2026 18:32:10 GMT\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SBvbej2GplCOptbQg4CAh9U%2F4aIBD4lt99HpA30hlPfeSjVj4BUb3elYlTtv1lKgN9kY0xsBafC12tDc4VpFzPl8nNOS3GXZW5VmWUg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba5b2905f51b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2035,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 67, 8-bit/color RGBA, non-interlaced","md5":"457faa2852a4f4e960419ef6afa01099","sha1":"cad8275266aa0b8399f961c7879c574dd6409ce0","sha256":"c51ae51208d8241c91858731d91b8682e4f729b3f092ace98a611fc63c93fd15","sha512":"6bf86235edf17622ac8dd8625f38511098a58db49f3e80b1dafb033e9d97ab4bf12b8f9841c9ca9cf27c4fe0233e657899960faa9fd3aca859aed145cbbe68f0","ssdeep":"","tlshash":"de412ab8d2aca8b0e53a41b34828a110ee777c2d81e3d63f6f439415a55f32bdc62573","first_seen":"2023-05-09T18:15:14Z","last_seen":"2026-01-07T19:00:53.08348Z","times_seen":7,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cm.cima3bdo.com/assets/themes/3arbserv/images/favicon.png","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:22.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cima3bdo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 07:17:26 GMT","end":"Mon, 09 Feb 2026 08:13:31 GMT"},"fingerprint":{"sha1":"EE:28:29:39:64:44:CD:FB:12:ED:FD:2F:8B:FD:ED:BF:FF:E3:FA:43","sha256":"B7:88:A0:BF:8A:AD:B6:4B:4C:E0:7F:FC:11:F9:31:96:AA:59:5F:F9:B3:20:7E:17:32:15:56:06:3F:A7:9F:E9"}}},"request":{"raw":"GET /assets/themes/3arbserv/images/favicon.png HTTP/1.1\r\nHost: cm.cima3bdo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cm.cima3bdo.com/\r\nCookie: csrf_cookie_VideoOnline=4834c7d132edccb739ec5bc148fb3f57; ci_session=f78886e698079f4680b3bbe80f22ae5718c683cb; _ga_58KJ33P7BQ=GS2.1.s1767812421$o1$g0$t1767812421$j60$l0$h353234366; _ga=GA1.1.1225875764.1767812422; _ym_uid=1767812422728688681; _ym_d=1767812422\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 19:00:22 GMT\r\ncontent-type: image/png\r\ncontent-length: 5159\r\npriority: u=6,i=?0\r\nlast-modified: Wed, 22 Feb 2023 02:03:27 GMT\r\ncache-control: public, max-age=31536000\r\nexpires: Fri, 23 Jan 2026 02:53:09 GMT\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qW6PldfhOsjg96%2FkA8wNCspD9CEb%2B6mZUTiAm4dDK7LyU4JgZePJK%2BGipn9bWZnGHFNfumJw7O6eCf3WWUsW7EJKvYXeHkjJcEaVXao%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba5b2962fd2b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5159,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 102, 8-bit/color RGBA, non-interlaced","md5":"37a6bcbbcc54f05a84f8ec7b2ccacf44","sha1":"ea2884a81520a9acbf6700fcb51713fcf21f667f","sha256":"b9c5b7a3b132a48128529cf2eb3c7d549f8c59741ede7257028f163d6fa6d46a","sha512":"9f4a9faa207f1f78ab80773bb066eefab9ad562b87904c6a6bc1dada366d88de3f09786832b37054338c6cde6b298f29e35d1ea5bf1f85d0b16cefa96067b8f0","ssdeep":"96:NSfN1nc8VzamKDLoARU6eDQK3nno+0/CEhWehaMB8fGqpmASrg8h5gyqRiFU:NSlBVzOnoARwD1o+qs4aM8mASrzr5WeU","tlshash":"a8b16d486f18fb7700b6ae3472c81b3bd54333a7de6fd90d55679920261ebbd0621a08","first_seen":"2023-05-09T18:15:13Z","last_seen":"2026-03-18T18:35:24.598833Z","times_seen":27,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cm.cima3bdo.com/assets/themes/3arbserv/css/style.css?v=1","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:21.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cima3bdo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 07:17:26 GMT","end":"Mon, 09 Feb 2026 08:13:31 GMT"},"fingerprint":{"sha1":"EE:28:29:39:64:44:CD:FB:12:ED:FD:2F:8B:FD:ED:BF:FF:E3:FA:43","sha256":"B7:88:A0:BF:8A:AD:B6:4B:4C:E0:7F:FC:11:F9:31:96:AA:59:5F:F9:B3:20:7E:17:32:15:56:06:3F:A7:9F:E9"}}},"request":{"raw":"GET /assets/themes/3arbserv/css/style.css?v=1 HTTP/1.1\r\nHost: cm.cima3bdo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cm.cima3bdo.com/\r\nCookie: csrf_cookie_VideoOnline=4834c7d132edccb739ec5bc148fb3f57; ci_session=f78886e698079f4680b3bbe80f22ae5718c683cb\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 19:00:21 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nlast-modified: Wed, 22 Feb 2023 02:03:27 GMT\r\ncache-control: public, max-age=31536000\r\nexpires: Thu, 05 Feb 2026 16:09:53 GMT\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ab8UYAHrWHzMnTpqSI5XBe7%2Ft2ykUaMpYZiD%2BnvYHECBqyVx43xEOnS13DKd0gXpQBrKbzZXp7FPJNRlndNfhfbWodDOw0WnpeBH%2FMw%3D\"}]}\r\ncf-ray: 9ba5b2904f4eb4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":253226,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"9578b567ddd6cb90617eadc701f76c98","sha1":"87afc03e4cb86a41183be15cdff56527c687d4a7","sha256":"26c2280738d697d4cb31c0e4358ffc54fa373b449b119d4b4fe09f93edccb3b2","sha512":"3ba74c88a0c4266bab46563a7eb30083388bc5abdda89fc03931b6cbfc799af2416352b4134c21cac8a900ef28edb9245402dd4d50133ca81f47646b073d25e8","ssdeep":"6144:0iT2DJHtBNV//SfZAx1AqZAmEpy6k8e0L:0iyDJHr//SfZAx1AqZAmEpy6k8e0L","tlshash":"c834a3b0e51521cd3333c10aa7d1ea896aa8f023dae68d77f25f615c4fc528542a3f6d","first_seen":"2023-04-07T18:33:06Z","last_seen":"2026-01-07T19:00:53.088297Z","times_seen":5,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:21.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Dec 2025 10:36:27 GMT","end":"Fri, 20 Mar 2026 11:36:07 GMT"},"fingerprint":{"sha1":"C6:6A:71:84:C2:40:13:D1:A4:B7:DF:C4:1C:E1:54:F3:76:97:EF:6B","sha256":"EC:09:93:3E:E8:5D:9E:7A:B0:D9:7C:6D:85:49:92:10:89:9F:C8:FF:A5:1B:90:BB:AB:86:7E:D9:BA:0A:1C:4E"}}},"request":{"raw":"GET /beacon.min.js HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cm.cima3bdo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 19:00:21 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2024.6.1\"\r\nlast-modified: Thu, 06 Jun 2024 15:52:56 GMT\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9ba5b2908bc8712d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19948,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (19948), with no line terminators","md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-04T01:47:37.547507Z","times_seen":330090,"resource_available":true,"data":null}},"time_used":57,"timings":{"blocked":13,"dns":1,"connect":2,"send":0,"wait":15,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cm.cima3bdo.com/assets/themes/3arbserv/js/lazyload.min.js","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:21.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cima3bdo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 07:17:26 GMT","end":"Mon, 09 Feb 2026 08:13:31 GMT"},"fingerprint":{"sha1":"EE:28:29:39:64:44:CD:FB:12:ED:FD:2F:8B:FD:ED:BF:FF:E3:FA:43","sha256":"B7:88:A0:BF:8A:AD:B6:4B:4C:E0:7F:FC:11:F9:31:96:AA:59:5F:F9:B3:20:7E:17:32:15:56:06:3F:A7:9F:E9"}}},"request":{"raw":"GET /assets/themes/3arbserv/js/lazyload.min.js HTTP/1.1\r\nHost: cm.cima3bdo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cm.cima3bdo.com/\r\nCookie: csrf_cookie_VideoOnline=4834c7d132edccb739ec5bc148fb3f57; ci_session=f78886e698079f4680b3bbe80f22ae5718c683cb\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 19:00:21 GMT\r\ncontent-type: text/javascript\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nlast-modified: Wed, 22 Feb 2023 02:03:27 GMT\r\ncache-control: public, max-age=31536000\r\nexpires: Fri, 09 Jan 2026 20:17:40 GMT\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bDzfYIK7%2BepcuRsi%2BqDf8apGZqj5OzxEgcAb7h44xpS164DX0rnWZxFR4jlf4sMzXEMAxcTcvuPoZx3Kslsf53uMNv6NZ712amUtWeQ%3D\"}]}\r\ncf-ray: 9ba5b2905f54b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3309,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (3309), with no line terminators","md5":"1d23afa4aa486436c71ca294a7e5952c","sha1":"0bd16ee7ec80690fadcba9c62446b21202604858","sha256":"511b6b281e846aa9ddb481bc88592b025b999d11a448f4f4c1d57c5743482d29","sha512":"2b0398cea7f49bf72fb76101bed06f08b79d5497ae1fe1d482480dcecb138d82f9806de3f3d5ca7ad4955b271bc8a010ebd907ed0de8434b34424e6b28b7bae4","ssdeep":"","tlshash":"6861558ebf527839f0167a9e431f3106663ed46f81854c54b089ece4ecec7961236d9a","first_seen":"2023-03-07T01:12:03Z","last_seen":"2026-04-03T01:07:30.88548Z","times_seen":108,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usrpubtrk.com/ut/hb.php?cb=0.7233449350239277\u0026v=1","fqdn":"usrpubtrk.com","domain":"usrpubtrk.com","tld":"com"},"ip":{"addr":"172.67.186.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:22.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usrpubtrk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 12:57:52 GMT","end":"Tue, 10 Mar 2026 13:56:16 GMT"},"fingerprint":{"sha1":"77:2A:71:0C:1C:F9:2B:14:04:DB:13:5F:A6:57:67:6D:B3:A9:A0:95","sha256":"E0:53:FF:DF:EC:31:75:79:08:DF:B9:B1:56:18:5A:48:15:62:EF:8B:BB:4C:1B:05:1C:E8:DD:3F:0C:A4:80:41"}}},"request":{"raw":"POST /ut/hb.php?cb=0.7233449350239277\u0026v=1 HTTP/1.1\r\nHost: usrpubtrk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 3591\r\nOrigin: https://cm.cima3bdo.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cm.cima3bdo.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":3591,"data":"{\"clientHints\":{},\"isScrollable\":0,\"totalClicks\":0,\"sessionLength\":1,\"ippMissclicks\":0,\"visible\":1,\"caught\":0,\"lastevent\":0,\"isFullscreen\":0,\"isTabFocused\":1,\"eventImps\":0,\"retryCounts\":0,\"isScrolled\":0,\"isMouseMoved\":0,\"pagePercentageSeen\":100,\"belowTheFoldSeen\":100,\"touchEnd\":0,\"touchMove\":0,\"clicksByType\":{\"idle\":0,\"input\":0,\"video\":0,\"button\":0,\"link\":0,\"img\":0},\"browsingTopics\":[],\"ufp\":\"Win32/Mozilla/Netscape/true/false/1280x10240en-USunknown4824 bits\",\"sessionStartTime\":1767812421,\"sessionId\":\"33963286433772476d88b7fef3f4d50c\",\"timeZoneOffset\":0,\"zones\":[],\"pUrl\":\"https%3A%2F%2Fcm.cima3bdo.com%2F\",\"pReferrer\":\"\",\"pTitle\":\"%D8%B3%D9%8A%D9%85%D8%A7%20%D8%B9%D8%A8%D8%AF%D9%87%20Cimaabdo\",\"pDescription\":\"%D9%85%D9%88%D9%82%D8%B9%20%D8%B3%D9%8A%D9%85%D8%A7%20%D8%B9%D8%A8%D8%AF%D9%87%20%20Cimaabdo%20-%20%20%D9%85%D9%88%D9%82%D8%B9%20%D9%85%D9%88%D9%82%D8%B9%20%D8%B3%D9%8A%D9%85%D8%A7%20%D8%B9%D8%A8%D8%AF%D9%87%20%D8%AF%D9%88%D8%AA%20%D9%86%D8%AA%20%20%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%88%D8%AA%D8%AD%D9%85%D9%8A%D9%84%20%D8%A7%D9%84%D8%A7%D9%81%D9%84%D8%A7%D9%85%20%D9%88%D8%A7%D9%84%D9%85%D8%B3%D9%84%D8%B3%D9%84%D8%A7%D8%AA%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%20%D8%B9%D9%84%D9%8A%20%D8%A7%D8%B3%D8%B1%D8%B9%20%D8%B3%D9%8A%D8%B1%D9%81%D8%B1%D8%A7%D8%AA%20%D8%A7%D9%84%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%88%D8%AA%D8%AD%D9%85%D9%8A%D9%84%20%D8%A8%D8%AC%D9%88%D8%AF%D8%A9%20%20%D9%85%D8%AE%D8%AA%D9%84%D9%81%D8%A9\",\"pKeywords\":\"%D8%B3%D9%8A%D9%85%D8%A7%20%D8%B9%D8%A8%D8%AF%D9%87%2C%20%D8%B3%D9%8A%D9%85%D8%A7%20%D8%B9%D8%A8%D8%AF%D9%87%20%D8%AF%D9%88%D8%AA%20%D9%86%D8%AA%20%2CCima%20abdo%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D8%A7%D9%84%D8%A7%D9%88%D9%84%20%D9%84%D9%84%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%88%20%D8%A7%D9%84%D8%AA%D8%AD%D9%85%D9%8A%D9%84%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%A7%D8%B9%D9%84%D8%A7%D9%86%D8%A7%D8%AA%20%D9%85%D8%B2%D8%B9%D8%AC%D8%A9%2C%20%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D8%A7%D9%81%D9%84%D8%A7%D9%85%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%2C%20%D8%A7%D9%81%D9%84%D8%A7%D9%85%20%D8%B9%D8%B1%D8%A8%D9%8A%2C%20%D8%A7%D9%81%D9%84%D8%A7%D9%85%20%D8%A7%D8%AC%D9%86%D8%A8%D9%8A%2C%20%D8%A7%D9%81%D9%84%D8%A7%D9%85%20%D9%87%D9%86%D8%AF%D9%8A%2C%20%D8%A7%D9%81%D9%84%D8%A7%D9%85%20%D8%AA%D8%B1%D9%83%D9%8A%2C%20%D8%A7%D9%81%D9%84%D8%A7%D9%85%20%D8%A7%D9%86%D9%8A%D9%85%D9%8A%D8%B4%D9%86%2C%20%D8%A7%D9%81%D9%84%D8%A7%D9%85%20%D9%85%D8%AA%D8%B1%D8%AC%D9%85%D8%A9%2C%20%D8%A7%D9%81%D9%84%D8%A7%D9%85%20%D9%85%D8%AF%D8%A8%D9%84%D8%AC%D8%A9%2C%20%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%85%D8%B3%D9%84%D8%B3%D9%84%D8%A7%D8%AA%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%2C%20%D9%85%D8%B3%D9%84%D8%B3%D9%84%D8%A7%D8%AA%20%D8%B9%D8%B1%D8%A8%D9%8A%D8%A9%2C%20%D9%85%D8%B3%D9%84%D8%B3%D9%84%D8%A7%D8%AA%20%D8%A7%D8%AC%D9%86%D8%A8%D9%8A%D8%A9\",\"pHasIframes\":0,\"pWidth\":1280,\"pHeight\":1024,\"vWidth\":1280,\"vHeight\":1024,\"inIframe\":0,\"bsd\":\"eyJwcm9iYWJpbGl0eSI6MC4wMSwicGVyU2lnbmFsIjp7ImlzV2ViRHJpdmVyUHJlc2VudCI6MCwiaXNDRFBEZXRlY3RlZCI6MCwiYXV0b21hdGVkQnJvd3Nlckdsb2JhbHMiOjAsImlzV2luZG93Q0RDIjowLCJkb2VzVUFDb250YWluSGVhZGxlc3NLZXl3b3JkIjowLCJpc0ZpcmVmb3hNaXNtYXRjaCI6MCwiaW5jb25zaXN0ZW5jaWVzIjowLCJpc0Nocm9tZUZvclRlc3RpbmciOjAsImRldGVjdENTU0Fub21hbGllcyI6MCwiaXNIZWFkbGVzc1Blcm1pc3Npb25NYXRjaGVkIjowLCJkZXRlY3RMb2NhbFN0b3JhZ2UiOjAsIm5vUGx1Z2luc1ByZXNlbnQiOjAsIm1pc3NpbmdXZWJSVEMiOjAsIm1pc3NpbmdBdWRpb1ZpZGVvIjowLCJtaXNzaW5nQ2FudmFzIjowLCJtb3VzZU1vdmVTY29yZSI6MCwiY2VudGVyZWRDbGlja1BlcmNlbnRhZ2UiOjAsInNjcm9sbFN1c3BpY2lvdXNTY29yZSI6MH19\",\"sentTimestamp\":1767812422264}"}},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Wed, 07 Jan 2026 19:00:22 GMT\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3IBXjY1DaAhpxAaXbhjA52agrhsB7%2F3Ka2ISX8l%2BfvpeqTvKwuX47K%2BiL1%2FuJ2QyMo4uphgejv%2FfYObUAqGIPCFehB9lly7Yhfdw\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba5b297ac5d568a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":294,"timings":{"blocked":41,"dns":1,"connect":3,"send":0,"wait":210,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cm.cima3bdo.com/assets/themes/3arbserv/js/app.js?v=1","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:21.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cima3bdo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 07:17:26 GMT","end":"Mon, 09 Feb 2026 08:13:31 GMT"},"fingerprint":{"sha1":"EE:28:29:39:64:44:CD:FB:12:ED:FD:2F:8B:FD:ED:BF:FF:E3:FA:43","sha256":"B7:88:A0:BF:8A:AD:B6:4B:4C:E0:7F:FC:11:F9:31:96:AA:59:5F:F9:B3:20:7E:17:32:15:56:06:3F:A7:9F:E9"}}},"request":{"raw":"GET /assets/themes/3arbserv/js/app.js?v=1 HTTP/1.1\r\nHost: cm.cima3bdo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cm.cima3bdo.com/\r\nCookie: csrf_cookie_VideoOnline=4834c7d132edccb739ec5bc148fb3f57; ci_session=f78886e698079f4680b3bbe80f22ae5718c683cb\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 19:00:21 GMT\r\ncontent-type: text/javascript\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nlast-modified: Wed, 22 Feb 2023 02:03:27 GMT\r\ncache-control: public, max-age=31536000\r\nexpires: Fri, 06 Feb 2026 04:12:49 GMT\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m6ewnqUxa6YLzdkKIfiShsUens7bfftdKcjemDhSDST3jLWcrv%2B2l7GOgYeZv8tdxSVoEmEw6LcbFNwwtJTa8D8jj1aMe3Ivc149sPI%3D\"}]}\r\ncf-ray: 9ba5b2906f57b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15658,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"8df3bdc02e6b417b84a257fad98ee46c","sha1":"4c201bc1e6e8f5793da598e065635cd0e1cf0386","sha256":"e8e13a2d0fd2ebcac53dfc0a73bf8665ebe4feb81d671735280542930ca46da0","sha512":"8ce5d938292c145321ce2056c87781709fff2ca033f7c1367232ebf964ab687d839cc7e821a1c8aaa7cb9bf96102b2ecbbf6d5fbd8f05266134e7714661017a2","ssdeep":"192:mPoo49RzcYU6l6JdYUmQz1//FIwWD32v9xAsj:092RzcYUaqqxKFIDcgM","tlshash":"4f627409b02028a395b773766a7f5604feb5412fc2019a66fdbc09d45f31c6ca272f9d","first_seen":"2023-03-29T23:09:12Z","last_seen":"2026-01-07T19:00:53.094823Z","times_seen":11,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cm.cima3bdo.com/assets/fonts/icomoon.woff?3p0rtw","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:22.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cima3bdo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 07:17:26 GMT","end":"Mon, 09 Feb 2026 08:13:31 GMT"},"fingerprint":{"sha1":"EE:28:29:39:64:44:CD:FB:12:ED:FD:2F:8B:FD:ED:BF:FF:E3:FA:43","sha256":"B7:88:A0:BF:8A:AD:B6:4B:4C:E0:7F:FC:11:F9:31:96:AA:59:5F:F9:B3:20:7E:17:32:15:56:06:3F:A7:9F:E9"}}},"request":{"raw":"GET /assets/fonts/icomoon.woff?3p0rtw HTTP/1.1\r\nHost: cm.cima3bdo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cm.cima3bdo.com/assets/themes/3arbserv/css/style.css?v=1\r\nCookie: csrf_cookie_VideoOnline=4834c7d132edccb739ec5bc148fb3f57; ci_session=f78886e698079f4680b3bbe80f22ae5718c683cb; _ga_58KJ33P7BQ=GS2.1.s1767812421$o1$g0$t1767812421$j60$l0$h353234366; _ga=GA1.1.1225875764.1767812422; _ym_uid=1767812422728688681; _ym_d=1767812422\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 19:00:22 GMT\r\ncontent-type: font/woff\r\ncontent-length: 218304\r\npriority: u=4,i=?0\r\nlast-modified: Wed, 22 Feb 2023 02:03:27 GMT\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 14 Jan 2026 19:25:42 GMT\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LXNK8yEKbKPjhzFkT5fiby79RlbKdsCxBB2nCDQ11kD5rH7xoT6hw13THJ6MrVQxOYGNlllxIAfrz8RQo%2BORGitDrcvBqmZaqRV1xo0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba5b2959f9cb4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":218304,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 218304, version 1.0","md5":"c068d37f3b072da2ecefcf5369f219ad","sha1":"28fabad2e00495d0a7690b99908003bb6d2cc988","sha256":"657d012c7e3e3bb465f0c70f6088d9844a36835dd74ff9756bac4c78c853b1b3","sha512":"3ed63269677b588542b813bf7c4cba8139d51429dcb1f7a2aecd28969f687cb8cb950826a28669c9c24d80baf64d8207b981500e9b257e61744443ada4af5871","ssdeep":"6144:VbFV4eLsv4n+BJdXPEPZ/Kchcp1NPd7d8eebb/mLMT2WNQV0bDNEjt8YmNp9LDzm:mz4yU/I","tlshash":"a8246c67d3e2ce4ac81307bd4c2f12140bfe8e212369e25b39cc1c97b7991f999652d9","first_seen":"2023-04-14T06:18:39Z","last_seen":"2026-04-03T04:27:35.006372Z","times_seen":622,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":43,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-58KJ33P7BQ","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:21.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"2C:B9:1B:62:2A:F9:04:B9:16:E2:30:B0:A8:B2:85:0C:68:BC:79:25","sha256":"AE:CB:A0:2C:92:1E:CB:D2:CB:6C:0D:37:5E:A2:4E:27:AE:4E:CA:0C:EC:53:D5:50:E6:C1:3D:EB:17:C1:F2:C9"}}},"request":{"raw":"GET /gtag/js?id=G-58KJ33P7BQ HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cm.cima3bdo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 07 Jan 2026 19:00:21 GMT\r\nexpires: Wed, 07 Jan 2026 19:00:21 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 165079\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":523593,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6337)","md5":"9311bf7b7d7b09ebaaaca7c57845def3","sha1":"e6607d192f7082ebf50f0303bd1d8c0dc61bf5fc","sha256":"906663b3de4178de52aacb935416fd3996f63f2baa6e884d7be2c6acbc0ba3fa","sha512":"5a0de5021f93223fa190184252df0ef4442297fa7388b62006711b4a39a069f4e8f0ea73bb84c5cb065688b57206feba97ba3f2b8c78d7c40cb35c694176c1bb","ssdeep":"6144:4tNV1qT6Eh2phK74eHZWeXJjO67YM+TkORao5D1hqalt8c:Anqhwu4ai/TkOhd","tlshash":"fdb409cf73c63426929af478542f02cba9bb25e2b45d889bb1c9ccf01d3459a4167f78","first_seen":"2026-01-07T19:00:53.098517Z","last_seen":"2026-01-07T19:00:53.098517Z","times_seen":1,"resource_available":true,"data":null}},"time_used":506,"timings":{"blocked":189,"dns":0,"connect":22,"send":0,"wait":51,"receive":62,"ssl":178},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"acscdn.com/script/aclib.js","fqdn":"acscdn.com","domain":"acscdn.com","tld":"com"},"ip":{"addr":"104.18.17.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:21.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"acscdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 03:12:50 GMT","end":"Sun, 05 Apr 2026 04:12:43 GMT"},"fingerprint":{"sha1":"3A:1D:A3:E2:34:8B:CF:4A:E2:79:81:4F:39:B4:6A:A6:31:3D:FF:E5","sha256":"EA:50:C7:FC:EF:08:29:A0:8D:98:25:B7:58:5D:21:DC:0C:4B:87:8E:BB:AA:45:C9:FF:08:27:40:D9:87:6A:D6"}}},"request":{"raw":"GET /script/aclib.js HTTP/1.1\r\nHost: acscdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cm.cima3bdo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 19:00:21 GMT\r\ncontent-type: text/javascript\r\nx-guploader-uploadid: AHVrFxN2iBpb-t5ZfS7VArRJLFCT_VqFVa-k_zQ-uVo_DGLQ5Kg_G4ZI5UED5xfr9wCf76B8\r\nx-goog-generation: 1765975833874839\r\nx-goog-metageneration: 2\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 171200\r\nx-goog-hash: crc32c=Y6PsGw==, md5=SCUDcDR8fy0FQyHgPI45Tw==\r\nx-goog-storage-class: MULTI_REGIONAL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: cloudflare\r\nexpires: Wed, 07 Jan 2026 20:00:21 GMT\r\ncache-control: public, max-age=3600\r\nlast-modified: Wed, 17 Dec 2025 12:50:33 GMT\r\nalt-svc: h3=\":443\"; ma=86400\r\nvary: accept-encoding\r\nage: 2002\r\ncf-cache-status: HIT\r\netag: W/\"48250370347c7f2d054321e03c8e394f\"\r\ncontent-encoding: gzip\r\ncf-ray: 9ba5b2907f5a56c7-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":171200,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"48250370347c7f2d054321e03c8e394f","sha1":"dce1356dc4ee7b2b650fc3b2fa5c75e2de60c840","sha256":"e3fd6b9ca5d9b8d65c6330aa94f08f24cd2b59e1834cd7c960ea6ea3417acf52","sha512":"37527c5fc8159f26120d652f8477a70703eb6fb1f30126ceb66f9a58e05ddc365a1cb34b82b5bdcb24b694036bfe2a7c3052a50d883b956cccf2e167a7188ae7","ssdeep":"3072:ZcmbG7ee6cW7n8GrMN1HDxlfm1VeDbclbsZpyQ:y/FW78GrufmyclbsZpyQ","tlshash":"f4f395083a9455037b4b6fbb271774e5e9062c4ab894099eb254bc74e2836b3fff1136","first_seen":"2025-12-17T14:33:37.34138Z","last_seen":"2026-01-13T14:12:13.867658Z","times_seen":466,"resource_available":true,"data":null}},"time_used":65,"timings":{"blocked":14,"dns":0,"connect":1,"send":0,"wait":21,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"acscdn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cloudflareinsights.com/cdn-cgi/rum","fqdn":"cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:22.301Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Dec 2025 10:36:27 GMT","end":"Fri, 20 Mar 2026 11:36:07 GMT"},"fingerprint":{"sha1":"C6:6A:71:84:C2:40:13:D1:A4:B7:DF:C4:1C:E1:54:F3:76:97:EF:6B","sha256":"EC:09:93:3E:E8:5D:9E:7A:B0:D9:7C:6D:85:49:92:10:89:9F:C8:FF:A5:1B:90:BB:AB:86:7E:D9:BA:0A:1C:4E"}}},"request":{"raw":"OPTIONS /cdn-cgi/rum HTTP/1.1\r\nHost: cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://cm.cima3bdo.com/\r\nOrigin: https://cm.cima3bdo.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 19:00:22 GMT\r\ncontent-type: text/plain\r\naccess-control-allow-origin: https://cm.cima3bdo.com\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-allow-headers: Content-Type\r\naccess-control-max-age: 86400\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nserver: cloudflare\r\ncf-ray: 9ba5b2976a39b4f1-OSL\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":10,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cm.cima3bdo.com/assets/themes/3arbserv/css/owlcarousel.css","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:21.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cima3bdo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 07:17:26 GMT","end":"Mon, 09 Feb 2026 08:13:31 GMT"},"fingerprint":{"sha1":"EE:28:29:39:64:44:CD:FB:12:ED:FD:2F:8B:FD:ED:BF:FF:E3:FA:43","sha256":"B7:88:A0:BF:8A:AD:B6:4B:4C:E0:7F:FC:11:F9:31:96:AA:59:5F:F9:B3:20:7E:17:32:15:56:06:3F:A7:9F:E9"}}},"request":{"raw":"GET /assets/themes/3arbserv/css/owlcarousel.css HTTP/1.1\r\nHost: cm.cima3bdo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cm.cima3bdo.com/\r\nCookie: csrf_cookie_VideoOnline=4834c7d132edccb739ec5bc148fb3f57; ci_session=f78886e698079f4680b3bbe80f22ae5718c683cb\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 19:00:21 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nlast-modified: Wed, 22 Feb 2023 02:03:27 GMT\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 18 Jan 2026 01:18:34 GMT\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Bd%2BHRXbvphwIlWTioTJWS%2FcOeeaWRoF9x%2BBTNqt37uqZPyzDa5tD%2BU9RTw4AYEXLR0Ap9BmBC%2Br0cdQJqXbGx8I4u%2FNys%2FALgniHpUQ%3D\"}]}\r\ncf-ray: 9ba5b2905f55b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4830,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"d48cad87ce04970f9a2ed80f2ed2285d","sha1":"d2ec5b795a3f70ed6cd421554bf0ab3ab1b11cf0","sha256":"a8fafb3979cb206518537bbd02e5cdaa78a1808b6e58ab8e7cf7941d0b7b344e","sha512":"e6c9559e05e67b2ad5c1e638c17c210694750ffe12895fcf47026b08ba9ad544523e450d16852a15695a99ba5ef8adf10e47fa90c51e84007f143e3dfe452025","ssdeep":"48:2mePoJIfFfvhfOp64j1I7Z3hQJkCJxneVnYMCrXBVQ8eQcgCZ+FPyvfathPFgWEu:2VhwmIexMx+q+ATjFG1ovtcs","tlshash":"99a11eed1211114d54378bb41b9d9a1abe3d94a1ee12008cbaef6b1243dfe5c502ff6b","first_seen":"2023-04-08T01:03:05Z","last_seen":"2026-04-02T23:13:12.495141Z","times_seen":756,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:21.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Dec 2025 10:36:27 GMT","end":"Fri, 20 Mar 2026 11:36:07 GMT"},"fingerprint":{"sha1":"C6:6A:71:84:C2:40:13:D1:A4:B7:DF:C4:1C:E1:54:F3:76:97:EF:6B","sha256":"EC:09:93:3E:E8:5D:9E:7A:B0:D9:7C:6D:85:49:92:10:89:9F:C8:FF:A5:1B:90:BB:AB:86:7E:D9:BA:0A:1C:4E"}}},"request":{"raw":"GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://cm.cima3bdo.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cm.cima3bdo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 19:00:21 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2024.6.1\"\r\nlast-modified: Thu, 06 Jun 2024 15:52:56 GMT\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9ba5b2909b13b4f1-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19948,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (19948), with no line terminators","md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-04T01:47:37.547507Z","times_seen":330090,"resource_available":true,"data":null}},"time_used":63,"timings":{"blocked":9,"dns":4,"connect":6,"send":0,"wait":27,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"increasinglypatientstared.com/4f/21/f1/4f21f1aca1a2fad4e6a12465b597441c.js","fqdn":"increasinglypatientstared.com","domain":"increasinglypatientstared.com","tld":"com"},"ip":{"addr":"15.197.172.60","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:21.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"increasinglypatientstared.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Tue, 06 Jan 2026 11:07:53 GMT","end":"Thu, 23 Jul 2026 11:07:53 GMT"},"fingerprint":{"sha1":"53:BA:B9:04:DB:46:AD:83:25:60:B5:22:59:A8:69:61:E5:52:39:B5","sha256":"75:0A:78:24:D0:7D:5C:83:6E:EB:3E:5B:E1:BD:87:54:5D:1F:DD:0D:05:1B:C5:DA:62:15:3C:4D:B6:1D:4B:10"}}},"request":{"raw":"GET /4f/21/f1/4f21f1aca1a2fad4e6a12465b597441c.js HTTP/1.1\r\nHost: increasinglypatientstared.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cm.cima3bdo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/html\r\nDate: Wed, 07 Jan 2026 19:00:21 GMT\r\nContent-Length: 152\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":152,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with no line terminators","md5":"b14e520e474c5f427d6630b111b809ed","sha1":"9806ef34899ef11f6ddaef973672e3f017a19437","sha256":"aad6e80a8e58aaa8a3dd62ca5fcc5acad7e8eeea8543678b44859d28c6164e8e","sha512":"95989a69777c8b99675c6424a80f07110279c6bc5a6da8fad0345321f914ee5d662f06254f9af0e50797d7141d9be936da9271cbf048df6f5d4777d8071d558a","ssdeep":"","tlshash":"d4c08cdd7c90884019e231115ea6b60ca41a16ebf901de8028c008256e6035f0e06784","first_seen":"2026-01-07T19:00:53.102018Z","last_seen":"2026-01-07T19:00:53.102018Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1169,"timings":{"blocked":525,"dns":177,"connect":1,"send":0,"wait":102,"receive":0,"ssl":362},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"increasinglypatientstared.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"increasinglypatientstared.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-WJQBCTB","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:21.423Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"2C:B9:1B:62:2A:F9:04:B9:16:E2:30:B0:A8:B2:85:0C:68:BC:79:25","sha256":"AE:CB:A0:2C:92:1E:CB:D2:CB:6C:0D:37:5E:A2:4E:27:AE:4E:CA:0C:EC:53:D5:50:E6:C1:3D:EB:17:C1:F2:C9"}}},"request":{"raw":"GET /gtm.js?id=GTM-WJQBCTB HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cm.cima3bdo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 07 Jan 2026 19:00:21 GMT\r\nexpires: Wed, 07 Jan 2026 19:00:21 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Wed, 07 Jan 2026 18:44:10 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 104293\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":302997,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5340)","md5":"dd791fb63c31601071166ccad6b74943","sha1":"c74393fe50a489acde6b67d76807d118830f27d2","sha256":"9d35290398f1f7f3ba37d85ffd7d4d3a0d8bea4fa5a294388943399f0f50c12e","sha512":"0d7862c3fcef0970e3f76c02ea451302c852daaa556df14ea97ed14f781e4c15986e36577ab007cc2aaf9cc4bc05b28f5c67e3369ec3f31aaa203360d080b07b","ssdeep":"3072:CteUEtrIxV/I4AV0PbKsB67ZKrEv5wtfvvph3rkh8nbilXJjO67gxMOTkkakcup:uNV/xxEh2phQhYeXJjO67YMOTk9kcs","tlshash":"b85408cdb3da706683a3a474403f118bb17b69d1e84cc895f186d8d42e74aaa4237f7c","first_seen":"2026-01-07T19:00:53.103608Z","last_seen":"2026-01-07T19:00:53.103608Z","times_seen":1,"resource_available":true,"data":null}},"time_used":75,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":63,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.yandex.com/metrika/advert.gif","fqdn":"mc.yandex.com","domain":"yandex.com","tld":"com"},"ip":{"addr":"87.250.251.119","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:22.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mc.yandex.ru","organization":"YANDEX LLC"},"issuer":{"commonName":"GlobalSign ECC OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sat, 16 Aug 2025 21:04:26 GMT","end":"Mon, 26 Jan 2026 20:59:59 GMT"},"fingerprint":{"sha1":"D5:81:10:72:92:60:58:7F:80:93:7E:45:E9:F2:3C:B1:71:E4:DE:01","sha256":"20:E7:5E:F7:C1:4C:FA:9B:3C:3A:CE:9D:DE:4D:CB:D9:73:21:D5:25:E5:F7:14:4F:43:D7:68:E1:B7:DA:3C:43"}}},"request":{"raw":"GET /metrika/advert.gif HTTP/1.1\r\nHost: mc.yandex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cm.cima3bdo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 43\r\ntiming-allow-origin: *\r\nset-cookie: bh=YMba+soGahfcyuH/CJLYobEDn8/14QzlyPCOA5S2Ag==; Path=/; Domain=.yandex.com; Expires=Thu, 11 Feb 2027 19:00:22 GMT; SameSite=None; Secure\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\netag: \"693bcf0e-2b\"\r\ncache-control: max-age=3600\r\naccept-ranges: bytes\r\ncontent-type: image/gif\r\nstrict-transport-security: max-age=31536000\r\nlast-modified: Fri, 12 Dec 2025 08:15:10 GMT\r\nexpires: Wed, 07 Jan 2026 20:00:22 GMT\r\ndate: Wed, 07 Jan 2026 19:00:22 GMT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"df3e567d6f16d040326c7a0ea29a4f41","sha1":"ea7df583983133b62712b5e73bffbcd45cc53736","sha256":"548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87","sha512":"b2ca25a3311dc42942e046eb1a27038b71d689925b7d6b3ebb4d7cd2c7b9a0c7de3d10175790ac060dc3f8acf3c1708c336626be06879097f4d0ecaa7f567041","ssdeep":"","tlshash":"c2900003caa08002c2a2c0300a0a03002f88a2300228030e80bc30acec3a3a22c02000","first_seen":"2023-04-05T03:49:37Z","last_seen":"2026-04-04T02:36:00.835612Z","times_seen":91546,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":44,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"mc.yandex.com/solid.ws","fqdn":"mc.yandex.com","domain":"yandex.com","tld":"com"},"ip":{"addr":"77.88.21.119","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:24.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mc.yandex.ru","organization":"YANDEX LLC"},"issuer":{"commonName":"GlobalSign ECC OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sat, 16 Aug 2025 21:04:26 GMT","end":"Mon, 26 Jan 2026 20:59:59 GMT"},"fingerprint":{"sha1":"D5:81:10:72:92:60:58:7F:80:93:7E:45:E9:F2:3C:B1:71:E4:DE:01","sha256":"20:E7:5E:F7:C1:4C:FA:9B:3C:3A:CE:9D:DE:4D:CB:D9:73:21:D5:25:E5:F7:14:4F:43:D7:68:E1:B7:DA:3C:43"}}},"request":{"raw":"GET /solid.ws HTTP/1.1\r\nHost: mc.yandex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://cm.cima3bdo.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: JTPJSbxgO0aasmg+CKTp1Q==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching protocols\r\nSet-Cookie: bh=YMja+soGahfcyuH/CJLYobEDn8/14QzlyPCOA5S2Ag==; Path=/; Domain=.yandex.com; Expires=Thu, 11 Feb 2027 19:00:24 GMT; SameSite=None; Secure\r\nSec-WebSocket-Accept: TvxGZDtefhkKumCr9Mhf6VnZ6FI=\r\nUpgrade: websocket\r\nSec-WebSocket-Extensions: permessage-deflate;server_max_window_bits=15\r\nConnection: Upgrade\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching protocols","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":195,"timings":{"blocked":0,"dns":1,"connect":51,"send":0,"wait":45,"receive":1,"ssl":96},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.yandex.com/watch/95969146?page-url=https%3A%2F%2Fcm.cima3bdo.com%2F\u0026charset=utf-8\u0026hidv2=18170240416372490247\u0026hittoken=1767812422_7b2aefaad702852cc72178532787906d58278d5d18ebc157a50bcc9affaa0b7c\u0026browser-info=nb%3A1%3Acl%3A406%3Aar%3A1%3Avf%3A6dxo56vtzxy1twennuh7smrkk0uzf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2331%3Acn%3A1%3Adp%3A0%3Als%3A1599577948585%3Ahid%3A340809905%3Az%3A0%3Ai%3A20260107190036%3Aet%3A1767812437%3Ac%3A1%3Arn%3A234346762%3Arqn%3A2%3Au%3A1767812422728688681%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1493%3Apri%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C1195%2C11%2C1730%2C1730%2C1%2C1587%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1767812420477%3Agi%3AR0ExLjEuMTIyNTg3NTc2NC4xNzY3ODEyNDIy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1767812437\u0026t=gdpr(14)clc(0-0-0)rqnt(2)aw(1)rcm(1)cdl(na)eco(83952128)oms(0)prs(2)w2s(0)ti(0)\u0026force-urlencoded=1","fqdn":"mc.yandex.com","domain":"yandex.com","tld":"com"},"ip":{"addr":"87.250.251.119","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:37.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mc.yandex.ru","organization":"YANDEX LLC"},"issuer":{"commonName":"GlobalSign ECC OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sat, 16 Aug 2025 21:04:26 GMT","end":"Mon, 26 Jan 2026 20:59:59 GMT"},"fingerprint":{"sha1":"D5:81:10:72:92:60:58:7F:80:93:7E:45:E9:F2:3C:B1:71:E4:DE:01","sha256":"20:E7:5E:F7:C1:4C:FA:9B:3C:3A:CE:9D:DE:4D:CB:D9:73:21:D5:25:E5:F7:14:4F:43:D7:68:E1:B7:DA:3C:43"}}},"request":{"raw":"POST /watch/95969146?page-url=https%3A%2F%2Fcm.cima3bdo.com%2F\u0026charset=utf-8\u0026hidv2=18170240416372490247\u0026hittoken=1767812422_7b2aefaad702852cc72178532787906d58278d5d18ebc157a50bcc9affaa0b7c\u0026browser-info=nb%3A1%3Acl%3A406%3Aar%3A1%3Avf%3A6dxo56vtzxy1twennuh7smrkk0uzf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2331%3Acn%3A1%3Adp%3A0%3Als%3A1599577948585%3Ahid%3A340809905%3Az%3A0%3Ai%3A20260107190036%3Aet%3A1767812437%3Ac%3A1%3Arn%3A234346762%3Arqn%3A2%3Au%3A1767812422728688681%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1493%3Apri%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C1195%2C11%2C1730%2C1730%2C1%2C1587%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1767812420477%3Agi%3AR0ExLjEuMTIyNTg3NTc2NC4xNzY3ODEyNDIy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1767812437\u0026t=gdpr(14)clc(0-0-0)rqnt(2)aw(1)rcm(1)cdl(na)eco(83952128)oms(0)prs(2)w2s(0)ti(0)\u0026force-urlencoded=1 HTTP/1.1\r\nHost: mc.yandex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://cm.cima3bdo.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cm.cima3bdo.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 302 Found\r\naccess-control-allow-origin: https://cm.cima3bdo.com\r\nlast-modified: Wed, 07-Jan-2026 19:00:37 GMT\r\nlocation: /watch/95969146/1?page-url=https%3A%2F%2Fcm.cima3bdo.com%2F\u0026charset=utf-8\u0026hidv2=18170240416372490247\u0026hittoken=1767812422_7b2aefaad702852cc72178532787906d58278d5d18ebc157a50bcc9affaa0b7c\u0026browser-info=nb%3A1%3Acl%3A406%3Aar%3A1%3Avf%3A6dxo56vtzxy1twennuh7smrkk0uzf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2331%3Acn%3A1%3Adp%3A0%3Als%3A1599577948585%3Ahid%3A340809905%3Az%3A0%3Ai%3A20260107190036%3Aet%3A1767812437%3Ac%3A1%3Arn%3A234346762%3Arqn%3A2%3Au%3A1767812422728688681%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1493%3Apri%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C1195%2C11%2C1730%2C1730%2C1%2C1587%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1767812420477%3Agi%3AR0ExLjEuMTIyNTg3NTc2NC4xNzY3ODEyNDIy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1767812437\u0026t=gdpr%2814%29clc%280-0-0%29rqnt%282%29aw%281%29rcm%281%29cdl%28na%29eco%2883952128%29oms%280%29prs%282%29w2s%280%29ti%280%29\u0026force-urlencoded=1\u0026redirnss=1\r\nx-xss-protection: 1; mode=block\r\nexpires: Wed, 07-Jan-2026 19:00:37 GMT\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\nstrict-transport-security: max-age=31536000\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\nset-cookie: yabs-sid=2249966841767812437; Path=/; SameSite=None; Secure\ni=NTusDy7+f4xCXZR59jcQWBDS7AYwEtc2tM66nT4Wc9elO2JLodiT+XpZNtwnk84FT1+qjVGzfxu9vUKU0Efpjbmy8tk=; Expires=Sat, 05-Jan-2036 19:00:36 GMT; Domain=.yandex.com; Path=/; Secure; HttpOnly; SameSite=None\nyandexuid=4530177551767812437; Expires=Sat, 05-Jan-2036 19:00:36 GMT; Domain=.yandex.com; Path=/; Secure; SameSite=None\nyuidss=4530177551767812437; Expires=Thu, 07-Jan-2027 19:00:37 GMT; Domain=.yandex.com; Path=/; SameSite=None; Secure\nymex=1799348437.yrts.1767812437#1799348437.yrtsi.1767812437; Expires=Thu, 07-Jan-2027 19:00:37 GMT; Domain=.yandex.com; Path=/; SameSite=None; Secure\nbh=YNXa+soGahfcyuH/CJLYobEDn8/14QzlyPCOA5S2Ag==; Path=/; Domain=.yandex.com; Expires=Thu, 11 Feb 2027 19:00:37 GMT; SameSite=None; Secure\n_yasc=OZ7QMfygC7+z89FfqyS1RqxPDEZQstqaGozbvnUsBp9u7dAvBhR1TvUyLBo4bb5v; domain=.yandex.com; path=/; expires=Sat, 05 Jan 2036 19:00:37 GMT; secure\nbh=YNXa+soGahfcyuH/CJLYobEDn8/14QzlyPCOA5S2Ag==; Path=/; Domain=.yandex.com; Expires=Thu, 11 Feb 2027 19:00:37 GMT; SameSite=None; Secure\r\npragma: no-cache\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.yandex.com/watch/95969146/1?page-url=https%3A%2F%2Fcm.cima3bdo.com%2F\u0026charset=utf-8\u0026hidv2=18170240416372490247\u0026hittoken=1767812422_7b2aefaad702852cc72178532787906d58278d5d18ebc157a50bcc9affaa0b7c\u0026browser-info=nb%3A1%3Acl%3A406%3Aar%3A1%3Avf%3A6dxo56vtzxy1twennuh7smrkk0uzf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2331%3Acn%3A1%3Adp%3A0%3Als%3A1599577948585%3Ahid%3A340809905%3Az%3A0%3Ai%3A20260107190036%3Aet%3A1767812437%3Ac%3A1%3Arn%3A234346762%3Arqn%3A2%3Au%3A1767812422728688681%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1493%3Apri%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C1195%2C11%2C1730%2C1730%2C1%2C1587%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1767812420477%3Agi%3AR0ExLjEuMTIyNTg3NTc2NC4xNzY3ODEyNDIy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1767812437\u0026t=gdpr%2814%29clc%280-0-0%29rqnt%282%29aw%281%29rcm%281%29cdl%28na%29eco%2883952128%29oms%280%29prs%282%29w2s%280%29ti%280%29\u0026force-urlencoded=1\u0026redirnss=1","fqdn":"mc.yandex.com","domain":"yandex.com","tld":"com"},"ip":{"addr":"87.250.251.119","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:37.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mc.yandex.ru","organization":"YANDEX LLC"},"issuer":{"commonName":"GlobalSign ECC OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sat, 16 Aug 2025 21:04:26 GMT","end":"Mon, 26 Jan 2026 20:59:59 GMT"},"fingerprint":{"sha1":"D5:81:10:72:92:60:58:7F:80:93:7E:45:E9:F2:3C:B1:71:E4:DE:01","sha256":"20:E7:5E:F7:C1:4C:FA:9B:3C:3A:CE:9D:DE:4D:CB:D9:73:21:D5:25:E5:F7:14:4F:43:D7:68:E1:B7:DA:3C:43"}}},"request":{"raw":"GET /watch/95969146/1?page-url=https%3A%2F%2Fcm.cima3bdo.com%2F\u0026charset=utf-8\u0026hidv2=18170240416372490247\u0026hittoken=1767812422_7b2aefaad702852cc72178532787906d58278d5d18ebc157a50bcc9affaa0b7c\u0026browser-info=nb%3A1%3Acl%3A406%3Aar%3A1%3Avf%3A6dxo56vtzxy1twennuh7smrkk0uzf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2331%3Acn%3A1%3Adp%3A0%3Als%3A1599577948585%3Ahid%3A340809905%3Az%3A0%3Ai%3A20260107190036%3Aet%3A1767812437%3Ac%3A1%3Arn%3A234346762%3Arqn%3A2%3Au%3A1767812422728688681%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A1493%3Apri%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C1195%2C11%2C1730%2C1730%2C1%2C1587%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1767812420477%3Agi%3AR0ExLjEuMTIyNTg3NTc2NC4xNzY3ODEyNDIy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1767812437\u0026t=gdpr%2814%29clc%280-0-0%29rqnt%282%29aw%281%29rcm%281%29cdl%28na%29eco%2883952128%29oms%280%29prs%282%29w2s%280%29ti%280%29\u0026force-urlencoded=1\u0026redirnss=1 HTTP/1.1\r\nHost: mc.yandex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cm.cima3bdo.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 43\r\ncontent-type: image/gif\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\nexpires: Wed, 07-Jan-2026 19:00:37 GMT\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nset-cookie: bh=YNXa+soGahfcyuH/CJLYobEDn8/14QzlyPCOA5S2Ag==; Path=/; Domain=.yandex.com; Expires=Thu, 11 Feb 2027 19:00:37 GMT; SameSite=None; Secure\r\nlast-modified: Wed, 07-Jan-2026 19:00:37 GMT\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"df3e567d6f16d040326c7a0ea29a4f41","sha1":"ea7df583983133b62712b5e73bffbcd45cc53736","sha256":"548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87","sha512":"b2ca25a3311dc42942e046eb1a27038b71d689925b7d6b3ebb4d7cd2c7b9a0c7de3d10175790ac060dc3f8acf3c1708c336626be06879097f4d0ecaa7f567041","ssdeep":"","tlshash":"c2900003caa08002c2a2c0300a0a03002f88a2300228030e80bc30acec3a3a22c02000","first_seen":"2023-04-05T03:49:37Z","last_seen":"2026-04-04T02:36:00.835612Z","times_seen":91546,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":44,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cm.cima3bdo.com/assets/themes/3arbserv/js/bootstrap.min.js","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:21.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cima3bdo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 07:17:26 GMT","end":"Mon, 09 Feb 2026 08:13:31 GMT"},"fingerprint":{"sha1":"EE:28:29:39:64:44:CD:FB:12:ED:FD:2F:8B:FD:ED:BF:FF:E3:FA:43","sha256":"B7:88:A0:BF:8A:AD:B6:4B:4C:E0:7F:FC:11:F9:31:96:AA:59:5F:F9:B3:20:7E:17:32:15:56:06:3F:A7:9F:E9"}}},"request":{"raw":"GET /assets/themes/3arbserv/js/bootstrap.min.js HTTP/1.1\r\nHost: cm.cima3bdo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cm.cima3bdo.com/\r\nCookie: csrf_cookie_VideoOnline=4834c7d132edccb739ec5bc148fb3f57; ci_session=f78886e698079f4680b3bbe80f22ae5718c683cb\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 19:00:21 GMT\r\ncontent-type: text/javascript\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nlast-modified: Wed, 22 Feb 2023 02:03:27 GMT\r\ncache-control: public, max-age=31536000\r\nexpires: Thu, 22 Jan 2026 08:11:19 GMT\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lPUgi4gc5dVbNIy7iadq1mMy9DD9m0iwUd0Vdqj7t7NA2uPkz3rUW5EMnnRX%2BJWQNW2qy6GGRPEStuVVdvSKFjcKM3V3BwZeCOJ2gNQ%3D\"}]}\r\ncf-ray: 9ba5b2905f53b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37045,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (32033)","md5":"5869c96cc8f19086aee625d670d741f9","sha1":"430a443d74830fe9be26efca431f448c1b3740f9","sha256":"53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef","sha512":"8b3b64a1bb2f9e329f02d4cd7479065630184ebaed942ee61a9ff9e1ce34c28c0eecb854458977815cf3704a8697fa8a5d096d2761f032b74b70d51da3e37f45","ssdeep":"768:o2rGy27UwlNqMl95qNmCFejhqs8snmi+CSFXfbx8Gf3Zq7Q:Jg73zhq0GvbJ3ZKQ","tlshash":"b6f28606b23031a147efb1e1525b020e7239696ee906907c78b99af53db9c48717bf3d","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-04T02:27:36.926496Z","times_seen":75280,"resource_available":true,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cm.cima3bdo.com/assets/themes/3arbserv/js/owlcarousel.js","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:21.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cima3bdo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 07:17:26 GMT","end":"Mon, 09 Feb 2026 08:13:31 GMT"},"fingerprint":{"sha1":"EE:28:29:39:64:44:CD:FB:12:ED:FD:2F:8B:FD:ED:BF:FF:E3:FA:43","sha256":"B7:88:A0:BF:8A:AD:B6:4B:4C:E0:7F:FC:11:F9:31:96:AA:59:5F:F9:B3:20:7E:17:32:15:56:06:3F:A7:9F:E9"}}},"request":{"raw":"GET /assets/themes/3arbserv/js/owlcarousel.js HTTP/1.1\r\nHost: cm.cima3bdo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cm.cima3bdo.com/\r\nCookie: csrf_cookie_VideoOnline=4834c7d132edccb739ec5bc148fb3f57; ci_session=f78886e698079f4680b3bbe80f22ae5718c683cb\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 19:00:21 GMT\r\ncontent-type: text/javascript\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nlast-modified: Wed, 22 Feb 2023 02:03:27 GMT\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 07 Jan 2026 20:37:13 GMT\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RfUI6fx8uR4bJZSwL0wQjAYTe%2BfDEwUbNYBKjT8RBUitUzB0IH1%2Br0bTBaSwmqdLeCZA%2BsiL9OHzrbvHqIry6lXVVetfv6kwMZ%2F%2BTdY%3D\"}]}\r\ncf-ray: 9ba5b2906f56b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":79758,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"a03ec7d4c321f6999cc87d6e70b57432","sha1":"825511220ff79208ab53494147e877381ae14594","sha256":"c4678d58c58a630dc8c4456b6a2cda107fd71aac49cf640338ab91b648725f07","sha512":"4a69e421352cf0502a3f27c5e5d52a5d9c3ca98008337bce0bb919fe02231ae040cad0a310935bbe4233b188fb73d4e652f1d4eaea3cf13f826eca68caaad98b","ssdeep":"1536:yXZFH5ld7oIOdwyBhKT/dUP3Y0HXJsVa2fRjcN:yXBld7oIOdwy2doo0HZsVa2fRjcN","tlshash":"8e73b6e1b32e222f4ab6336456beb345f93dc525d10267ad78e8a5dc2491408436effc","first_seen":"2023-03-29T23:09:12Z","last_seen":"2026-01-07T19:00:53.107168Z","times_seen":11,"resource_available":true,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mc.yandex.ru/metrika/tag.js","fqdn":"mc.yandex.ru","domain":"yandex.ru","tld":"ru"},"ip":{"addr":"87.250.251.119","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:21.412Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mc.yandex.ru","organization":"YANDEX LLC"},"issuer":{"commonName":"GlobalSign ECC OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sat, 16 Aug 2025 21:04:26 GMT","end":"Mon, 26 Jan 2026 20:59:59 GMT"},"fingerprint":{"sha1":"D5:81:10:72:92:60:58:7F:80:93:7E:45:E9:F2:3C:B1:71:E4:DE:01","sha256":"20:E7:5E:F7:C1:4C:FA:9B:3C:3A:CE:9D:DE:4D:CB:D9:73:21:D5:25:E5:F7:14:4F:43:D7:68:E1:B7:DA:3C:43"}}},"request":{"raw":"GET /metrika/tag.js HTTP/1.1\r\nHost: mc.yandex.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cm.cima3bdo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 83652\r\ncache-control: max-age=3600\r\ndate: Wed, 07 Jan 2026 19:00:21 GMT\r\naccess-control-allow-origin: *\r\netag: \"694be0fa-146c4\"\r\nlast-modified: Wed, 24 Dec 2025 12:47:54 GMT\r\ntiming-allow-origin: *\r\nset-cookie: bh=YMXa+soGahfcyuH/CJLYobEDn8/14QzlyPCOA5S2Ag==; Path=/; Domain=.yandex.ru; Expires=Thu, 11 Feb 2027 19:00:21 GMT; SameSite=None; Secure\r\ncontent-encoding: br\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 07 Jan 2026 20:00:21 GMT\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":251396,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (676)","md5":"79346c6ff3e59c5c9d6c1aa4ea219da8","sha1":"13129b1a008d9971071ad805aabae7fd93d4039f","sha256":"8983f794d15c2de1cbeb6308c6059a6957c19ebbf6b6c97936dcf48e72b3eda5","sha512":"fafec62f64dbef115359b314b2f1dc7ded854cb90413262d70bffbdaae8e7bf1b7883072cdee95ea3911bacda1184081730513d54809b4a18f3ba754393e990b","ssdeep":"3072:kTSBx1x5T59PJqno4huS8NdMlqRHusBja5pwSxqyCKc:kTSDP5T59PJMo4hiQqRDBu5p7xqy1c","tlshash":"9b34d7c976827472937334b4903f000bb2beac96f54c8965e186d9d57e389ac9237f2d","first_seen":"2025-12-24T17:36:43.25512Z","last_seen":"2026-01-15T06:47:13.603842Z","times_seen":433,"resource_available":true,"data":null}},"time_used":552,"timings":{"blocked":195,"dns":14,"connect":43,"send":0,"wait":59,"receive":97,"ssl":141},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cm.cima3bdo.com/assets/fonts/ge-ss-two-medium.woff","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:21.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cima3bdo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 07:17:26 GMT","end":"Mon, 09 Feb 2026 08:13:31 GMT"},"fingerprint":{"sha1":"EE:28:29:39:64:44:CD:FB:12:ED:FD:2F:8B:FD:ED:BF:FF:E3:FA:43","sha256":"B7:88:A0:BF:8A:AD:B6:4B:4C:E0:7F:FC:11:F9:31:96:AA:59:5F:F9:B3:20:7E:17:32:15:56:06:3F:A7:9F:E9"}}},"request":{"raw":"GET /assets/fonts/ge-ss-two-medium.woff HTTP/1.1\r\nHost: cm.cima3bdo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cm.cima3bdo.com/assets/themes/3arbserv/css/style.css?v=1\r\nCookie: csrf_cookie_VideoOnline=4834c7d132edccb739ec5bc148fb3f57; ci_session=f78886e698079f4680b3bbe80f22ae5718c683cb; _ga_58KJ33P7BQ=GS2.1.s1767812421$o1$g0$t1767812421$j60$l0$h353234366; _ga=GA1.1.1225875764.1767812422; _ym_uid=1767812422728688681; _ym_d=1767812422\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 19:00:22 GMT\r\ncontent-type: font/woff\r\ncontent-length: 15892\r\npriority: u=4,i=?0\r\nlast-modified: Wed, 22 Feb 2023 02:03:27 GMT\r\ncache-control: public, max-age=31536000\r\nexpires: Fri, 23 Jan 2026 07:54:14 GMT\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EAgJO5%2F8m46w5Bjiv%2BPfC7A3eetPRlsQoKykt7n5EyGjnYYDu%2FmNsqOiXq9DT2Q%2FHbvwEoNFIib4yCMy1yCHwanGQVEXOZaM04tV%2FYo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba5b2957f86b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15892,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 15892, version 1.0","md5":"b9d51f54e699dee09df944367b6ad33f","sha1":"31ffbc7b311e0ab0c7e5bcc0ecc098816593fa3b","sha256":"461f73019d91a8336bd7cf36908a8efecc8dea70b88358704169d3e01f837222","sha512":"bdae11e61bbb2b67444cb7d6664fbd6e4d4231659bbb5e3f2eacd4873805dc2ff0a04d477dea41e28017bb12b16378c872b19dfad0e6aa21f005c347f170cc95","ssdeep":"384:Tic15My62ocrz0PXieTcdwTpB2LRgGoKucQd+STy3ABOoJDTGVeo:TiO5My62Zf0wqsDoKucQd+SO3ABfa7","tlshash":"d162d1759174ee2ed6b318f2b0c1258c75f70afbc8363b721862605a04781ad1b7e6f5","first_seen":"2023-05-09T18:15:14Z","last_seen":"2026-03-15T17:37:42.884054Z","times_seen":48,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mc.yandex.com/watch/95969146?wmode=7\u0026page-url=https%3A%2F%2Fcm.cima3bdo.com%2F\u0026charset=utf-8\u0026uah=che%0A0\u0026browser-info=pv%3A1%3Avf%3A6dxo56vtzxy1twennuh7smrkk0uzf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2331%3Acn%3A1%3Adp%3A0%3Als%3A1599577948585%3Ahid%3A340809905%3Az%3A0%3Ai%3A20260107190021%3Aet%3A1767812422%3Ac%3A1%3Arn%3A714417982%3Arqn%3A1%3Au%3A1767812422728688681%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C20%2C140%2C32%2C189%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1767812420477%3Agi%3AR0ExLjEuMTIyNTg3NTc2NC4xNzY3ODEyNDIy%3Arqnl%3A1%3Ast%3A1767812422%3At%3A%D8%B3%D9%8A%D9%85%D8%A7%20%D8%B9%D8%A8%D8%AF%D9%87%20Cimaabdo\u0026t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(83952128)ti(1)","fqdn":"mc.yandex.com","domain":"yandex.com","tld":"com"},"ip":{"addr":"87.250.251.119","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:22.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mc.yandex.ru","organization":"YANDEX LLC"},"issuer":{"commonName":"GlobalSign ECC OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sat, 16 Aug 2025 21:04:26 GMT","end":"Mon, 26 Jan 2026 20:59:59 GMT"},"fingerprint":{"sha1":"D5:81:10:72:92:60:58:7F:80:93:7E:45:E9:F2:3C:B1:71:E4:DE:01","sha256":"20:E7:5E:F7:C1:4C:FA:9B:3C:3A:CE:9D:DE:4D:CB:D9:73:21:D5:25:E5:F7:14:4F:43:D7:68:E1:B7:DA:3C:43"}}},"request":{"raw":"GET /watch/95969146?wmode=7\u0026page-url=https%3A%2F%2Fcm.cima3bdo.com%2F\u0026charset=utf-8\u0026uah=che%0A0\u0026browser-info=pv%3A1%3Avf%3A6dxo56vtzxy1twennuh7smrkk0uzf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2331%3Acn%3A1%3Adp%3A0%3Als%3A1599577948585%3Ahid%3A340809905%3Az%3A0%3Ai%3A20260107190021%3Aet%3A1767812422%3Ac%3A1%3Arn%3A714417982%3Arqn%3A1%3Au%3A1767812422728688681%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C20%2C140%2C32%2C189%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1767812420477%3Agi%3AR0ExLjEuMTIyNTg3NTc2NC4xNzY3ODEyNDIy%3Arqnl%3A1%3Ast%3A1767812422%3At%3A%D8%B3%D9%8A%D9%85%D8%A7%20%D8%B9%D8%A8%D8%AF%D9%87%20Cimaabdo\u0026t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(83952128)ti(1) HTTP/1.1\r\nHost: mc.yandex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cm.cima3bdo.com/\r\nOrigin: https://cm.cima3bdo.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\naccess-control-allow-origin: https://cm.cima3bdo.com\r\nexpires: Wed, 07-Jan-2026 19:00:22 GMT\r\nlast-modified: Wed, 07-Jan-2026 19:00:22 GMT\r\npragma: no-cache\r\nset-cookie: yabs-sid=2678027191767812422; Path=/; SameSite=None; Secure\ni=lkksjaJ+C7+Pv2HhVEpGc39avcNFzx4LaiKXMVi9Ta/OnYtPk7EYIYSwSZbyZ0ZQ39/xW9ZHCVI8CbpO0yNftnJ4mHA=; Expires=Sat, 05-Jan-2036 19:00:21 GMT; Domain=.yandex.com; Path=/; Secure; HttpOnly; SameSite=None\nyandexuid=6242520291767812422; Expires=Sat, 05-Jan-2036 19:00:21 GMT; Domain=.yandex.com; Path=/; Secure; SameSite=None\nyuidss=6242520291767812422; Expires=Thu, 07-Jan-2027 19:00:22 GMT; Domain=.yandex.com; Path=/; SameSite=None; Secure\nymex=1799348422.yrts.1767812422#1799348422.yrtsi.1767812422; Expires=Thu, 07-Jan-2027 19:00:22 GMT; Domain=.yandex.com; Path=/; SameSite=None; Secure\nbh=YMba+soGahfcyuH/CJLYobEDn8/14QzlyPCOA5S2Ag==; Path=/; Domain=.yandex.com; Expires=Thu, 11 Feb 2027 19:00:22 GMT; SameSite=None; Secure\nbh=YMba+soGahfcyuH/CJLYobEDn8/14QzlyPCOA5S2Ag==; Path=/; Domain=.yandex.com; Expires=Thu, 11 Feb 2027 19:00:22 GMT; SameSite=None; Secure\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\naccess-control-allow-credentials: true\r\nx-xss-protection: 1; mode=block\r\nlocation: /watch/95969146/1?wmode=7\u0026page-url=https%3A%2F%2Fcm.cima3bdo.com%2F\u0026charset=utf-8\u0026uah=che%0A0\u0026browser-info=pv%3A1%3Avf%3A6dxo56vtzxy1twennuh7smrkk0uzf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2331%3Acn%3A1%3Adp%3A0%3Als%3A1599577948585%3Ahid%3A340809905%3Az%3A0%3Ai%3A20260107190021%3Aet%3A1767812422%3Ac%3A1%3Arn%3A714417982%3Arqn%3A1%3Au%3A1767812422728688681%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C20%2C140%2C32%2C189%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1767812420477%3Agi%3AR0ExLjEuMTIyNTg3NTc2NC4xNzY3ODEyNDIy%3Arqnl%3A1%3Ast%3A1767812422%3At%3A%D8%B3%D9%8A%D9%85%D8%A7%20%D8%B9%D8%A8%D8%AF%D9%87%20Cimaabdo\u0026t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2883952128%29ti%281%29\u0026redirnss=1\r\nstrict-transport-security: max-age=31536000\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":661,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.yandex.com/watch/95969146/1?wmode=7\u0026page-url=https%3A%2F%2Fcm.cima3bdo.com%2F\u0026charset=utf-8\u0026uah=che%0A0\u0026browser-info=pv%3A1%3Avf%3A6dxo56vtzxy1twennuh7smrkk0uzf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2331%3Acn%3A1%3Adp%3A0%3Als%3A1599577948585%3Ahid%3A340809905%3Az%3A0%3Ai%3A20260107190021%3Aet%3A1767812422%3Ac%3A1%3Arn%3A714417982%3Arqn%3A1%3Au%3A1767812422728688681%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C20%2C140%2C32%2C189%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1767812420477%3Agi%3AR0ExLjEuMTIyNTg3NTc2NC4xNzY3ODEyNDIy%3Arqnl%3A1%3Ast%3A1767812422%3At%3A%D8%B3%D9%8A%D9%85%D8%A7%20%D8%B9%D8%A8%D8%AF%D9%87%20Cimaabdo\u0026t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2883952128%29ti%281%29\u0026redirnss=1","fqdn":"mc.yandex.com","domain":"yandex.com","tld":"com"},"ip":{"addr":"87.250.251.119","port":443,"asn":13238,"as":"YANDEX LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:22.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mc.yandex.ru","organization":"YANDEX LLC"},"issuer":{"commonName":"GlobalSign ECC OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Sat, 16 Aug 2025 21:04:26 GMT","end":"Mon, 26 Jan 2026 20:59:59 GMT"},"fingerprint":{"sha1":"D5:81:10:72:92:60:58:7F:80:93:7E:45:E9:F2:3C:B1:71:E4:DE:01","sha256":"20:E7:5E:F7:C1:4C:FA:9B:3C:3A:CE:9D:DE:4D:CB:D9:73:21:D5:25:E5:F7:14:4F:43:D7:68:E1:B7:DA:3C:43"}}},"request":{"raw":"GET /watch/95969146/1?wmode=7\u0026page-url=https%3A%2F%2Fcm.cima3bdo.com%2F\u0026charset=utf-8\u0026uah=che%0A0\u0026browser-info=pv%3A1%3Avf%3A6dxo56vtzxy1twennuh7smrkk0uzf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2331%3Acn%3A1%3Adp%3A0%3Als%3A1599577948585%3Ahid%3A340809905%3Az%3A0%3Ai%3A20260107190021%3Aet%3A1767812422%3Ac%3A1%3Arn%3A714417982%3Arqn%3A1%3Au%3A1767812422728688681%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C20%2C140%2C32%2C189%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1767812420477%3Agi%3AR0ExLjEuMTIyNTg3NTc2NC4xNzY3ODEyNDIy%3Arqnl%3A1%3Ast%3A1767812422%3At%3A%D8%B3%D9%8A%D9%85%D8%A7%20%D8%B9%D8%A8%D8%AF%D9%87%20Cimaabdo\u0026t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2883952128%29ti%281%29\u0026redirnss=1 HTTP/1.1\r\nHost: mc.yandex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://cm.cima3bdo.com\r\nReferer: https://cm.cima3bdo.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 661\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\naccess-control-allow-credentials: true\r\nexpires: Wed, 07-Jan-2026 19:00:22 GMT\r\npragma: no-cache\r\ncontent-type: application/json; charset=utf-8\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nlast-modified: Wed, 07-Jan-2026 19:00:22 GMT\r\nstrict-transport-security: max-age=31536000\r\nset-cookie: bh=YMba+soGahfcyuH/CJLYobEDn8/14QzlyPCOA5S2Ag==; Path=/; Domain=.yandex.com; Expires=Thu, 11 Feb 2027 19:00:22 GMT; SameSite=None; Secure\r\naccess-control-allow-origin: https://cm.cima3bdo.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":661,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"40476c80ac58979bdd6b80df7e5f71a5","sha1":"1567e4ff718323c222e6da5462caf2665a9c2607","sha256":"f698cc5cf21cdf985f51a7c108a59b4b00948ebfdc4081dc189104511fba5684","sha512":"a21101340ca045ed1b8176080a51e8e5d0cc49915c703fae1d403c90d8834bc9ca8125dda00a09a6e0f6913d6dee59c2d37ee371c9186d6e2eef9df975f0e705","ssdeep":"","tlshash":"dc012d1e854d0a295f1acf7281eb7a0b226931204cc177845bd3cda04ddebb6f68b2a0","first_seen":"2026-01-07T19:00:53.110627Z","last_seen":"2026-01-07T19:00:53.110627Z","times_seen":1,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cloudflareinsights.com/cdn-cgi/rum","fqdn":"cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:22.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Dec 2025 10:36:27 GMT","end":"Fri, 20 Mar 2026 11:36:07 GMT"},"fingerprint":{"sha1":"C6:6A:71:84:C2:40:13:D1:A4:B7:DF:C4:1C:E1:54:F3:76:97:EF:6B","sha256":"EC:09:93:3E:E8:5D:9E:7A:B0:D9:7C:6D:85:49:92:10:89:9F:C8:FF:A5:1B:90:BB:AB:86:7E:D9:BA:0A:1C:4E"}}},"request":{"raw":"POST /cdn-cgi/rum HTTP/1.1\r\nHost: cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 1007\r\nOrigin: https://cm.cima3bdo.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cm.cima3bdo.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1007,"data":"{\"memory\":{},\"resources\":[],\"referrer\":\"\",\"eventType\":1,\"firstPaint\":0,\"firstContentfulPaint\":1493,\"startTime\":1767812420477,\"versions\":{\"js\":\"2024.6.1\",\"timings\":2},\"pageloadId\":\"6142ca5c-5ac4-4633-a51b-55683db47c90\",\"location\":\"https://cm.cima3bdo.com/\",\"nt\":\"navigate\",\"timingsV2\":{\"unloadEventStart\":0,\"unloadEventEnd\":0,\"domInteractive\":1583,\"domContentLoadedEventStart\":1587,\"domContentLoadedEventEnd\":1598,\"domComplete\":1730,\"loadEventStart\":1730,\"loadEventEnd\":1731,\"type\":\"navigate\",\"redirectCount\":0,\"initiatorType\":\"navigation\",\"nextHopProtocol\":\"h3\",\"workerStart\":0,\"redirectStart\":0,\"redirectEnd\":0,\"fetchStart\":189,\"domainLookupStart\":189,\"domainLookupEnd\":189,\"connectStart\":189,\"connectEnd\":209,\"secureConnectionStart\":189,\"requestStart\":216,\"responseStart\":356,\"responseEnd\":388,\"transferSize\":6934,\"encodedBodySize\":5898,\"decodedBodySize\":21608,\"name\":\"https://cm.cima3bdo.com/\",\"entryType\":\"navigation\",\"startTime\":0,\"duration\":1731},\"siteToken\":\"75dffa96adf74372920070e3426c9495\",\"st\":2}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 19:00:22 GMT\r\nserver: cloudflare\r\ncf-ray: 9ba5b2978a50b4f1-OSL\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cima3bdo.com/","fqdn":"cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T19:00:20.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cima3bdo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 07:17:26 GMT","end":"Mon, 09 Feb 2026 08:13:31 GMT"},"fingerprint":{"sha1":"EE:28:29:39:64:44:CD:FB:12:ED:FD:2F:8B:FD:ED:BF:FF:E3:FA:43","sha256":"B7:88:A0:BF:8A:AD:B6:4B:4C:E0:7F:FC:11:F9:31:96:AA:59:5F:F9:B3:20:7E:17:32:15:56:06:3F:A7:9F:E9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cima3bdo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Wed, 07 Jan 2026 19:00:20 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nlocation: https://cm.cima3bdo.com/\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=172800\r\nexpires: Fri, 09 Jan 2026 16:51:33 GMT\r\ncf-cache-status: DYNAMIC\r\nserver-timing: cfCacheStatus;desc=\"DYNAMIC\", cfEdge;dur=10,cfOrigin;dur=66\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lZCllcqerThmoJcjdTNAC8CGShHa2O63GcwNDCG%2F2SaNs%2FOpeVGYgkvA77IEOPBC0ewIYaLd%2BMbS3HihJpulC%2FtLadvhk00Rs3k%3D\"}]}\r\ncf-ray: 9ba5b28c9f5356a9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21608,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":117,"timings":{"blocked":13,"dns":1,"connect":1,"send":0,"wait":80,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cm.cima3bdo.com/","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T19:00:20.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cima3bdo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 07:17:26 GMT","end":"Mon, 09 Feb 2026 08:13:31 GMT"},"fingerprint":{"sha1":"EE:28:29:39:64:44:CD:FB:12:ED:FD:2F:8B:FD:ED:BF:FF:E3:FA:43","sha256":"B7:88:A0:BF:8A:AD:B6:4B:4C:E0:7F:FC:11:F9:31:96:AA:59:5F:F9:B3:20:7E:17:32:15:56:06:3F:A7:9F:E9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cm.cima3bdo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 19:00:20 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Fo8Y8W6U0m0EmQ%2BBN7KGNrbcZzhDH%2FRjUFYiUISohkUtjsIqIi%2Ft%2Fl2UAqeNCkTm7xmq59kKpL3KTGwO2aQBaYxANMMPPyc9M0Kq3H4%3D\"}]}\r\npriority: u=1,i=?0\r\nset-cookie: csrf_cookie_VideoOnline=4834c7d132edccb739ec5bc148fb3f57; expires=Wed, 07-Jan-2026 21:00:20 GMT; Max-Age=7200; path=/\nci_session=f78886e698079f4680b3bbe80f22ae5718c683cb; expires=Fri, 16-Jan-2026 03:00:20 GMT; Max-Age=720000; path=/; HttpOnly\r\ncache-control: max-age=172800, public\r\nexpires: Fri, 09 Jan 2026 19:00:20 GMT\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver-timing: cfCacheStatus;desc=\"DYNAMIC\", cfEdge;dur=12,cfOrigin;dur=119, cfExtPri\r\ncf-ray: 9ba5b28d5f14b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]}],"data":{"size":21608,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (503), with CRLF, LF line terminators","md5":"75936e27c2db47abd5c2c801342e2224","sha1":"7c8217a3d914d02933de295e247d3313c71be947","sha256":"eab6b4fc653117bd20b4de67e55a7acde3597df89754ffee5129c1ab9667edeb","sha512":"225ec80d04bbb7e559f2cfa9c0cda5d36cbdde92141977f8054cac92f8c28aa31908235ea153e1ee67b213cea49abb41183af8e0e387868e458443ac02478916","ssdeep":"384:HPfZf2efBfoIbiu+DgAhf4FoFQF5bFCMqKqikxQ9BNv:H5biHDz+FoFQF5bFC7qBNv","tlshash":"1ea2c6a31d614c221622ca24b7e5b94cef699d33d20efc91b2cd264a5fd6ec3c407678","first_seen":"2026-01-07T19:00:53.11238Z","last_seen":"2026-01-07T19:00:53.11238Z","times_seen":1,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":141,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cm.cima3bdo.com/assets/themes/3arbserv/js/jquery.min.js","fqdn":"cm.cima3bdo.com","domain":"cima3bdo.com","tld":"com"},"ip":{"addr":"104.21.10.55","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cm.cima3bdo.com/","date":"2026-01-07T19:00:21.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cima3bdo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 11 Nov 2025 07:17:26 GMT","end":"Mon, 09 Feb 2026 08:13:31 GMT"},"fingerprint":{"sha1":"EE:28:29:39:64:44:CD:FB:12:ED:FD:2F:8B:FD:ED:BF:FF:E3:FA:43","sha256":"B7:88:A0:BF:8A:AD:B6:4B:4C:E0:7F:FC:11:F9:31:96:AA:59:5F:F9:B3:20:7E:17:32:15:56:06:3F:A7:9F:E9"}}},"request":{"raw":"GET /assets/themes/3arbserv/js/jquery.min.js HTTP/1.1\r\nHost: cm.cima3bdo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cm.cima3bdo.com/\r\nCookie: csrf_cookie_VideoOnline=4834c7d132edccb739ec5bc148fb3f57; ci_session=f78886e698079f4680b3bbe80f22ae5718c683cb\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 19:00:21 GMT\r\ncontent-type: text/javascript\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nlast-modified: Wed, 22 Feb 2023 02:03:27 GMT\r\ncache-control: public, max-age=31536000\r\nexpires: Fri, 06 Feb 2026 17:24:08 GMT\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: br\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dTZYeMnS2E4i1u5QXZXw3vKqV6iTsXgSlvUUqpQmnbuSseP9hwR6h%2FajtwPmqktR3UvMgjRNfggHkVyPQiO%2F55LhoeIxRyxps9FEigc%3D\"}]}\r\ncf-ray: 9ba5b2904f50b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":95844,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"27ef0cf5b0aad238d1db627eeb3e267b","sha1":"975c4d7e65f82e15203ca553a5ba51c016a939d2","sha256":"3d65f9e788f7ef78d0e1e40bdce42caf85b1c2b18d8eb1ecc358b113d01265d6","sha512":"2bdc53ad1a5b25057eb246745493939e732e485f690ef65b652b3523ed90032714912b73faca829c24665fe2ca10f404a3d4de9d58168b6b46e2189ca0cf47c3","ssdeep":"1536:YP1vk7i6GUHdXXeyQazBu+4HhiO2AEeL/FoqqhJ7SerN5sVI6xcBIPv7E+nzms9t:74UdoqhJvNPqcBQ7MfWWca98Hrp","tlshash":"3093d8d9b7d67062977730b850bf510bb13a98eab80c4c60f1a4d8e47e74a89507bf2d","first_seen":"2023-03-07T01:12:03Z","last_seen":"2026-03-31T07:27:21.964427Z","times_seen":182,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"cm.cima3bdo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}}]}