{"report_id":"c3da942f-549c-4bf7-a7ee-8aea00f4094a","version":6,"status":"done","tags":[],"date":"2025-10-13T20:04:23Z","url":{"schema":"http","addr":"library.hydra.wiki/library","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.44.206","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"library.hydra.wiki/library","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"title":"Hydra Library | Links for Hydra Launcher"},"submit":{"url":{"schema":"http","addr":"library.hydra.wiki/library","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.44.206","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-17T20:04:23Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":17}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-13T20:04:04Z","timestamp":1760385844,"ip_dst":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.23","port":39746,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare workers.dev Domain in TLS SNI","source":"{\"timestamp\":\"2025-10-13T20:04:04.105501+0000\",\"flow_id\":1407758665811175,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.23\",\"src_port\":39746,\"dest_ip\":\"188.114.96.1\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2051768,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare workers.dev Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_03_22\"],\"deployment\":[\"Perimeter\"],\"malware_family\":[\"Cloudflare_Workers\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Cloudflare_Workers\"],\"updated_at\":[\"2024_03_22\"]}},\"tls\":{\"sni\":\"libraryratingsdb.zxcsixx.workers.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":938,\"bytes_toclient\":3463,\"start\":\"2025-10-13T20:04:04.099559+0000\"}}"}],"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"bettydwarfcoincident.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"bettydwarfcoincident.com","ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2025-03-18","domain_rank":3801613,"first_seen":"2025-09-07T09:45:17.205903Z","last_seen":"2025-09-16T04:09:41.9104Z","alert_count":6,"request_count":6,"received_data":202628,"sent_data":5741,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"professionaltrafficmonitor.com","ip":{"addr":"3.125.105.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-01-23","domain_rank":16376,"first_seen":"2025-01-25T08:56:07.448138Z","last_seen":"2025-10-12T22:34:05.876953Z","alert_count":0,"request_count":4,"received_data":1460,"sent_data":1952,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-10-12T22:12:10.358486Z","alert_count":0,"request_count":1,"received_data":425242,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-10-12T22:12:24.910527Z","alert_count":0,"request_count":1,"received_data":28611,"sent_data":444,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"hydra-library-2-default-rtdb.firebaseio.com","ip":{"addr":"35.201.97.85","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2012-10-15","domain_rank":0,"first_seen":"2025-09-16T04:09:40.870625Z","last_seen":"2025-09-16T04:09:40.870625Z","alert_count":0,"request_count":1,"received_data":254,"sent_data":635,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"flushpersist.com","ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-07-01","domain_rank":23810,"first_seen":"2025-07-08T10:43:12.76905Z","last_seen":"2025-10-08T01:17:43.238436Z","alert_count":4,"request_count":2,"received_data":1060,"sent_data":1540,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"cdn.storageimagedisplay.com","ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2024-09-13","domain_rank":170153,"first_seen":"2024-09-13T12:56:32Z","last_seen":"2025-10-12T22:34:06.069164Z","alert_count":0,"request_count":2,"received_data":61945,"sent_data":964,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"libraryratingsdb.zxcsixx.workers.dev","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-02-08","domain_rank":0,"first_seen":"2025-09-16T04:09:40.866487Z","last_seen":"2025-09-16T04:09:40.866488Z","alert_count":0,"request_count":1,"received_data":6326,"sent_data":1569,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"region1.google-analytics.com","ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-07-18","domain_rank":19689,"first_seen":"2022-03-17T11:26:33Z","last_seen":"2025-10-09T03:46:15.24522Z","alert_count":0,"request_count":2,"received_data":1684,"sent_data":2034,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-10-12T22:15:22.841346Z","alert_count":0,"request_count":2,"received_data":254243,"sent_data":1020,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.show-sb.com","ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-20","domain_rank":187612,"first_seen":"2024-08-31T03:46:04Z","last_seen":"2025-10-13T03:57:20.808603Z","alert_count":1,"request_count":1,"received_data":2284,"sent_data":502,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"challenges.cloudflare.com","ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":11393,"first_seen":"2021-10-20T05:02:03Z","last_seen":"2025-10-12T22:14:22.312153Z","alert_count":0,"request_count":2,"received_data":99761,"sent_data":887,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"library.hydra.wiki","ip":{"addr":"172.66.44.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-05-26","domain_rank":1137277,"first_seen":"2025-09-16T04:09:40.863576Z","last_seen":"2025-09-16T04:09:40.863576Z","alert_count":0,"request_count":13,"received_data":2038407,"sent_data":6091,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"SweetAlert2:11","description":"SweetAlert2 is a JavaScript library that provides customisable, visually appealing, and responsive alert and modal dialog boxes for web applications.","website":"https://sweetalert2.github.io/","common_platform_enumeration":"","icon":"SweetAlert2.svg","categories":["JavaScript libraries"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-10-08T05:41:48.061731Z","alert_count":6,"request_count":2,"received_data":171926,"sent_data":832,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-10-12T22:12:25.402635Z","alert_count":0,"request_count":3,"received_data":122889,"sent_data":1659,"comment":"","tags":null,"fingerprints":null},{"fqdn":"creative-sb1.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-01","domain_rank":22211,"first_seen":"2025-08-08T09:32:32.509707Z","last_seen":"2025-10-13T03:05:29.919249Z","alert_count":10,"request_count":5,"received_data":177801,"sent_data":2330,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"kettledroopingcontinuation.com","ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":196057,"first_seen":"2025-07-30T15:18:19.355595Z","last_seen":"2025-10-12T22:55:24.916727Z","alert_count":6,"request_count":2,"received_data":7677,"sent_data":978,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"rashcolonizeexpand.com","ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":31106,"first_seen":"2025-06-27T17:12:36.133274Z","last_seen":"2025-10-13T03:04:24.143059Z","alert_count":15,"request_count":5,"received_data":9224,"sent_data":2748,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-10-12T22:16:17.945241Z","alert_count":0,"request_count":1,"received_data":79542,"sent_data":426,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2025-10-08T11:21:31.763121Z","alert_count":2,"request_count":1,"received_data":377,"sent_data":421,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-13T20:04:04Z","timestamp":1760385844,"ip_dst":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.23","port":39746,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare workers.dev Domain in TLS SNI","source":"{\"timestamp\":\"2025-10-13T20:04:04.105501+0000\",\"flow_id\":1407758665811175,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.23\",\"src_port\":39746,\"dest_ip\":\"188.114.96.1\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2051768,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare workers.dev Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_03_22\"],\"deployment\":[\"Perimeter\"],\"malware_family\":[\"Cloudflare_Workers\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Cloudflare_Workers\"],\"updated_at\":[\"2024_03_22\"]}},\"tls\":{\"sni\":\"libraryratingsdb.zxcsixx.workers.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":938,\"bytes_toclient\":3463,\"start\":\"2025-10-13T20:04:04.099559+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"c65c1803bb7654fd5ffe3b2a738afce7","sha1":"ed0a93705d9db07f7970398e4d35e26b6eec489a","sha256":"9788199faead0494af1a6ecf9fe089860daf285f13501f70d78f9abae78b3716","sha512":"1fd5cbea5a40f709c746aacab7819e6cef99a1eb80db30944fe4d569f0aa22762684d1a2bba15aedda046a6b88814eeb74148903bedecea78932af195861fce8","ssdeep":"","tlshash":"a1218e36255dcff4125ff33b415577c8bb6680099c05561e725d13c81fc62b892f98a3","size":1271,"data":"","first_seen":"2025-09-16T04:09:44.810607Z","last_seen":"2025-11-22T10:22:53.770783Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bettydwarfcoincident.com/c3/dd/f4/c3ddf49b76d1794238277509594f9009.js","fqdn":"bettydwarfcoincident.com","domain":"bettydwarfcoincident.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"8f8d9d4ef01b07a415dfc47e7dfa94ae","sha1":"f2f555d085015373c96a1506fcddc45180c136a7","sha256":"2e95291afe032fa0f45fb435f73770d6ee73153c563908a9080a5b7856914308","sha512":"5e91869456f2ce8b51e0e84f0af1d7316dd5e581617ac947f110f601dcf8b01aa123a0e19c7bc10993ed2f22938309542223536eaf58940e703dc565a067ed69","ssdeep":"1536:UrysDEFAkM9IWf3pDTf0zpxftTgA4VEIaUb4Ru37oIXDWeGXMtb4cnSzB:EDxk4+BgA4VEIaUb4McBeGXMtb4/","tlshash":"dd83f848bb82b869425620ba331ff01af25a4c421de8d444dd57f8d96fb8b1df637e24","size":84222,"data":"","first_seen":"2025-10-13T20:04:33.481766Z","last_seen":"2025-10-13T20:04:33.481766Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/library","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.47.50","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6dc15da5f456018ca557bd29866b003e","sha1":"0ccc86de9cc3ef5078b16c640baf21b37bbf67e1","sha256":"737bab10f388e684080e023a405a5d80d6145ed0148c1ee8f2a9d191c2db3898","sha512":"f991ce315ba41647caf2da9cbd138e7ce742de1964a452acc88153a8f6940a8a9b748fd454b90b8ce06c79c33c4f9f33707a739ccd45a9e057ad1404baa1d046","ssdeep":"","tlshash":"41f0202917a98a41247328feabcb3000ba62e0435354d6647cde2300af9175d82f6acb","size":571,"data":"","first_seen":"2025-09-16T04:09:44.801933Z","last_seen":"2025-12-04T06:23:17.248904Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/library","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.47.50","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"bbd39c66ee52902c89a0441e48046092","sha1":"c75fa1369fdbd7cbb7ced6cecb80aee64bd4a517","sha256":"6d84462654941ac490bddff37b2ca9da1ac939d376e6f5c1913fb4602cdd202a","sha512":"f96208b7d02ba0fa78f2e9186767806ad9300b849a028f97b045b620a83f853b1a3c74a8e88b7b9dc2ae5772978fd26b54d6d6a1240080fc03a6ee662fd78ec4","ssdeep":"","tlshash":"f3c08c88211b0c7085f72f410b6fa200b00632139492a9223a0eb3844f21e03d784818","size":181,"data":"","first_seen":"2025-09-16T04:09:44.80445Z","last_seen":"2025-12-04T06:23:17.249828Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","size":6293,"data":"","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","size":6293,"data":"","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/library","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.47.50","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f9443dfda93da912342bee2fc141b83a","sha1":"3d9289528c1845b3d1f6b959a2166e11a6ec4c37","sha256":"7c695f4d67960d22552c69f6f441b9a95c9eb6973a17e16a5144295f9c9f0710","sha512":"d271c56f1d9c9033bb4c6de78c8ab2d46744090486613a16b882159fe3f99f72d5a9a357694504d2c86e954f9e39429b38f050f361b53e7bdf56988ea1636c9b","ssdeep":"","tlshash":"e801f42a696f9a325abb607c535a664415329007a804d50c3ddd430c2ff7a4c0637a8a","size":723,"data":"","first_seen":"2025-09-16T04:09:44.806659Z","last_seen":"2025-12-04T06:23:17.250952Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/library","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.47.50","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"84000ebfbcd477321b224ec21ea7dc16","sha1":"543f8b248ccff20fe031616dd5521038f8c5eac8","sha256":"0bbaf6b10f19bb0a0d914616f263c52d314d52bc3ccfd785b32eb719827222ca","sha512":"2499c2427deda263a2a0a782adc6f1eabc82c8f98a0eb9bf01e676de55c8b9ab98ab9fe2f38b0ebdb41f614c795ce56fd54aff036bde5f88fd13a08fd4b248ef","ssdeep":"","tlshash":"6fe0c25e06bb023300a27a66035f10156022c04383b4fc887e8c5720dfa12a19e81f8e","size":321,"data":"","first_seen":"2025-09-16T04:09:44.808845Z","last_seen":"2025-12-04T06:23:17.2526Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/library","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.47.50","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b7703c0d949843fced12296b3a6484b9","sha1":"ddee3942a44ed587672f99a100f29a1539202da1","sha256":"274fbd91111915790ce497f2b47357341c5bebbfc45ddbf69e8f021d94bae868","sha512":"79e229d8914530d9669bdb62073a1702b009a3965249c9838dfeb7b3ae9abdfd6087d35b48b35c061d407b64bb104bb89e80b423df8500b10edd71e39807043b","ssdeep":"","tlshash":"5b618d1d63f70b3a6116327a1fcb7108922091236e57ed5dbc6cc388cfa69214679fb9","size":3249,"data":"","first_seen":"2025-09-16T04:09:44.813439Z","last_seen":"2025-12-04T06:23:17.253466Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f3f10652aa66ae7f083126f3d0441f46","sha1":"6ce59f7009a52ea2f5fd6fd2d5afb4fa2487050f","sha256":"78fe387787c8011054e92e36dd73b45334dead822f40451e51f4c0dcbc209f5e","sha512":"1178fcdc54964d4cb838f8c7fa36f7635f7bd7abf84620dcf09941f0629e2f4ca7914f55e0e9aaf06025d3815a0719f60dccb2ea4ac28aaf7d3967a155229985","ssdeep":"768:1C6jR2KMgalLUU6c9Db6AqBuTB2Uw5jOyhBVNY1EbV9tGcpfBgQfuWVuY8t:r2PgalLUU6cRGul2bhIDt","tlshash":"f1232a583256797226d980e0b17b63437326753ae94ccc50a423d976267cecad233fba","size":49429,"data":"","first_seen":"2025-10-08T16:57:13.37001Z","last_seen":"2026-02-07T17:18:33.488109Z","times_seen":15386,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-TMMPJ1FL95","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"28f868a776deea52da7aef5ab1dfc526","sha1":"a378a56253fbf13b5c67347dc39278bcc45edd43","sha256":"338c4751629de226747fc812dc75d7d27961bf628bce3495f3b16e486ee82b90","sha512":"be37c3766a1671984e6b3ba3cc82103e30999aabd28c615a04b114a3561900b589792278fb0e0438929dfaf126a317434b6410ac0368a63968ebaf7f5138e5fb","ssdeep":"6144:tBmB/yp2a4tM0uwbWZJT+Nju5204O0NsYXdXAQY:TXYJy0KZJu0O8","tlshash":"b79419de73d674225396f078503f018ba57b28a2b44cc89af189cde42e74a9a4177f7c","size":424638,"data":"","first_seen":"2025-10-13T20:04:33.488122Z","last_seen":"2025-10-13T20:04:33.488122Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89492,"data":"","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-04-05T13:23:52.248793Z","times_seen":6520,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/assets/changelog-notification-DE8L6ccS.js","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.44.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"599bf870d7d0177ec85a136b7b67f057","sha1":"a8c68283c135b47589f40586428d7b411790d0c1","sha256":"cf101a62798a2892752ab13bf794973669aba7ac34d5c67e10ddeb498cb9596b","sha512":"18aec2977a6b936b1ffc37ede3691844155732062d94aced3767ac0abeb331f951dbd602e237b281c70a6fce9c7da96392448b3f0ec3f22b08adcd68485277a4","ssdeep":"","tlshash":"89212fd1f21705b4c6c2427b61b897c253fb54ddbc0b800e36aeacc98d88a0c53eda31","size":1387,"data":"","first_seen":"2025-09-16T04:09:44.764406Z","last_seen":"2025-12-04T06:23:17.211458Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/sweetalert2@11","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"84bf7649577880f482fa09b6fcc1e278","sha1":"d5735ae0edadb102025ab13c5150d915152eb681","sha256":"503c737063319300fdedc49f5b838452e827044fb3307b614c469fae490f032a","sha512":"8577593930a47ca4929e174700f0fe64032a266f70e2437f7449a126a7cee024e320035b3a9c913569751e8804ba6caf2c38694d87965d896acbfaae42cbb1e1","ssdeep":"768:4zSRB5DI6wGsHJ/PWmM+ZEVxqFoRkme1LSrQog15fRjYTYUhgC3X65Zx1+MmoeOP:4wk6OJ/PXZNqw3UyDgJZZYyIzIYbRd","tlshash":"bd73f8916a04f03776ab45ae65d1e3047af99405fcb34854f42cc8804fe7d4f2ab7aba","size":78766,"data":"","first_seen":"2025-10-12T21:44:05.38074Z","last_seen":"2026-03-19T17:50:04.009502Z","times_seen":198,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/assets/library-D7OJ_aSo.js","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.47.50","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d9385ff2b1a146f14cf9afea2fdc4c43","sha1":"b43399e39744a6df8aebea839a5fd0f27dd865e1","sha256":"f8e3c0275e5917b8bec8d548a0dd204d0531d99f18fcdf88485480881e8aa5cf","sha512":"2fa7d9816e83298396a49b2ed7fd96e45159bc428ffb834b62085d4e768a07f2ee02690b79c189db9aa94ae418a3184de535ef6cdf59c2a6f8e2729e230dd543","ssdeep":"1536:ndxb+0Ae/pDhCUD2wzlVKpDkplgH8MaF8KWYWx:dxbtAe/ptCUDxVKJkplgH8MA8KXG","tlshash":"d273096131f0093a01db46fb35b55b52ba75c60bf907d448717c89962f8bc82cba3bad","size":74588,"data":"","first_seen":"2025-09-16T04:09:44.791845Z","last_seen":"2025-10-13T20:04:33.54987Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/assets/index-DVkDt3sz.js","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.44.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"ac3918efb53baccd2467b14fd81b1c5f","sha1":"458837aaa223981c0b8c60db9c2df8e344152f9f","sha256":"b26a628b858685209ada859b1e1ad740e8f8f5ab6fa7f89c0ad09817ab7f073a","sha512":"5b36a46eee4ae26a05bc4fcbc3b8638e9b6f5adb496a981a3d296925957b1e5296f3b85f402b7807ef1d5d966e5ed8ce81925900a35ca9ced9b165d3e65fe906","ssdeep":"768:SxpqYZkMZXPQ+zxFw/agw7o62WsPWeaKFUui/:y1wSgZxJaYE/","tlshash":"3313e7661944b49d01436247ee56bb0d28bd03bde7b3c61a1cfd5b2931f22a6c53fb24","size":42920,"data":"","first_seen":"2025-09-16T04:09:44.752621Z","last_seen":"2025-10-13T20:04:33.50562Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/library","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.47.50","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"58210642690eb5d57c652f85238c9113","sha1":"cd1ebe895368675ff1e018b7eb2cafc3922daa01","sha256":"cdb093c5971212ee0b5ba4970551b37daacedde73803e9bc4046e03decdd4009","sha512":"c4a6310e9e2afdeb7cde460205183ffd9baeecabef94fec903b0968a3c13521cb6ac8937c180ca81a37a9549293b2d8c5daec9417b8228157bf7adc960b377e9","ssdeep":"96:qktCYRdTxk/RLY5SqBPPe6PH/LGtPFEqCR3Ek1CRwEBwCRL:qkcYRdC/RLYPfH6PFjCR39CRwlCRL","tlshash":"59d1a92bf4a2293748bb2ef5b34795493e3558072441d80b3aad8b454f53f9088a3efd","size":6240,"data":"","first_seen":"2025-09-16T04:09:44.816215Z","last_seen":"2025-12-04T06:23:17.254213Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bettydwarfcoincident.com/ea/39/e9/ea39e9c2c020a9ed11a3e578c1a25a9b.js","fqdn":"bettydwarfcoincident.com","domain":"bettydwarfcoincident.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"2feefa83228b4b4d3a71d88833ab5336","sha1":"7a827b5c38b7d5bb50ec4b82d2ffddf3669436db","sha256":"d243fbb9628bf675953bd70b8bbff4fe4a36e2f0d13e9319a100394b69a82f88","sha512":"4679f5f5e3731846ac9a73893a21a0ba8f41edd1fbaeb816bf23a1783eed78e95d02345564027c0b02cb635380d0ede7c06d8cba7d999aa575f88666aad7418f","ssdeep":"1536:R94DYewmZykjTzY67ytOUS5VlIXga6kSFf02mdBV4mCzCgiA0eQpE0I9Na2Q:snlT9RCgZ0eQp29Na2Q","tlshash":"28a3a4883f40f17d0796b47a323fa61af0791a01509cd69cf107f1a8ae6674ab43fe65","size":106681,"data":"","first_seen":"2025-10-13T20:04:33.567528Z","last_seen":"2025-10-13T20:04:33.567528Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/assets/firebase-connection-D9-JVH6U.js","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.44.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"8867663e049fd22d50f530b8d025a82c","sha1":"7fa9571c8e8f05381bdf68f43b3db04f6b8ec83b","sha256":"4b450f2ef949820ad8de7194eb1478c11230e8a1af285916434cb46d411b5656","sha512":"3f24de62244b7595953de3bfe0986a6415c26e69f155558e4080bbf004fdb97dfc0fb1dd58b0afe1c523f0bb9c09ab6ea8fde0f72ef87ed8a7901550a8a3178c","ssdeep":"6144:/me+kh8cWgankLwo2Ypi2Zeld8hWjhmkro2fqdTMOTCFgtGRGDC4Jfc0iVOIVW74:/me+kh8cWgankLwo2Ci2ZelMWj4kro2D","tlshash":"ec24f87c3681663317e189ea693b80c7b3199459350f42acb86dc8e62d3958a51ffff0","size":227597,"data":"","first_seen":"2025-09-16T04:09:44.776309Z","last_seen":"2025-12-04T06:23:17.207393Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"rashcolonizeexpand.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:01.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:04:01 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3430\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: bda7ff9eee3a3ed9283a50cf3fc07e8b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6293,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6293), with no line terminators","md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"resource_available":true,"data":null}},"time_used":416,"timings":{"blocked":-1,"dns":29,"connect":92,"send":0,"wait":104,"receive":1,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/sweetalert2@11","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:00.542Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/sweetalert2@11 HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 11.26.2\r\nx-jsd-version-type: version\r\netag: W/\"133ae-1XNa4O2tsQICWrE8UVDZFRUutoE\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Mon, 13 Oct 2025 20:04:00 GMT\r\nage: 40597\r\nx-served-by: cache-fra-eddf8230135-FRA, cache-hel1410034-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 21031\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":78766,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (47779)","md5":"84bf7649577880f482fa09b6fcc1e278","sha1":"d5735ae0edadb102025ab13c5150d915152eb681","sha256":"503c737063319300fdedc49f5b838452e827044fb3307b614c469fae490f032a","sha512":"8577593930a47ca4929e174700f0fe64032a266f70e2437f7449a126a7cee024e320035b3a9c913569751e8804ba6caf2c38694d87965d896acbfaae42cbb1e1","ssdeep":"768:4zSRB5DI6wGsHJ/PWmM+ZEVxqFoRkme1LSrQog15fRjYTYUhgC3X65Zx1+MmoeOP:4wk6OJ/PXZNqw3UyDgJZZYyIzIYbRd","tlshash":"bd73f8916a04f03776ab45ae65d1e3047af99405fcb34854f42cc8804fe7d4f2ab7aba","first_seen":"2025-10-12T21:44:05.38074Z","last_seen":"2026-03-19T17:50:04.009502Z","times_seen":198,"resource_available":true,"data":null}},"time_used":151,"timings":{"blocked":58,"dns":0,"connect":14,"send":0,"wait":17,"receive":1,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=450c8c26-18fb-43f3-960d-547a37a6288a\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=ea39e9c2c020a9ed11a3e578c1a25a9b\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=20","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:02.621Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=450c8c26-18fb-43f3-960d-547a37a6288a\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=ea39e9c2c020a9ed11a3e578c1a25a9b\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=20 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:04:02 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 1\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 54ac2c709f7417e35fa0c09e118f36b1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":699,"timings":{"blocked":300,"dns":4,"connect":97,"send":0,"wait":95,"receive":1,"ssl":197},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/g/e9c9e9d67513/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:00.858Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /turnstile/v0/g/e9c9e9d67513/api.js HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:00 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nlast-modified: Wed, 08 Oct 2025 12:56:11 GMT\r\ncache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 98e171915b111525-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49429,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (49428)","md5":"f3f10652aa66ae7f083126f3d0441f46","sha1":"6ce59f7009a52ea2f5fd6fd2d5afb4fa2487050f","sha256":"78fe387787c8011054e92e36dd73b45334dead822f40451e51f4c0dcbc209f5e","sha512":"1178fcdc54964d4cb838f8c7fa36f7635f7bd7abf84620dcf09941f0629e2f4ca7914f55e0e9aaf06025d3815a0719f60dccb2ea4ac28aaf7d3967a155229985","ssdeep":"768:1C6jR2KMgalLUU6c9Db6AqBuTB2Uw5jOyhBVNY1EbV9tGcpfBgQfuWVuY8t:r2PgalLUU6cRGul2bhIDt","tlshash":"f1232a583256797226d980e0b17b63437326753ae94ccc50a423d976267cecad233fba","first_seen":"2025-10-08T16:57:13.37001Z","last_seen":"2026-02-07T17:18:33.488109Z","times_seen":15386,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:01.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:07:02 GMT","end":"Sat, 29 Nov 2025 00:07:01 GMT"},"fingerprint":{"sha1":"AD:4F:15:9E:60:62:A7:16:BA:4B:37:64:C6:01:6B:2B:99:47:89:BE","sha256":"44:74:EA:98:35:48:9C:28:63:20:61:17:18:F6:2B:0A:57:68:36:F4:EF:B0:67:1E:C0:7C:41:30:13:2C:02:F1"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:04:01 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 0824be03be86039be04fa9ed4cd5ede9\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":195,"timings":{"blocked":79,"dns":1,"connect":17,"send":0,"wait":25,"receive":6,"ssl":62},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:02.775Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nOrigin: https://library.hydra.wiki\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:03 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa8501-d9f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jmBXqunvyUknLpWykfsxLXYlQ7Oc4T50THZGgA5G4BDTp%2B3DqSCrDrTec7Nf0BmQuJORt%2B06NgslWAPrKj3IfXiltYrfRKMyxUtpRoz0RdU%3D\"}]}\r\ncf-ray: 98e1719e0996b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3487,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f9f1955433320a3b43c5741f2bde9a3d","sha1":"3b70c2a57fad02833bf227d8b6a0391ac8b98432","sha256":"cbb99d697521db3b645225c1b50873e6aa8a39c91afcc7c8dd756746b8bf2645","sha512":"7a1022ad699c484dd3b7e5a870d01b8baa4a357f203d6dd73ddaa237bd1aa8d2cd5a599077c261dd6ea45cdaa685285aba8b844090fdef7fa0f0b9ecf4a70fda","ssdeep":"","tlshash":"7a710f863b7916047427d96a38112b5777198103aa4fdd74afd1381cceca38acaa33cf","first_seen":"2024-09-26T07:50:15Z","last_seen":"2026-01-25T21:57:17.035488Z","times_seen":2145,"resource_available":false,"data":null}},"time_used":739,"timings":{"blocked":110,"dns":23,"connect":1,"send":0,"wait":511,"receive":0,"ssl":85},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/6c/c8/c6/6cc8c6b6600a89a01d37b41d2c57396ae22a21974890cebcb7f717010b54ae54.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:02.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/6c/c8/c6/6cc8c6b6600a89a01d37b41d2c57396ae22a21974890cebcb7f717010b54ae54.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:03 GMT\r\ncontent-type: image/png\r\ncontent-length: 15151\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 25 May 2025 02:18:00 GMT\r\netag: \"68327dd8-3b2f\"\r\nexpires: Wed, 15 Oct 2025 20:04:03 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15151,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"a35cb578e3c8889f9d2d8e3a9e520bbc","sha1":"f390ccf18911be8210267a1fb27529da10081347","sha256":"554a79788b15330de1e48f1c482acaed20d1e3998e4daed2175530e89ac5e48a","sha512":"6c003106f7f02ae78774b98f5e5e8736189265dda55429c72a1ab2b387f1d8c6406c7f323a1608af14c0b07ad370c797409977a5c751a2e04a8c98236b0e6e2f","ssdeep":"384:z0sxi+mWivrxHMC8F5ONWxBGTgnbTYwxQKQVd:zfk+mW8NWxB5YwxQtL","tlshash":"e162d0c5e4c578d3e98bc3aacdd3286d66295f235e7df01e55f88dca012011b1c78a23","first_seen":"2025-04-17T18:37:55.427701Z","last_seen":"2026-01-06T02:07:44.501457Z","times_seen":1596,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":116,"dns":0,"connect":0,"send":0,"wait":61,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bettydwarfcoincident.com/impr.gif?sid=H4sIAAAAAAAC_1RSP2wjxRudzV11v-InAqICyQUFkYiz__xnueJEOIIickmUC0qRanZm1xk83llmdr2Oq4hI6CQan0QBiGL9nFwEnBDQIAqkyKGLhISpUlwaaiqka0FOLAVe8X3v05vife-bj4f5JfGQ04vNB6ovpKRLtapdeX1HJFwVprK-XXHsqn23siOSun-30psW3X3T8fyqvVB5N2JtteTajm07tlNZETqKVW_pSoVInwZONbCrvlt1aj56-r-zyS0YaoF3L8k8BJ_8_494F4KNkXS-ux-ZdqbSN97p5JJmSqPLT95P2okqEnRuaKwtxMnJ7DWUmRDy2RxUcjLbAKp7NN0AoZiQuZefIUxOZjYRdo-vnYYSUYKQ_w9Fd4xIjiHoGEwdQvDfCMA41jeQdJ6sK13Q_WuVTtUJuf38L4hiQm4_ewlJ59tlKXqVh0rmmVCJQS8uIXpjiNYYaX6GrD8HUZyBZR9B8F_J0vM1JJ2jDSMVBL94za_ZrMnc-qLTjMNF34u9xaBu88Wa36Beg9bdZpNeRSTiMaiZQ24s5MJCHlvIUwsdflHx7abPHOrV44Czhu1T3-dRaAdN17ZpwBrI2dT7AFk6AJMDMH2AVB-gLQbQ-SnMXgnDLZiMoMtLFBFBYQgKSlAIgiIjKLrlMZfGNeUTLk0eOrPuzrpXjlTWGtJjlbWihIDqATQvj0T6oTkEy26N-rHhIzUtNMzKEQ15OUwvyQvTWK0vrTtoRxcV5nEe-0HYqHOnEfiu13QbjZod1AI_Dmw7gBElhJkDNRb6YkIeDOeRiglZ-CRCSM9g5BmYmAfNXwUtStC9Ev3kBylCTfV-dW-fa1otRFuAqxJpdhvZvjWUl-TF0db28unVjXcXThGx83s_fT7FF2C6RKpLfCB-IWjJR6MtVZCjLVUY8v1GmomO6NPp_R9mNItuff1etF8ozVfvm8FXb7GpMKVPtyOTrdGEi6RlyDfLgvNIryjNIvLzqtmJws3c7C3nOsnTtc23V1Y7qY6MESoZg4oJuVO-AiYmZP7vx1d_2_v0R7D0ACa98WkUQZhakIJARudkBtCwhPnXHN7woXmElrZAs0MknRJdXaIrS1A5gMlvjbJUn9_73bsCQmmNQqmto1Bq-fg6JyMuKrEXucy2m4264zXjyPF8zuJa0w94ndqeFyEzk70_d91_AgAA__9Iu5L4fgQAAA==","fqdn":"bettydwarfcoincident.com","domain":"bettydwarfcoincident.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:03.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bettydwarfcoincident.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Sep 2025 21:00:25 GMT","end":"Sat, 13 Dec 2025 21:00:24 GMT"},"fingerprint":{"sha1":"66:64:9F:A1:CC:C1:A4:9C:18:11:5A:53:39:D8:CC:92:52:D2:7D:CD","sha256":"1F:99:48:34:FF:08:5E:FE:D9:26:9A:D6:3D:CF:5A:90:5C:4D:3D:81:03:E0:F4:78:51:7D:0C:BB:25:60:8F:D4"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSP2wjxRudzV11v-InAqICyQUFkYiz__xnueJEOIIickmUC0qRanZm1xk83llmdr2Oq4hI6CQan0QBiGL9nFwEnBDQIAqkyKGLhISpUlwaaiqka0FOLAVe8X3v05vife-bj4f5JfGQ04vNB6ovpKRLtapdeX1HJFwVprK-XXHsqn23siOSun-30psW3X3T8fyqvVB5N2JtteTajm07tlNZETqKVW_pSoVInwZONbCrvlt1aj56-r-zyS0YaoF3L8k8BJ_8_494F4KNkXS-ux-ZdqbSN97p5JJmSqPLT95P2okqEnRuaKwtxMnJ7DWUmRDy2RxUcjLbAKp7NN0AoZiQuZefIUxOZjYRdo-vnYYSUYKQ_w9Fd4xIjiHoGEwdQvDfCMA41jeQdJ6sK13Q_WuVTtUJuf38L4hiQm4_ewlJ59tlKXqVh0rmmVCJQS8uIXpjiNYYaX6GrD8HUZyBZR9B8F_J0vM1JJ2jDSMVBL94za_ZrMnc-qLTjMNF34u9xaBu88Wa36Beg9bdZpNeRSTiMaiZQ24s5MJCHlvIUwsdflHx7abPHOrV44Czhu1T3-dRaAdN17ZpwBrI2dT7AFk6AJMDMH2AVB-gLQbQ-SnMXgnDLZiMoMtLFBFBYQgKSlAIgiIjKLrlMZfGNeUTLk0eOrPuzrpXjlTWGtJjlbWihIDqATQvj0T6oTkEy26N-rHhIzUtNMzKEQ15OUwvyQvTWK0vrTtoRxcV5nEe-0HYqHOnEfiu13QbjZod1AI_Dmw7gBElhJkDNRb6YkIeDOeRiglZ-CRCSM9g5BmYmAfNXwUtStC9Ev3kBylCTfV-dW-fa1otRFuAqxJpdhvZvjWUl-TF0db28unVjXcXThGx83s_fT7FF2C6RKpLfCB-IWjJR6MtVZCjLVUY8v1GmomO6NPp_R9mNItuff1etF8ozVfvm8FXb7GpMKVPtyOTrdGEi6RlyDfLgvNIryjNIvLzqtmJws3c7C3nOsnTtc23V1Y7qY6MESoZg4oJuVO-AiYmZP7vx1d_2_v0R7D0ACa98WkUQZhakIJARudkBtCwhPnXHN7woXmElrZAs0MknRJdXaIrS1A5gMlvjbJUn9_73bsCQmmNQqmto1Bq-fg6JyMuKrEXucy2m4264zXjyPF8zuJa0w94ndqeFyEzk70_d91_AgAA__9Iu5L4fgQAAA== HTTP/1.1\r\nHost: bettydwarfcoincident.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=450c8c26-18fb-43f3-960d-547a37a6288a:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27001098=1; slecc3ddf49b76d1794238277509594f9009=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Mon, 13 Oct 2025 20:04:03 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nSet-Cookie: iprc_l+f2980b0254ed3aa63d7fe289c1139f55=5974464; expires=Tue, 14 Oct 2025 20:04:03 GMT; path=/; secure; SameSite=None\niprc_l:5974464=1; expires=Tue, 14 Oct 2025 20:04:03 GMT; path=/; secure; SameSite=None\r\nHost: bettydwarfcoincident.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3f636bb4e1348d1a4c71b414f558319f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"bettydwarfcoincident.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.125.105.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:01.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nOrigin: https://library.hydra.wiki\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:01 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://library.hydra.wiki\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=55621db3-a1c2-44bd-bbbd-af95ddeecdf0:1:1; expires=Thu, 11 Oct 2035 20:04:01 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"68006992d481dd307c3f5b38570e0539","sha1":"da08ce1b69d9115e81f6221e1b6a76af97a40105","sha256":"9706ad3b1ab88a3821e0463d7f7bb7b16936847c848bc149e26659280be913b7","sha512":"2f2a607289d206c945bf0b2ea29c8760a644f0535555a798cb592993de78874a54dc73b3812cd4c26b372fc77ffae121db5f79f53ce5372ae1405e7c1a2bad58","ssdeep":"","tlshash":"d290041c51c14550d5101f051d5531f7450333cd540451c4105c43d0c0455771fd41c1","first_seen":"2025-10-13T20:04:33.417318Z","last_seen":"2025-10-13T20:04:33.417318Z","times_seen":1,"resource_available":false,"data":null}},"time_used":463,"timings":{"blocked":220,"dns":16,"connect":22,"send":0,"wait":21,"receive":0,"ssl":173},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/data/resources.json","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.44.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:01.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"library.hydra.wiki","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Sep 2025 16:04:07 GMT","end":"Sat, 20 Dec 2025 17:03:56 GMT"},"fingerprint":{"sha1":"5B:2D:A9:8A:C5:31:B1:17:A2:92:5F:3E:FF:3A:42:25:E1:6A:9B:BF","sha256":"26:06:3B:12:02:9C:0F:73:31:99:81:A0:C1:32:89:62:7C:3E:BB:35:DB:71:AE:2F:68:0F:06:33:3B:FE:B5:D5"}}},"request":{"raw":"GET /data/resources.json HTTP/1.1\r\nHost: library.hydra.wiki\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/library\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_TMMPJ1FL95=GS2.1.s1760385841$o1$g0$t1760385841$j60$l0$h0; _ga=GA1.1.97542192.1760385842\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:01 GMT\r\ncontent-type: application/json\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2X%2BZGtV4sCuLorI4DDYKHUbcq3A0wknpfpTuaqMXjzjigRJ6Dv3Vfl6ZRhIHw7Ep52JdL5I0uMGfJnNishFN1AeIcwec3jDKl6azQ5W8tfE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"e54e9c899bed358c2fabcf2cd6b78dc2\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 98e171978c6a568a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19843,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"80c97fa5822776531fa00a8af7c08640","sha1":"5e8953f8c1d26f38f42121502df9b4fd539a4014","sha256":"aecee9548d43efea1ad9ec82aadc8b3cdbeda82115bbe7a9eec07843f9a021d6","sha512":"23fc434a47adf855f4ff8ecb9ebf6ac5cf33f79ee1597e3b359bbe4974f01917f3752447f1a0a7dc9e9c4c55f57daedd75844a29dffe0d140a913300357b087f","ssdeep":"384:ocdNOTqBCZ0vxn+BCFxiMFdn3vkyvaG4X4FM4P5pNBiNYbR/2M:ocvOeBCZ0vxn+kFxiYd37SGomM4P5pNj","tlshash":"5092e03ac5211e6301e902b29c7a21ddb260431f9e947848bb8d805c1fbd5ef997bf6d","first_seen":"2025-10-13T20:04:33.42629Z","last_seen":"2025-10-13T20:04:33.42629Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2213,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"libraryratingsdb.zxcsixx.workers.dev/api/ratings?batch=true\u0026sources=AtopGames,SteamRip%20%5BDIRECT%20DOWNLOAD%20%2F%20NO%20TORRENT%5D,DODI,Empress,FitGirl,KaOsKrew,Online-Fix,Tiny-Repacks,ByXatab,RuTracker%20%7C%20All%20Categories,David%20Kazumi,HydraSources(RUSSIAN),Shisuy%27s%20Source,Free%20GOG,Wkeynhk%20Source,AtopGames(RU),SteamRip(RU)%20%5BDIRECT%20DOWNLOAD%20%2F%20NO%20TORRENT%5D,DODI(RU),Empress(RU),FitGirl(RU),KaOsKrew(RU),Online-Fix(RU),Tiny-Repacks(RU),ByXatab(RU),Free%20GOG(RU),LinuxRulez!,Erotorrent.ru%20by%20sodalite,TapochekNet%20%7C%20Windows%2C%20Linux%2C%20Mac%20games,TheLastGame,RuTracker%20%7C%20Linux%20only,GGVV%20Source%20%7C%20Linux%20only,HydraSources.su%20%7C%20nnmclub,HydraSources.su%20%7C%20FreeTp.Org,Trash-xrl%20source,Gestapo%27s%20Source,Bumyy%20Software,Achievement%20HUB,VX%20VULGO,Warph%20Collection%20(GOG)%20(Direct%2FTorrent),Pub%27s%20Lounge%20%7C%20Offline%20Activation,Nexus,IrisHub,SteamRip%20%7C%20Made%20by%20Vinikjkkj,FitGirl%20%7C%20Made%20by%20Vinikjkkj,SteamGG%20%7C%20by%20Wkeynhk,Skidrow%20(By%20Merabet4mine),Skidrow%20%26%20Reloaded%20(By%20Altansar69),GamesTorrents%20(By%20Altansar69)","fqdn":"libraryratingsdb.zxcsixx.workers.dev","domain":"zxcsixx.workers.dev","tld":"workers.dev"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:04.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zxcsixx.workers.dev","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 1","organization":"CLOUDFLARE, INC."},"validity":{"start":"Sun, 21 Sep 2025 12:10:38 GMT","end":"Sat, 20 Dec 2025 12:17:40 GMT"},"fingerprint":{"sha1":"87:AF:07:DB:D5:48:FB:87:AB:02:24:91:A8:71:64:72:DF:80:CB:9D","sha256":"31:1F:FE:15:43:57:B0:43:EE:6A:FB:63:A9:6C:30:6F:E8:F3:FC:40:9E:FD:BD:03:AF:24:C5:A6:15:EF:CF:E2"}}},"request":{"raw":"GET /api/ratings?batch=true\u0026sources=AtopGames,SteamRip%20%5BDIRECT%20DOWNLOAD%20%2F%20NO%20TORRENT%5D,DODI,Empress,FitGirl,KaOsKrew,Online-Fix,Tiny-Repacks,ByXatab,RuTracker%20%7C%20All%20Categories,David%20Kazumi,HydraSources(RUSSIAN),Shisuy%27s%20Source,Free%20GOG,Wkeynhk%20Source,AtopGames(RU),SteamRip(RU)%20%5BDIRECT%20DOWNLOAD%20%2F%20NO%20TORRENT%5D,DODI(RU),Empress(RU),FitGirl(RU),KaOsKrew(RU),Online-Fix(RU),Tiny-Repacks(RU),ByXatab(RU),Free%20GOG(RU),LinuxRulez!,Erotorrent.ru%20by%20sodalite,TapochekNet%20%7C%20Windows%2C%20Linux%2C%20Mac%20games,TheLastGame,RuTracker%20%7C%20Linux%20only,GGVV%20Source%20%7C%20Linux%20only,HydraSources.su%20%7C%20nnmclub,HydraSources.su%20%7C%20FreeTp.Org,Trash-xrl%20source,Gestapo%27s%20Source,Bumyy%20Software,Achievement%20HUB,VX%20VULGO,Warph%20Collection%20(GOG)%20(Direct%2FTorrent),Pub%27s%20Lounge%20%7C%20Offline%20Activation,Nexus,IrisHub,SteamRip%20%7C%20Made%20by%20Vinikjkkj,FitGirl%20%7C%20Made%20by%20Vinikjkkj,SteamGG%20%7C%20by%20Wkeynhk,Skidrow%20(By%20Merabet4mine),Skidrow%20%26%20Reloaded%20(By%20Altansar69),GamesTorrents%20(By%20Altansar69) HTTP/1.1\r\nHost: libraryratingsdb.zxcsixx.workers.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nOrigin: https://library.hydra.wiki\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 429 Too Many Requests\r\ndate: Mon, 13 Oct 2025 20:04:04 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I2OHOnxOCXr%2F7dDzP4ejJSlgg9HOD1mvICWrri51aF6Z1cB6brjcyMVa9572QhSWmScAlBAEYWC3HkAEiIVWabU4yytuQ8L4GjWYWQ1xqEtSh96WihTo15Kt%2BJJXIGDvxXPwPQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 98e171a97a75783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"429","status_text":"Too Many Requests","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5569,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (396)","md5":"87162ae41ff66b31adb5332e4743c94e","sha1":"8d08e38c404a209978b562b4c846168a70c1b0dc","sha256":"e9e0ce2ddca8eb4157f63d638e2303c3275ca78edb75ccdb0d5dfccff7bdf974","sha512":"d4cdc5e641d6b696b6e3928306b9b425f6c1ec4a646a5f36a9e503b8deee6f3a0c2657a23dccbe1486d7fe9990429043c0a1503762ca1f840ac7fc175e0338cb","ssdeep":"96:1j9jwIjOH6PDK/D5DMF5kJMw66hZrudUE32cbGOJl28ztmWtaQxnbS:1j9jhjOHEK/Vo5AMw66hwjv7zsebS","tlshash":"0ab1863afaf8517f00a6826626aee3057eb08153e7e7455437ed82380f4ee95ea171d0","first_seen":"2025-10-13T20:04:33.431437Z","last_seen":"2025-10-13T20:04:33.431437Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1305,"timings":{"blocked":649,"dns":33,"connect":1,"send":0,"wait":6,"receive":0,"ssl":613},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/library","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.47.50","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-13T20:04:00.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"library.hydra.wiki","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Sep 2025 16:04:07 GMT","end":"Sat, 20 Dec 2025 17:03:56 GMT"},"fingerprint":{"sha1":"5B:2D:A9:8A:C5:31:B1:17:A2:92:5F:3E:FF:3A:42:25:E1:6A:9B:BF","sha256":"26:06:3B:12:02:9C:0F:73:31:99:81:A0:C1:32:89:62:7C:3E:BB:35:DB:71:AE:2F:68:0F:06:33:3B:FE:B5:D5"}}},"request":{"raw":"GET /library HTTP/1.1\r\nHost: library.hydra.wiki\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:00 GMT\r\ncontent-type: text/html; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X414VDsmvB082T9MTw8dLp9ae6U9d9549oQL1q94VxUiaxT9BJM84XAZIhOxVJB8wEB2I8HAJcfBEOxz6BcxIqg4%2FpVr5FRoSyyF6qlVAH7GNA%3D%3D\"}]}\r\netag: W/\"f69f4241f668f6bb2361f953f24e63b6\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 98e1718ebd7f3181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"SweetAlert2:11","description":"SweetAlert2 is a JavaScript library that provides customisable, visually appealing, and responsive alert and modal dialog boxes for web applications.","website":"https://sweetalert2.github.io/","common_platform_enumeration":"","icon":"SweetAlert2.svg","categories":["JavaScript libraries"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}],"data":{"size":77020,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (348)","md5":"49c9e81324a0c47ff6efb89a1040aa49","sha1":"88b80c3b2b4c5605882d033a702b5e53dbce1c4e","sha256":"5f15ada4cb25ed345053eda3a399ffcdb9c048b6bc4dfc11f1b5e15ddfa9b3f0","sha512":"6ce53524bc98cd381d1f8d7331fc945d20b8db59908e6bce9f0bc1118b997c89aae4951a14d8dd3371afaf09ba95b52a7ab27840ad42a864e5ee15117e443bb5","ssdeep":"768:Lp36DWdw/gEhK0TMEz9EnFxY4Qmf9eqeoeHete0F6ek9sBSKTRQjee6e4e3eNeM/:LplEhPMEzeF9/9xXKMNFh+IPhH6sZ","tlshash":"f373735675f209bb019793b527a62a2efeb8d707c65bdc0876ad07901fc3d828c4366c","first_seen":"2025-09-16T04:09:44.798714Z","last_seen":"2025-10-13T20:04:33.445255Z","times_seen":2,"resource_available":false,"data":null}},"time_used":109,"timings":{"blocked":34,"dns":9,"connect":5,"send":0,"wait":40,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/assets/firebase-connection-D9-JVH6U.js","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.44.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:00.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"library.hydra.wiki","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Sep 2025 16:04:07 GMT","end":"Sat, 20 Dec 2025 17:03:56 GMT"},"fingerprint":{"sha1":"5B:2D:A9:8A:C5:31:B1:17:A2:92:5F:3E:FF:3A:42:25:E1:6A:9B:BF","sha256":"26:06:3B:12:02:9C:0F:73:31:99:81:A0:C1:32:89:62:7C:3E:BB:35:DB:71:AE:2F:68:0F:06:33:3B:FE:B5:D5"}}},"request":{"raw":"GET /assets/firebase-connection-D9-JVH6U.js HTTP/1.1\r\nHost: library.hydra.wiki\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/assets/library-D7OJ_aSo.js\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:00 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L22wW4hIChJWXIicfiE4rQwVEk9UfFXWYUKyWDIRc0C%2FEY3GJ%2ByTPsH7Ngd6bFJr6HXLuEtNw9Ib89NmDf%2F9SRYT6YMYItUg4b841n1SFWQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"6d87a772d28bcacc94dfac958fd849f1\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 98e1718fbcb4568a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":227597,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4791)","md5":"8867663e049fd22d50f530b8d025a82c","sha1":"7fa9571c8e8f05381bdf68f43b3db04f6b8ec83b","sha256":"4b450f2ef949820ad8de7194eb1478c11230e8a1af285916434cb46d411b5656","sha512":"3f24de62244b7595953de3bfe0986a6415c26e69f155558e4080bbf004fdb97dfc0fb1dd58b0afe1c523f0bb9c09ab6ea8fde0f72ef87ed8a7901550a8a3178c","ssdeep":"6144:/me+kh8cWgankLwo2Ypi2Zeld8hWjhmkro2fqdTMOTCFgtGRGDC4Jfc0iVOIVW74:/me+kh8cWgankLwo2Ci2ZelMWj4kro2D","tlshash":"ec24f87c3681663317e189ea693b80c7b3199459350f42acb86dc8e62d3958a51ffff0","first_seen":"2025-09-16T04:09:44.776309Z","last_seen":"2025-12-04T06:23:17.207393Z","times_seen":4,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/assets/firebase-connection-D9-JVH6U.js","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.44.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:01.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"library.hydra.wiki","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Sep 2025 16:04:07 GMT","end":"Sat, 20 Dec 2025 17:03:56 GMT"},"fingerprint":{"sha1":"5B:2D:A9:8A:C5:31:B1:17:A2:92:5F:3E:FF:3A:42:25:E1:6A:9B:BF","sha256":"26:06:3B:12:02:9C:0F:73:31:99:81:A0:C1:32:89:62:7C:3E:BB:35:DB:71:AE:2F:68:0F:06:33:3B:FE:B5:D5"}}},"request":{"raw":"GET /assets/firebase-connection-D9-JVH6U.js HTTP/1.1\r\nHost: library.hydra.wiki\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/library\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:01 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b8%2F7%2B06oumKnJToDyP9gGmFv0aPxvxSpieGPs%2FeYZAnpmNWXFm08%2FmNcMwLVGkcs9cY19UNeoY9xLhRoviJ2ahcU84H4IP5QmqjjQJwljGo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"6d87a772d28bcacc94dfac958fd849f1\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 98e17193d8b2568a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":227597,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4791)","md5":"8867663e049fd22d50f530b8d025a82c","sha1":"7fa9571c8e8f05381bdf68f43b3db04f6b8ec83b","sha256":"4b450f2ef949820ad8de7194eb1478c11230e8a1af285916434cb46d411b5656","sha512":"3f24de62244b7595953de3bfe0986a6415c26e69f155558e4080bbf004fdb97dfc0fb1dd58b0afe1c523f0bb9c09ab6ea8fde0f72ef87ed8a7901550a8a3178c","ssdeep":"6144:/me+kh8cWgankLwo2Ypi2Zeld8hWjhmkro2fqdTMOTCFgtGRGDC4Jfc0iVOIVW74:/me+kh8cWgankLwo2Ci2ZelMWj4kro2D","tlshash":"ec24f87c3681663317e189ea693b80c7b3199459350f42acb86dc8e62d3958a51ffff0","first_seen":"2025-09-16T04:09:44.776309Z","last_seen":"2025-12-04T06:23:17.207393Z","times_seen":4,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"region1.google-analytics.com/g/collect?v=2\u0026tid=G-TMMPJ1FL95\u0026gtm=45je5a80v9220974383za200zd9220974383\u0026_p=1760385840737\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=97542192.1760385842\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_s=1\u0026tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480709~115616985~115834636~115834638~115868792~115868794\u0026sid=1760385841\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Flibrary.hydra.wiki%2Flibrary\u0026dt=Hydra%20Library%20%7C%20Links%20for%20Hydra%20Launcher\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026_ee=1\u0026tfd=1456","fqdn":"region1.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:01.802Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:40:36 GMT","end":"Mon, 15 Dec 2025 08:40:35 GMT"},"fingerprint":{"sha1":"40:7E:33:E9:D5:23:31:43:6B:CB:8C:02:99:3E:C0:A1:96:B1:B2:DE","sha256":"BE:00:72:E8:21:36:BF:F1:E7:F3:E5:B6:86:FE:98:10:97:9F:3C:C4:3F:0A:F8:4D:E4:62:64:B7:70:FA:56:25"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-TMMPJ1FL95\u0026gtm=45je5a80v9220974383za200zd9220974383\u0026_p=1760385840737\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=97542192.1760385842\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_s=1\u0026tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480709~115616985~115834636~115834638~115868792~115868794\u0026sid=1760385841\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Flibrary.hydra.wiki%2Flibrary\u0026dt=Hydra%20Library%20%7C%20Links%20for%20Hydra%20Launcher\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026_ee=1\u0026tfd=1456 HTTP/1.1\r\nHost: region1.google-analytics.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nOrigin: https://library.hydra.wiki\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-origin: https://library.hydra.wiki\r\ndate: Mon, 13 Oct 2025 20:04:01 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:102:0\r\nreport-to: {\"group\":\"ascnsrsggc:102:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":72,"dns":2,"connect":21,"send":0,"wait":35,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:02.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nOrigin: https://library.hydra.wiki\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:03 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa8501-13361\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vVwSqbK17QddOeIsL609TCNO%2FY8yzkSnWE1ex%2FghMNHsUfWsoz5GDbJO5PNj9Zrm4o%2Fm32v9W3tHZehizv%2BP97xQ1hMBL6rCDrRyOWvME14%3D\"}]}\r\ncf-ray: 98e1719dd913b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78689,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3d4123dbfb33d27a5cfdfcfa91df6783","sha1":"e7d0eeeec54b848f0bc3da8685fa3bc88429d660","sha256":"cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887","sha512":"75c8a48dc207595e201b50b87ff68782112a21aded9f15f14185c07d40f0151d6afe74a2b278aa575caf12ac422e8166316296ed7b6573ea24e667cca4af51dd","ssdeep":"384:jvuAuF81dghu3ublZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uLu7uNKwZiMUL6Vpaj7F","tlshash":"22731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-01-20T06:37:31Z","last_seen":"2026-04-06T10:17:28.948789Z","times_seen":10549,"resource_available":false,"data":null}},"time_used":673,"timings":{"blocked":86,"dns":24,"connect":1,"send":0,"wait":494,"receive":0,"ssl":64},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bettydwarfcoincident.com/c3/dd/f4/c3ddf49b76d1794238277509594f9009.js","fqdn":"bettydwarfcoincident.com","domain":"bettydwarfcoincident.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:00.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bettydwarfcoincident.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Sep 2025 21:00:25 GMT","end":"Sat, 13 Dec 2025 21:00:24 GMT"},"fingerprint":{"sha1":"66:64:9F:A1:CC:C1:A4:9C:18:11:5A:53:39:D8:CC:92:52:D2:7D:CD","sha256":"1F:99:48:34:FF:08:5E:FE:D9:26:9A:D6:3D:CF:5A:90:5C:4D:3D:81:03:E0:F4:78:51:7D:0C:BB:25:60:8F:D4"}}},"request":{"raw":"GET /c3/dd/f4/c3ddf49b76d1794238277509594f9009.js HTTP/1.1\r\nHost: bettydwarfcoincident.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Mon, 13 Oct 2025 20:04:00 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 32659\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: bettydwarfcoincident.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 1b2ef5bf0b9e0238beda596934ea1380\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":84222,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"8f8d9d4ef01b07a415dfc47e7dfa94ae","sha1":"f2f555d085015373c96a1506fcddc45180c136a7","sha256":"2e95291afe032fa0f45fb435f73770d6ee73153c563908a9080a5b7856914308","sha512":"5e91869456f2ce8b51e0e84f0af1d7316dd5e581617ac947f110f601dcf8b01aa123a0e19c7bc10993ed2f22938309542223536eaf58940e703dc565a067ed69","ssdeep":"1536:UrysDEFAkM9IWf3pDTf0zpxftTgA4VEIaUb4Ru37oIXDWeGXMtb4cnSzB:EDxk4+BgA4VEIaUb4McBeGXMtb4/","tlshash":"dd83f848bb82b869425620ba331ff01af25a4c421de8d444dd57f8d96fb8b1df637e24","first_seen":"2025-10-13T20:04:33.481766Z","last_seen":"2025-10-13T20:04:33.481766Z","times_seen":1,"resource_available":true,"data":null}},"time_used":775,"timings":{"blocked":285,"dns":6,"connect":92,"send":0,"wait":109,"receive":88,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"bettydwarfcoincident.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-TMMPJ1FL95","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:00.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:40:36 GMT","end":"Mon, 15 Dec 2025 08:40:35 GMT"},"fingerprint":{"sha1":"40:7E:33:E9:D5:23:31:43:6B:CB:8C:02:99:3E:C0:A1:96:B1:B2:DE","sha256":"BE:00:72:E8:21:36:BF:F1:E7:F3:E5:B6:86:FE:98:10:97:9F:3C:C4:3F:0A:F8:4D:E4:62:64:B7:70:FA:56:25"}}},"request":{"raw":"GET /gtag/js?id=G-TMMPJ1FL95 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Mon, 13 Oct 2025 20:04:00 GMT\r\nexpires: Mon, 13 Oct 2025 20:04:00 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 141143\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":424638,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"28f868a776deea52da7aef5ab1dfc526","sha1":"a378a56253fbf13b5c67347dc39278bcc45edd43","sha256":"338c4751629de226747fc812dc75d7d27961bf628bce3495f3b16e486ee82b90","sha512":"be37c3766a1671984e6b3ba3cc82103e30999aabd28c615a04b114a3561900b589792278fb0e0438929dfaf126a317434b6410ac0368a63968ebaf7f5138e5fb","ssdeep":"6144:tBmB/yp2a4tM0uwbWZJT+Nju5204O0NsYXdXAQY:TXYJy0KZJu0O8","tlshash":"b79419de73d674225396f078503f018ba57b28a2b44cc89af189cde42e74a9a4177f7c","first_seen":"2025-10-13T20:04:33.488122Z","last_seen":"2025-10-13T20:04:33.488122Z","times_seen":1,"resource_available":true,"data":null}},"time_used":435,"timings":{"blocked":181,"dns":1,"connect":9,"send":0,"wait":33,"receive":26,"ssl":175},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:00.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /turnstile/v0/api.js HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 13 Oct 2025 20:04:00 GMT\r\ncontent-length: 0\r\naccess-control-allow-origin: *\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public\r\ncross-origin-resource-policy: cross-origin\r\nlocation: /turnstile/v0/g/e9c9e9d67513/api.js\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 98e1718fcba3569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49429,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":138,"timings":{"blocked":55,"dns":2,"connect":6,"send":0,"wait":15,"receive":0,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/assets/changelog-notification-DE8L6ccS.js","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.44.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:00.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"library.hydra.wiki","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Sep 2025 16:04:07 GMT","end":"Sat, 20 Dec 2025 17:03:56 GMT"},"fingerprint":{"sha1":"5B:2D:A9:8A:C5:31:B1:17:A2:92:5F:3E:FF:3A:42:25:E1:6A:9B:BF","sha256":"26:06:3B:12:02:9C:0F:73:31:99:81:A0:C1:32:89:62:7C:3E:BB:35:DB:71:AE:2F:68:0F:06:33:3B:FE:B5:D5"}}},"request":{"raw":"GET /assets/changelog-notification-DE8L6ccS.js HTTP/1.1\r\nHost: library.hydra.wiki\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/assets/library-D7OJ_aSo.js\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:00 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IfSCLQ4PKMsd%2BE%2FsQtGwT6wkfHDp6Hb8Aqv0cTxIbwEWNBd619sC3Ei8%2F%2Fz%2FAI4BwRsj6rIOmyArLowSDOy1uIs7374hZTNJKi%2BG8xugAiw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"2dfb68117081f464818d9804f138c07e\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 98e1718fccbe568a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1387,"size_decoded":0,"mime_type":"application/javascript","magic":"C++ source, ASCII text, with very long lines (1386)","md5":"599bf870d7d0177ec85a136b7b67f057","sha1":"a8c68283c135b47589f40586428d7b411790d0c1","sha256":"cf101a62798a2892752ab13bf794973669aba7ac34d5c67e10ddeb498cb9596b","sha512":"18aec2977a6b936b1ffc37ede3691844155732062d94aced3767ac0abeb331f951dbd602e237b281c70a6fce9c7da96392448b3f0ec3f22b08adcd68485277a4","ssdeep":"","tlshash":"89212fd1f21705b4c6c2427b61b897c253fb54ddbc0b800e36aeacc98d88a0c53eda31","first_seen":"2025-09-16T04:09:44.764406Z","last_seen":"2025-12-04T06:23:17.211458Z","times_seen":4,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:02.871Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"04:E6:D3:58:E3:A1:E3:05:2B:C3:56:5D:68:BB:1B:0A:08:C6:E3:FB","sha256":"25:4C:B3:A3:9A:E1:D7:FD:25:B6:BF:E9:AA:97:95:20:5D:F2:15:EA:41:46:B6:6B:01:17:19:26:EC:EF:D3:CA"}}},"request":{"raw":"GET /css2?family=Roboto:wght@100;300;400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 13 Oct 2025 20:04:03 GMT\r\ndate: Mon, 13 Oct 2025 20:04:03 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27925,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"aa770992960d5d36cf6ba4357f990aa9","sha1":"46cce46df4f47c159c31632cfb45ca0f0144ff0f","sha256":"ea95379db9e2554185ea2a578330b742412ef90d2ccd704a76ed133d990f052b","sha512":"42a66305d9a2990560ee0468c3a36e4b4a1b1ca98cf0922717b9519d17760c63930cb21fe7258671a873a4f9a1bfa520778ce2f002bfba120c99e3f5db00ebea","ssdeep":"768:DDADRDYDKDf4DQLDDDXDfc70afUQRptmJKBLfhQE8YtCR6UfaQ7zfTYHw+fQQVN7:+2Biad","tlshash":"afc2eda1041740009b839ce223cebf35fe5f92117141d0b9abfd9b6badcbc66526936d","first_seen":"2025-09-09T03:39:37.780899Z","last_seen":"2025-11-18T23:25:50.567773Z","times_seen":2837,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":134,"dns":1,"connect":21,"send":0,"wait":34,"receive":0,"ssl":113},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fstyle.css\u0026l=3487\u0026fd=676","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:03.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fstyle.css\u0026l=3487\u0026fd=676 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:04:03 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":138,"timings":{"blocked":43,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:01.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:04:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ad79c6f764c92fb92b642403c84309c6\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":229,"timings":{"blocked":91,"dns":5,"connect":17,"send":0,"wait":22,"receive":18,"ssl":50},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/assets/index-DVkDt3sz.js","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.44.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:01.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"library.hydra.wiki","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Sep 2025 16:04:07 GMT","end":"Sat, 20 Dec 2025 17:03:56 GMT"},"fingerprint":{"sha1":"5B:2D:A9:8A:C5:31:B1:17:A2:92:5F:3E:FF:3A:42:25:E1:6A:9B:BF","sha256":"26:06:3B:12:02:9C:0F:73:31:99:81:A0:C1:32:89:62:7C:3E:BB:35:DB:71:AE:2F:68:0F:06:33:3B:FE:B5:D5"}}},"request":{"raw":"GET /assets/index-DVkDt3sz.js HTTP/1.1\r\nHost: library.hydra.wiki\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/library\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:01 GMT\r\ncontent-type: application/javascript\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\netag: W/\"f2a27977250e8a28dd3893a2afeb89c2\"\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Pra26CiYgoQOiKMhT6P57DDDu28yXdUVc8Ke%2FHX5SFCpDFznoSRNoD9ABgAQ7n%2FfAhFAdTz9%2Bn1ePahpeVssZHvDFXksTlzkHEEm4EprmF%2FssJmoAm0MIAyx%2Fbu3LQlKXTZQTbE%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 98e17193d8ae568a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=7015\u0026min_rtt=1112\u0026rtt_var=6042\u0026sent=121\u0026recv=19\u0026lost=0\u0026retrans=0\u0026sent_bytes=125329\u0026recv_bytes=2891\u0026delivery_rate=13834733\u0026cwnd=57600\u0026unsent_bytes=0\u0026cid=401e2ff242505da4\u0026ts=743\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":42920,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (36425)","md5":"ac3918efb53baccd2467b14fd81b1c5f","sha1":"458837aaa223981c0b8c60db9c2df8e344152f9f","sha256":"b26a628b858685209ada859b1e1ad740e8f8f5ab6fa7f89c0ad09817ab7f073a","sha512":"5b36a46eee4ae26a05bc4fcbc3b8638e9b6f5adb496a981a3d296925957b1e5296f3b85f402b7807ef1d5d966e5ed8ce81925900a35ca9ced9b165d3e65fe906","ssdeep":"768:SxpqYZkMZXPQ+zxFw/agw7o62WsPWeaKFUui/:y1wSgZxJaYE/","tlshash":"3313e7661944b49d01436247ee56bb0d28bd03bde7b3c61a1cfd5b2931f22a6c53fb24","first_seen":"2025-09-16T04:09:44.752621Z","last_seen":"2025-10-13T20:04:33.50562Z","times_seen":2,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/assets/changelog-notification-DE8L6ccS.js","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.44.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:01.262Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"library.hydra.wiki","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Sep 2025 16:04:07 GMT","end":"Sat, 20 Dec 2025 17:03:56 GMT"},"fingerprint":{"sha1":"5B:2D:A9:8A:C5:31:B1:17:A2:92:5F:3E:FF:3A:42:25:E1:6A:9B:BF","sha256":"26:06:3B:12:02:9C:0F:73:31:99:81:A0:C1:32:89:62:7C:3E:BB:35:DB:71:AE:2F:68:0F:06:33:3B:FE:B5:D5"}}},"request":{"raw":"GET /assets/changelog-notification-DE8L6ccS.js HTTP/1.1\r\nHost: library.hydra.wiki\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/library\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:01 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iDOLfSdkN7fdr3fGrIswZ8GpsKbOsP7jk74zpoi8GwhJlLE8EFCdnymOZ908HTBGa7zVPbRKNIiLsm0ICgsD2T27HvOgq2Wa7%2FX%2B3NXz%2FGU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"2dfb68117081f464818d9804f138c07e\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 98e17193d8b6568a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1387,"size_decoded":0,"mime_type":"application/javascript","magic":"C++ source, ASCII text, with very long lines (1386)","md5":"599bf870d7d0177ec85a136b7b67f057","sha1":"a8c68283c135b47589f40586428d7b411790d0c1","sha256":"cf101a62798a2892752ab13bf794973669aba7ac34d5c67e10ddeb498cb9596b","sha512":"18aec2977a6b936b1ffc37ede3691844155732062d94aced3767ac0abeb331f951dbd602e237b281c70a6fce9c7da96392448b3f0ec3f22b08adcd68485277a4","ssdeep":"","tlshash":"89212fd1f21705b4c6c2427b61b897c253fb54ddbc0b800e36aeacc98d88a0c53eda31","first_seen":"2025-09-16T04:09:44.764406Z","last_seen":"2025-12-04T06:23:17.211458Z","times_seen":4,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F78%2F74%2Ffd%2F7874fd62186fc577273fa59756d17076%2F1744381737.html\u0026l=1544\u0026fd=262","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:02.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F78%2F74%2Ffd%2F7874fd62186fc577273fa59756d17076%2F1744381737.html\u0026l=1544\u0026fd=262 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:04:02 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=633","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:03.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=633 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:04:03 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/assets/library-BEXmtHg_.css","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.47.50","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:00.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"library.hydra.wiki","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Sep 2025 16:04:07 GMT","end":"Sat, 20 Dec 2025 17:03:56 GMT"},"fingerprint":{"sha1":"5B:2D:A9:8A:C5:31:B1:17:A2:92:5F:3E:FF:3A:42:25:E1:6A:9B:BF","sha256":"26:06:3B:12:02:9C:0F:73:31:99:81:A0:C1:32:89:62:7C:3E:BB:35:DB:71:AE:2F:68:0F:06:33:3B:FE:B5:D5"}}},"request":{"raw":"GET /assets/library-BEXmtHg_.css HTTP/1.1\r\nHost: library.hydra.wiki\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/library\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:00 GMT\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=H5qN51Yiso2ToN4Go%2BL8XjBhrUeP9MkJT0gJl%2FIaynW8iDj0Hvwyi%2Bitqr7bIzoQj4UFI8R%2FRnNIYYyNoKErcTF8Msk1PMuhrKkdphwah4s2Dw%3D%3D\"}]}\r\netag: W/\"75b844f6fb2b33e9fa98f7710035b0e7\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 98e1718f5f6b3181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47286,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (47285)","md5":"fb447db0bc2a2a72e48da8f8b24a2366","sha1":"f6abc1bb6b69243deb81e6a696fd33325082c4d4","sha256":"0d7e449aae03fc96d610c424222c22b83e4f185d77eb42aaad3410f1e6f1c542","sha512":"943c4cff0b9f5c927af3c2322e115b9e460bea7f983581229f0fd8db8920e645af92f2dea5ae48b210e827f5484f956a19f567d06269d25e170957b27c7c75af","ssdeep":"384:kwAJcxDjIZaYbFMK6YfQkRBifWv/1Xf9ErcFsvCQyo0HTh/y/m/T/HZNUrc9/jrV:iJcxDjIZaYt64ZNUrYnotBTzeUJPH+","tlshash":"1923756a9ea4107bbc13a1e5c2d8766df92ef0d1df3a47b9b88211047be23f60d57900","first_seen":"2025-09-16T04:09:44.766949Z","last_seen":"2025-10-13T20:04:33.5104Z","times_seen":2,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":2,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:00.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://library.hydra.wiki\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:00 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 150020\r\ncf-ray: 98e171915fef56bb-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"64cac444-24a04\"\r\nlast-modified: Wed, 02 Aug 2023 21:01:56 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 526592\r\nexpires: Sat, 03 Oct 2026 20:04:00 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=78U2opvunHY1XbUkn%2FQLznNVew9XX8gWByrXsH6GYV30GYG5ZPvah%2FLdywnmd%2FxHryf%2BhC91VZ8ZbGE%2BK4M9Wc8hDLgFa4lWrUs0YLxeIcLB3Nqo4s9Twn33t15%2Fxei89KOsomIn\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":150020,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 150020, version 772.1280","md5":"d5e647388e2415268b700d3df2e30a0d","sha1":"97f0942c6627ddd89fb62170e5cac9a2cbd6c98c","sha256":"886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9","sha512":"50b2ffd7537d0424286936cb7ba566004a664f447e4aaac8fa40ceb2850ead6cdb39c957515ae05a07aaeb8f6e3e428c4b95e4efa3edcadc9473e9e200bb47d6","ssdeep":"3072:vPtxURbSTtDXSLXe0itudYTPEnus4blfNUqKrC7ZOBS9C3bzlLX4/NKOTD5:P15Die0UPblfNUqLZg9I/Qk5","tlshash":"03e312e8c98e8e24452e2b975b436d4cfca1c97d77bfba0e2b5401b94f1e0521b34a71","first_seen":"2023-08-04T22:28:10Z","last_seen":"2026-04-06T10:01:21.774574Z","times_seen":30482,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:02.884Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:02 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=y2N5blEgeCKLvmgt0A5JArjd32%2B3L0UbifY1MofzEjg2%2Bbbe9aQYUII8pVPPfJTt00c08qEv%2Bscqgw%2Br%2FbIzEnMw7rlc0kHs46hpDbJ%2B\"}]}\r\nage: 1309804\r\ncf-cache-status: HIT\r\netag: W/\"65aa8501-15d94\"\r\ncontent-encoding: br\r\ncf-ray: 98e1719e38b8b518-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89492,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-04-05T13:23:52.248793Z","times_seen":6520,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":38,"dns":6,"connect":1,"send":0,"wait":9,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:03.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://library.hydra.wiki\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 12:56:02 GMT\r\nexpires: Fri, 09 Oct 2026 12:56:02 GMT\r\ncache-control: public, max-age=31536000\r\nage: 371281\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-06T10:11:42.544918Z","times_seen":718473,"resource_available":false,"data":null}},"time_used":342,"timings":{"blocked":161,"dns":79,"connect":7,"send":0,"wait":9,"receive":9,"ssl":71},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:03.782Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://library.hydra.wiki\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 12:56:02 GMT\r\nexpires: Fri, 09 Oct 2026 12:56:02 GMT\r\ncache-control: public, max-age=31536000\r\nage: 371281\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-06T10:11:42.544918Z","times_seen":718473,"resource_available":false,"data":null}},"time_used":336,"timings":{"blocked":158,"dns":73,"connect":7,"send":0,"wait":15,"receive":4,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:01.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:04:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7b0501c891a80030df678e0f258ad861\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":218,"timings":{"blocked":84,"dns":0,"connect":26,"send":0,"wait":20,"receive":18,"ssl":64},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/assets/index-DVkDt3sz.js","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.44.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:00.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"library.hydra.wiki","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Sep 2025 16:04:07 GMT","end":"Sat, 20 Dec 2025 17:03:56 GMT"},"fingerprint":{"sha1":"5B:2D:A9:8A:C5:31:B1:17:A2:92:5F:3E:FF:3A:42:25:E1:6A:9B:BF","sha256":"26:06:3B:12:02:9C:0F:73:31:99:81:A0:C1:32:89:62:7C:3E:BB:35:DB:71:AE:2F:68:0F:06:33:3B:FE:B5:D5"}}},"request":{"raw":"GET /assets/index-DVkDt3sz.js HTTP/1.1\r\nHost: library.hydra.wiki\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/assets/library-D7OJ_aSo.js\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:00 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=380GqxUQCAwnp8RY1WqLdBLONGTKvDBaNlRxAYTG8RdnE8t58%2BbeMjhGO6JpVlvC3wrV5jVswWUjqN8rOdShktaEKRh5vUpIXuLPgMLx7yM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"f2a27977250e8a28dd3893a2afeb89c2\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 98e1718fbcad568a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":42920,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (36425)","md5":"ac3918efb53baccd2467b14fd81b1c5f","sha1":"458837aaa223981c0b8c60db9c2df8e344152f9f","sha256":"b26a628b858685209ada859b1e1ad740e8f8f5ab6fa7f89c0ad09817ab7f073a","sha512":"5b36a46eee4ae26a05bc4fcbc3b8638e9b6f5adb496a981a3d296925957b1e5296f3b85f402b7807ef1d5d966e5ed8ce81925900a35ca9ced9b165d3e65fe906","ssdeep":"768:SxpqYZkMZXPQ+zxFw/agw7o62WsPWeaKFUui/:y1wSgZxJaYE/","tlshash":"3313e7661944b49d01436247ee56bb0d28bd03bde7b3c61a1cfd5b2931f22a6c53fb24","first_seen":"2025-09-16T04:09:44.752621Z","last_seen":"2025-10-13T20:04:33.50562Z","times_seen":2,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/favicon/favicon.png","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.44.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:01.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"library.hydra.wiki","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Sep 2025 16:04:07 GMT","end":"Sat, 20 Dec 2025 17:03:56 GMT"},"fingerprint":{"sha1":"5B:2D:A9:8A:C5:31:B1:17:A2:92:5F:3E:FF:3A:42:25:E1:6A:9B:BF","sha256":"26:06:3B:12:02:9C:0F:73:31:99:81:A0:C1:32:89:62:7C:3E:BB:35:DB:71:AE:2F:68:0F:06:33:3B:FE:B5:D5"}}},"request":{"raw":"GET /favicon/favicon.png HTTP/1.1\r\nHost: library.hydra.wiki\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/library\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 1188040\r\ncf-ray: 98e171945915568a-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"e476404e9a03f18fd325dab8378d4c5d\"\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\npriority: u=6,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=94RxrLQMqz5evEY5JD0ZjNonx5Tm0O4a5MMcZmmy8e9t4DQAng7VpuyzrWhFtXnpxxpOWZuOOuM9pMLId7DRJLhSQpESTHNj9s%2FgCVu2IJmmOcJWsXfY6QjSXk366f%2FDiW4VAaw%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=6279\u0026min_rtt=1112\u0026rtt_var=6004\u0026sent=136\u0026recv=22\u0026lost=0\u0026retrans=0\u0026sent_bytes=139984\u0026recv_bytes=3533\u0026delivery_rate=13834733\u0026cwnd=57600\u0026unsent_bytes=0\u0026cid=401e2ff242505da4\u0026ts=819\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1188040,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit/color RGB, non-interlaced","md5":"ae2f76051d88a0bd7fb42a72384a6cb1","sha1":"226823c4cd5a2c1d8bcdfa17e71729bb3e3dc669","sha256":"967c95acd80cbe45f90dda76183ce767dd7ae52d6c54bf9f39919fd59418c0d4","sha512":"cec35cf835c3fb79d2ee603cf87ebb96dc29f4f5122020a4da68c86ed48decf06513f95fb3ac025a8763fd4e54b0ea8bd8cee917d4cd58fe830dd0616a341e09","ssdeep":"24576:UL1tLy5/JseZ8ms/xfU++s9y3zO/nuUDP4eNVhckBkeVNF5KGCF:wtu5TZl2BU++s9y3zjUMgVH5dg","tlshash":"3b2523f972819f51cb9bb2ba30ff3d234f71688005fa4ca669149e68357dfa1188752c","first_seen":"2025-09-16T04:09:44.760472Z","last_seen":"2025-12-04T06:23:17.212234Z","times_seen":4,"resource_available":false,"data":null}},"time_used":2749,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":2719,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/favicon/favicon_16x16.png","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.44.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:01.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"library.hydra.wiki","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Sep 2025 16:04:07 GMT","end":"Sat, 20 Dec 2025 17:03:56 GMT"},"fingerprint":{"sha1":"5B:2D:A9:8A:C5:31:B1:17:A2:92:5F:3E:FF:3A:42:25:E1:6A:9B:BF","sha256":"26:06:3B:12:02:9C:0F:73:31:99:81:A0:C1:32:89:62:7C:3E:BB:35:DB:71:AE:2F:68:0F:06:33:3B:FE:B5:D5"}}},"request":{"raw":"GET /favicon/favicon_16x16.png HTTP/1.1\r\nHost: library.hydra.wiki\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/library\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 382\r\npriority: u=6,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"9cc8054843f6e3ee4753c2db8c7d8ae4\"\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W%2BoY4REYX7mmw3J2r2yJhuWq8o0qCwqN58qgIJpM9wLbZvWUL0X1UuYszCxXOan3qmRsnYbS%2Fz74qNR3rOMMqSgySNexFttruvitN4oDhks%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 98e171945921568a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":382,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced","md5":"ba7f648452ad851d0dc5f870f28a9ff6","sha1":"37c0818f7bf46377784e137c13a8f1760b84a3fa","sha256":"f5a4321c122f4140d9d77e76fab0db16eda71a262074806f6a7fe0542116c13c","sha512":"798fbf0a01f61917caaa47a1329fee592627b7ea0b31b27a7aff6aa1658ff6b6d040d7c814aea7846f6288098ecddad7022fb47937a16ebb8ba37080a1ee2459","ssdeep":"","tlshash":"d9e06ae7c2b35d3dfbf30170044103531157905c60399aecd7b14d84605e633d171583","first_seen":"2025-09-16T04:09:44.785398Z","last_seen":"2025-12-04T06:23:17.239288Z","times_seen":4,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:01.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:04:01 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3430\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: c70bc63796150e0348d4fc8fb22da3f5\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6293,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6293), with no line terminators","md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"resource_available":true,"data":null}},"time_used":695,"timings":{"blocked":289,"dns":0,"connect":101,"send":0,"wait":102,"receive":8,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.125.105.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:02.061Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nOrigin: https://library.hydra.wiki\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=450c8c26-18fb-43f3-960d-547a37a6288a:2:1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:02 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://library.hydra.wiki\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"13a28f82c16929aa5ea970a7899c4847","sha1":"edfda8cab8ed98ac44ef5681c15f3dda4c7e069f","sha256":"ed858df473552b3720c37b432bc8a1c65d3adf2b8053214d6e4a0b616dfe52b7","sha512":"98c6231f7b16da2b23d6d00e54e5b6214775848f0bb41eaff75fc26aaf0d4f8dafa7fb4cded647de2e66702e72fe26600ab58ef61b0349db132b6778d6516980","ssdeep":"","tlshash":"f29004504400d1054111d50d7fdd4d4054d5f045d10450075437ddc475174d07c455c0","first_seen":"2025-10-13T20:04:33.539739Z","last_seen":"2025-10-13T20:04:33.539739Z","times_seen":1,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"hydra-library-2-default-rtdb.firebaseio.com/.ws?v=5\u0026p=1:64984778774:web:7406df8e41c9ddc1798d37","fqdn":"hydra-library-2-default-rtdb.firebaseio.com","domain":"firebaseio.com","tld":"com"},"ip":{"addr":"35.201.97.85","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:02.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.us-central1.firebasedatabase.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Sep 2025 19:56:00 GMT","end":"Mon, 08 Dec 2025 19:55:59 GMT"},"fingerprint":{"sha1":"32:FB:0C:92:F6:20:6A:AB:4F:3A:78:E1:02:78:04:92:03:F1:D5:2E","sha256":"70:1B:D6:65:32:F1:69:40:13:A4:E4:B2:13:6B:73:49:AA:35:73:C0:5E:11:C5:B8:E6:74:3A:45:A0:27:D8:7E"}}},"request":{"raw":"GET /.ws?v=5\u0026p=1:64984778774:web:7406df8e41c9ddc1798d37 HTTP/1.1\r\nHost: hydra-library-2-default-rtdb.firebaseio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://library.hydra.wiki\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: BpQKrHcfze0PnWI64o7L7A==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx\r\nDate: Mon, 13 Oct 2025 20:04:02 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: eBVwfIJRbOV5l1dVHAtOnA3dZLE=\r\nStrict-Transport-Security: max-age=31556926; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":332,"timings":{"blocked":-1,"dns":1,"connect":13,"send":0,"wait":139,"receive":0,"ssl":178},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:00.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.2/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://library.hydra.wiki\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:00 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 18778\r\ncf-ray: 98e1718fae2256bb-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"64cac444-495a\"\r\nlast-modified: Wed, 02 Aug 2023 21:01:56 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 831585\r\nexpires: Sat, 03 Oct 2026 20:04:00 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=MO67aSRghlL9JsXgZL4NyaI%2B79JfsyoYSMRjaeRjfynfHyNkm2HhUis639EIp9egDAeGQA7JmIb7mkDWK4DozqlbQ6Tc%2B8SqkhZYE3H7BOytAT7jkwLZmwQUIihDjQcCMDtCsvgG\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":102217,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (52276)","md5":"5222e06b77a1692fa2520a219840e6be","sha1":"8b4236206a8b86af3761a244277663046d7ff7ee","sha256":"0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5","sha512":"cf780ba5def29277f562835b0b3a9129ce2aca8afc81a294d6a9a7f824a1c5bb81bac00d23d42946884606b7821642b12e17a2e92f424171446db2aea8b8340c","ssdeep":"1536:0wMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPGuuprrlCq:M709gMGFiyPGuuprlCq","tlshash":"09a3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-08-04T22:28:10Z","last_seen":"2026-04-06T10:01:21.752683Z","times_seen":36247,"resource_available":false,"data":null}},"time_used":135,"timings":{"blocked":48,"dns":4,"connect":1,"send":0,"wait":20,"receive":2,"ssl":53},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/ff/69/f1/ff69f1f74561fdc6cbbecc3005e6ef7bb5d3ab17f08e3879621bb3dc88a8f260.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:02.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/ff/69/f1/ff69f1f74561fdc6cbbecc3005e6ef7bb5d3ab17f08e3879621bb3dc88a8f260.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:03 GMT\r\ncontent-type: image/png\r\ncontent-length: 46096\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 25 May 2025 02:17:25 GMT\r\netag: \"68327db5-b410\"\r\nexpires: Wed, 15 Oct 2025 20:04:03 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46096,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x400, components 3","md5":"ed4f60d20941ae5888b01b01916f2e88","sha1":"e35f9e4ac46b078a6627e153c36fa08b0750f9fc","sha256":"e4092e5b649b52528da0fc6ac5ef1ae0530699d6e0b29c3fa0eb83478c99f5ed","sha512":"55d3bedc530d7c9751dfdf88f78fc55c6dc87c772edafb974240b896bf4dd1ed8cdfc538f8075a31dbd14e5e88b55946a0c81b734bb670c2d639e9900ee76095","ssdeep":"768:CX3yKRSHXnYe/8/geEnPDDO5usUZSEN+wNvQix0UgI4FiOt7ILUaPAWSN8V:eyKRSXdUDEnPfPUENdNoFiDPJ","tlshash":"7423f13625269c94d2599bfc0b3618d4e3e88484a5d68f56af4907c2abc1fc3ccdccb5","first_seen":"2025-06-05T18:59:05.430298Z","last_seen":"2026-01-06T02:07:37.704074Z","times_seen":696,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":114,"dns":59,"connect":20,"send":0,"wait":38,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fjs%2Fscript.js\u0026l=957\u0026fd=629","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:03.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fjs%2Fscript.js\u0026l=957\u0026fd=629 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:04:03 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:03.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://library.hydra.wiki\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 12:56:02 GMT\r\nexpires: Fri, 09 Oct 2026 12:56:02 GMT\r\ncache-control: public, max-age=31536000\r\nage: 371282\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-06T10:11:42.544918Z","times_seen":718473,"resource_available":false,"data":null}},"time_used":483,"timings":{"blocked":235,"dns":78,"connect":20,"send":0,"wait":8,"receive":3,"ssl":132},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/assets/library-D7OJ_aSo.js","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.47.50","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:00.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"library.hydra.wiki","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Sep 2025 16:04:07 GMT","end":"Sat, 20 Dec 2025 17:03:56 GMT"},"fingerprint":{"sha1":"5B:2D:A9:8A:C5:31:B1:17:A2:92:5F:3E:FF:3A:42:25:E1:6A:9B:BF","sha256":"26:06:3B:12:02:9C:0F:73:31:99:81:A0:C1:32:89:62:7C:3E:BB:35:DB:71:AE:2F:68:0F:06:33:3B:FE:B5:D5"}}},"request":{"raw":"GET /assets/library-D7OJ_aSo.js HTTP/1.1\r\nHost: library.hydra.wiki\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/library\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:00 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AQ1zBw05ey9wGXJBAHJPpnKYyU%2B8IwzCdgD1932Ne%2B9qi%2B1j4cIFqYtQLENecX8RHl6ere8LGvvMDJ1LcRtjXh5dmh2GL2Walt3A81fwvgMmGw%3D%3D\"}]}\r\netag: W/\"a603e923a18521fd94b0cdf5334d425b\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 98e1718f5f703181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":74588,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8663)","md5":"d9385ff2b1a146f14cf9afea2fdc4c43","sha1":"b43399e39744a6df8aebea839a5fd0f27dd865e1","sha256":"f8e3c0275e5917b8bec8d548a0dd204d0531d99f18fcdf88485480881e8aa5cf","sha512":"2fa7d9816e83298396a49b2ed7fd96e45159bc428ffb834b62085d4e768a07f2ee02690b79c189db9aa94ae418a3184de535ef6cdf59c2a6f8e2729e230dd543","ssdeep":"1536:ndxb+0Ae/pDhCUD2wzlVKpDkplgH8MaF8KWYWx:dxbtAe/ptCUDxVKJkplgH8MA8KXG","tlshash":"d273096131f0093a01db46fb35b55b52ba75c60bf907d448717c89962f8bc82cba3bad","first_seen":"2025-09-16T04:09:44.791845Z","last_seen":"2025-10-13T20:04:33.54987Z","times_seen":2,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=709\u0026rd=709\u0026fd=532\u0026bv=25.10.2289\u0026tmpl=70","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:01.453Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=709\u0026rd=709\u0026fd=532\u0026bv=25.10.2289\u0026tmpl=70 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:04:01 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":703,"timings":{"blocked":309,"dns":1,"connect":99,"send":0,"wait":95,"receive":0,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.125.105.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:01.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nOrigin: https://library.hydra.wiki\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:01 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://library.hydra.wiki\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=450c8c26-18fb-43f3-960d-547a37a6288a:2:1; expires=Thu, 11 Oct 2035 20:04:01 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"13a28f82c16929aa5ea970a7899c4847","sha1":"edfda8cab8ed98ac44ef5681c15f3dda4c7e069f","sha256":"ed858df473552b3720c37b432bc8a1c65d3adf2b8053214d6e4a0b616dfe52b7","sha512":"98c6231f7b16da2b23d6d00e54e5b6214775848f0bb41eaff75fc26aaf0d4f8dafa7fb4cded647de2e66702e72fe26600ab58ef61b0349db132b6778d6516980","ssdeep":"","tlshash":"f29004504400d1054111d50d7fdd4d4054d5f045d10450075437ddc475174d07c455c0","first_seen":"2025-10-13T20:04:33.539739Z","last_seen":"2025-10-13T20:04:33.539739Z","times_seen":1,"resource_available":false,"data":null}},"time_used":430,"timings":{"blocked":192,"dns":8,"connect":22,"send":0,"wait":21,"receive":0,"ssl":180},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bettydwarfcoincident.com/sbar.json?key=c3ddf49b76d1794238277509594f9009\u0026uuid=450c8c26-18fb-43f3-960d-547a37a6288a%3A2%3A1","fqdn":"bettydwarfcoincident.com","domain":"bettydwarfcoincident.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:02.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bettydwarfcoincident.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Sep 2025 21:00:25 GMT","end":"Sat, 13 Dec 2025 21:00:24 GMT"},"fingerprint":{"sha1":"66:64:9F:A1:CC:C1:A4:9C:18:11:5A:53:39:D8:CC:92:52:D2:7D:CD","sha256":"1F:99:48:34:FF:08:5E:FE:D9:26:9A:D6:3D:CF:5A:90:5C:4D:3D:81:03:E0:F4:78:51:7D:0C:BB:25:60:8F:D4"}}},"request":{"raw":"GET /sbar.json?key=c3ddf49b76d1794238277509594f9009\u0026uuid=450c8c26-18fb-43f3-960d-547a37a6288a%3A2%3A1 HTTP/1.1\r\nHost: bettydwarfcoincident.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nOrigin: https://library.hydra.wiki\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Mon, 13 Oct 2025 20:04:02 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 3732\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://library.hydra.wiki\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=450c8c26-18fb-43f3-960d-547a37a6288a:2:1; expires=Mon, 20 Oct 2025 20:04:02 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Tue, 14 Oct 2025 20:04:02 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Tue, 14 Oct 2025 20:04:02 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Tue, 14 Oct 2025 20:04:02 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Tue, 14 Oct 2025 20:04:02 GMT; path=/; secure; SameSite=None\nu_pl27001098=1; expires=Tue, 14 Oct 2025 20:04:02 GMT; path=/; secure; SameSite=None\nslecc3ddf49b76d1794238277509594f9009=[5974464]; expires=Mon, 13 Oct 2025 20:04:07 GMT; path=/; secure; SameSite=None\r\nHost: bettydwarfcoincident.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d1a4053cda1048f9f1182ab7cc9aacd8\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6132,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"a8c274128132f2e2b11948fc11872bc9","sha1":"6b3540705f9a8aead797baa14386e424e20bee87","sha256":"b76f93a6a5d63525514368ddf67412d84288b8b6c7032ee8250d001838b90575","sha512":"4e12345f3aaf9b4ed2b6d8bafc4526d67f1d8d27a1e76e6a813243a8af22f35aa256c5a37551f6a6604fd86d5eff7ae72aea9a1a153b06312e6b294c4ad15e0b","ssdeep":"96:9zHdKa6bUgrUoPBkHq7i2CdKa6bUgr+UNH5jD40Cyc1Eh6xLobwl:9zHd8bU4UDCi2Cd8bU4+UNH5jE0/dh6N","tlshash":"e7c14c7cc3c8b1ab4a501626249f5defac9b424af388dddb808bcf7e5575522136807e","first_seen":"2025-10-13T20:04:33.5551Z","last_seen":"2025-10-13T20:04:33.5551Z","times_seen":1,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":306,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"bettydwarfcoincident.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"library.hydra.wiki/library","fqdn":"library.hydra.wiki","domain":"hydra.wiki","tld":"wiki"},"ip":{"addr":"172.66.44.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-13T20:03:59.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"library.hydra.wiki","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Sep 2025 16:04:07 GMT","end":"Sat, 20 Dec 2025 17:03:56 GMT"},"fingerprint":{"sha1":"5B:2D:A9:8A:C5:31:B1:17:A2:92:5F:3E:FF:3A:42:25:E1:6A:9B:BF","sha256":"26:06:3B:12:02:9C:0F:73:31:99:81:A0:C1:32:89:62:7C:3E:BB:35:DB:71:AE:2F:68:0F:06:33:3B:FE:B5:D5"}}},"request":{"raw":"GET /library HTTP/1.1\r\nHost: library.hydra.wiki\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:00 GMT\r\ncontent-type: text/html; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pUfKzBTG9HfVPCSmuab1uFvltAhVp7Xe8Xc2UZZojmsncjv8bBklHqmgaRshKDggiWmnkGkHXj4hzdj3bXTgAjTjkdlbkeovAc1GeF4W%2F1c%3D\"}]}\r\netag: W/\"f69f4241f668f6bb2361f953f24e63b6\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 98e1718c1c61b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"SweetAlert2:11","description":"SweetAlert2 is a JavaScript library that provides customisable, visually appealing, and responsive alert and modal dialog boxes for web applications.","website":"https://sweetalert2.github.io/","common_platform_enumeration":"","icon":"SweetAlert2.svg","categories":["JavaScript libraries"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}],"data":{"size":77020,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (348)","md5":"49c9e81324a0c47ff6efb89a1040aa49","sha1":"88b80c3b2b4c5605882d033a702b5e53dbce1c4e","sha256":"5f15ada4cb25ed345053eda3a399ffcdb9c048b6bc4dfc11f1b5e15ddfa9b3f0","sha512":"6ce53524bc98cd381d1f8d7331fc945d20b8db59908e6bce9f0bc1118b997c89aae4951a14d8dd3371afaf09ba95b52a7ab27840ad42a864e5ee15117e443bb5","ssdeep":"768:Lp36DWdw/gEhK0TMEz9EnFxY4Qmf9eqeoeHete0F6ek9sBSKTRQjee6e4e3eNeM/:LplEhPMEzeF9/9xXKMNFh+IPhH6sZ","tlshash":"f373735675f209bb019793b527a62a2efeb8d707c65bdc0876ad07901fc3d828c4366c","first_seen":"2025-09-16T04:09:44.798714Z","last_seen":"2025-10-13T20:04:33.445255Z","times_seen":2,"resource_available":false,"data":null}},"time_used":634,"timings":{"blocked":294,"dns":82,"connect":1,"send":0,"wait":46,"receive":0,"ssl":207},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.125.105.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:02.064Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nOrigin: https://library.hydra.wiki\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=450c8c26-18fb-43f3-960d-547a37a6288a:2:1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:02 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://library.hydra.wiki\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"13a28f82c16929aa5ea970a7899c4847","sha1":"edfda8cab8ed98ac44ef5681c15f3dda4c7e069f","sha256":"ed858df473552b3720c37b432bc8a1c65d3adf2b8053214d6e4a0b616dfe52b7","sha512":"98c6231f7b16da2b23d6d00e54e5b6214775848f0bb41eaff75fc26aaf0d4f8dafa7fb4cded647de2e66702e72fe26600ab58ef61b0349db132b6778d6516980","ssdeep":"","tlshash":"f29004504400d1054111d50d7fdd4d4054d5f045d10450075437ddc475174d07c455c0","first_seen":"2025-10-13T20:04:33.539739Z","last_seen":"2025-10-13T20:04:33.539739Z","times_seen":1,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bettydwarfcoincident.com/ren.gif?sid=H4sIAAAAAAAC_1RSP2wjxRudzV11v-InAqICyQUFkYiz__xnueJEOIIickmUC0qRanZm1xk83llmdr2Oq4hI6CQan0QBiGL9nFwEnBDQIAqkyKGLhISpUlwaaiqka0FOLAVe8X3v05vife-bj4f5JfGQ04vNB6ovpKRLtapdeX1HJFwVprK-XXHsqn23siOSun-30psW3X3T8fyqvVB5N2JtteTajm07tlNZETqKVW_pSoVInwZONbCrvlt1aj56-r-zyS0YaoF3L8k8BJ_8_494F4KNkXS-ux-ZdqbSN97p5JJmSqPLT95P2okqEnRuaKwtxMnJ7DWUmRDy2RxUcjLbAKp7NN0AoZiQuZefIUxOZjYRdo-vnYYSUYKQ_w9Fd4xIjiHoGEwdQvDfCMA41jeQdJ6sK13Q_WuVTtUJuf38L4hiQm4_ewlJ59tlKXqVh0rmmVCJQS8uIXpjiNYYaX6GrD8HUZyBZR9B8F_J0vM1JJ2jDSMVBL94za_ZrMnc-qLTjMNF34u9xaBu88Wa36Beg9bdZpNeRSTiMaiZQ24s5MJCHlvIUwsdflHx7abPHOrV44Czhu1T3-dRaAdN17ZpwBrI2dT7AFk6AJMDMH2AVB-gLQbQ-SnMXgnDLZiMoMtLFBFBYQgKSlAIgiIjKLrlMZfGNeUTLk0eOrPuzrpXjlTWGtJjlbWihIDqATQvj0T6oTkEy26N-rHhIzUtNMzKEQ15OUwvyQvTWK0vrTtoRxcV5nEe-0HYqHOnEfiu13QbjZod1AI_Dmw7gBElhJkDNRb6YkIeDOeRiglZ-CRCSM9g5BmYmAfNXwUtStC9Ev3kBylCTfV-dW-fa1otRFuAqxJpdhvZvjWUl-TF0db28unVjXcXThGx83s_fT7FF2C6RKpLfCB-IWjJR6MtVZCjLVUY8v1GmomO6NPp_R9mNItuff1etF8ozVfvm8FXb7GpMKVPtyOTrdGEi6RlyDfLgvNIryjNIvLzqtmJws3c7C3nOsnTtc23V1Y7qY6MESoZg4oJuVO-AiYmZP7vx1d_2_v0R7D0ACa98WkUQZhakIJARudkBtCwhPnXHN7woXmElrZAs0MknRJdXaIrS1A5gMlvjbJUn9_73bsCQmmNQqmto1Bq-fg6JyMuKjU39OrNZj2K6zz2uOd6PKjZUeDToO4Hfg2Zmez9uev-EwAA__-00wImfgQAAA==","fqdn":"bettydwarfcoincident.com","domain":"bettydwarfcoincident.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:02.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bettydwarfcoincident.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Sep 2025 21:00:25 GMT","end":"Sat, 13 Dec 2025 21:00:24 GMT"},"fingerprint":{"sha1":"66:64:9F:A1:CC:C1:A4:9C:18:11:5A:53:39:D8:CC:92:52:D2:7D:CD","sha256":"1F:99:48:34:FF:08:5E:FE:D9:26:9A:D6:3D:CF:5A:90:5C:4D:3D:81:03:E0:F4:78:51:7D:0C:BB:25:60:8F:D4"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSP2wjxRudzV11v-InAqICyQUFkYiz__xnueJEOIIickmUC0qRanZm1xk83llmdr2Oq4hI6CQan0QBiGL9nFwEnBDQIAqkyKGLhISpUlwaaiqka0FOLAVe8X3v05vife-bj4f5JfGQ04vNB6ovpKRLtapdeX1HJFwVprK-XXHsqn23siOSun-30psW3X3T8fyqvVB5N2JtteTajm07tlNZETqKVW_pSoVInwZONbCrvlt1aj56-r-zyS0YaoF3L8k8BJ_8_494F4KNkXS-ux-ZdqbSN97p5JJmSqPLT95P2okqEnRuaKwtxMnJ7DWUmRDy2RxUcjLbAKp7NN0AoZiQuZefIUxOZjYRdo-vnYYSUYKQ_w9Fd4xIjiHoGEwdQvDfCMA41jeQdJ6sK13Q_WuVTtUJuf38L4hiQm4_ewlJ59tlKXqVh0rmmVCJQS8uIXpjiNYYaX6GrD8HUZyBZR9B8F_J0vM1JJ2jDSMVBL94za_ZrMnc-qLTjMNF34u9xaBu88Wa36Beg9bdZpNeRSTiMaiZQ24s5MJCHlvIUwsdflHx7abPHOrV44Czhu1T3-dRaAdN17ZpwBrI2dT7AFk6AJMDMH2AVB-gLQbQ-SnMXgnDLZiMoMtLFBFBYQgKSlAIgiIjKLrlMZfGNeUTLk0eOrPuzrpXjlTWGtJjlbWihIDqATQvj0T6oTkEy26N-rHhIzUtNMzKEQ15OUwvyQvTWK0vrTtoRxcV5nEe-0HYqHOnEfiu13QbjZod1AI_Dmw7gBElhJkDNRb6YkIeDOeRiglZ-CRCSM9g5BmYmAfNXwUtStC9Ev3kBylCTfV-dW-fa1otRFuAqxJpdhvZvjWUl-TF0db28unVjXcXThGx83s_fT7FF2C6RKpLfCB-IWjJR6MtVZCjLVUY8v1GmomO6NPp_R9mNItuff1etF8ozVfvm8FXb7GpMKVPtyOTrdGEi6RlyDfLgvNIryjNIvLzqtmJws3c7C3nOsnTtc23V1Y7qY6MESoZg4oJuVO-AiYmZP7vx1d_2_v0R7D0ACa98WkUQZhakIJARudkBtCwhPnXHN7woXmElrZAs0MknRJdXaIrS1A5gMlvjbJUn9_73bsCQmmNQqmto1Bq-fg6JyMuKjU39OrNZj2K6zz2uOd6PKjZUeDToO4Hfg2Zmez9uev-EwAA__-00wImfgQAAA== HTTP/1.1\r\nHost: bettydwarfcoincident.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=450c8c26-18fb-43f3-960d-547a37a6288a:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27001098=1; slecc3ddf49b76d1794238277509594f9009=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Mon, 13 Oct 2025 20:04:02 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: bettydwarfcoincident.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: de1d2eab29588bc17f1576f635da4656\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"bettydwarfcoincident.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/au/78/74/fd/7874fd62186fc577273fa59756d17076/1744381737.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:02.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Oct 2025 15:30:46 GMT","end":"Tue, 06 Jan 2026 16:29:13 GMT"},"fingerprint":{"sha1":"CE:BB:4F:68:2C:89:90:90:9F:0D:E4:DC:37:55:B5:DC:41:49:D6:F9","sha256":"52:3F:5E:43:C5:77:DF:EF:E5:AE:11:CA:C1:74:9E:6B:A8:63:B6:7A:C9:7F:8F:58:EF:05:C6:35:2F:C7:D2:9B"}}},"request":{"raw":"GET /sb/au/78/74/fd/7874fd62186fc577273fa59756d17076/1744381737.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nOrigin: https://library.hydra.wiki\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:02 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Fri, 11 Apr 2025 14:28:57 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VXIcVDKNk1kA4IKzdcmm%2FUMTWlulQsVA%2Bt3fw6v1SRrEdSCDBscl2SYg8au10TI5iXMXzpV6MjI8PyHSOV2P6lqC3GB2jjQ3I8K218I%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98e1719c0965b50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1544,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"972f68410d9349904f897739b33e12cc","sha1":"e41130dbad60e81ad2665bb7407a50888aae8150","sha256":"90c062931018d386488b555fd261405457f9744db31512ff5780d49769d7b0d0","sha512":"905ef97b48b163e2ff2d28316f462ab1db0bdc05df312811c5e24ecb8614424d74f64a88fe31849fc9dd3515bf1d681b136df27aac8b27fc61c07cbda05dd12e","ssdeep":"","tlshash":"eb31f4251df9c9720182a0957b312f2baa91ea47cc8b560133fc4e948feaed9cd5310b","first_seen":"2023-12-18T02:06:40Z","last_seen":"2026-01-25T21:57:17.058603Z","times_seen":2175,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":80,"dns":34,"connect":2,"send":0,"wait":120,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:03.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nOrigin: https://library.hydra.wiki\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:03 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XIb%2FhZex5QrKO5zVvij%2FZ9OxjzICIfNnxdFdE0AGVwuHOzqweAv%2B8Y36Ai1wtEnZFMdq4tK9h6OX6um3y4sbYPA6Dt517PZ8JP%2ByfhniUpo%3D\"}]}\r\ncf-cache-status: MISS\r\netag: W/\"65aa8501-3bd\"\r\ncontent-encoding: br\r\ncf-ray: 98e1719fbee0b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":957,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"41051a33fb99370ee2aeae5227abec51","sha1":"f1b81c1d24d27bea43a09f308ae28668453704fb","sha256":"67f07ddfdc4a81dc7ae4f83c332eb76107442caf0230e307d6398bae7663aa0d","sha512":"2ac42bfbc6eceb4cde624f8ff6d7a8ca06a88acb16cedb655d3dbc27df1745189e93f75edac38128ea6aaf839ab937fa518f4bf50fb10e1c968289a415c44aee","ssdeep":"","tlshash":"2e115b27356842b45353f06791176adaba31025bac2a971b712c06cd0fd476903f99f7","first_seen":"2023-12-07T10:00:32Z","last_seen":"2026-01-25T21:57:17.022984Z","times_seen":2153,"resource_available":false,"data":null}},"time_used":503,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":503,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"region1.google-analytics.com/g/collect?v=2\u0026tid=G-TMMPJ1FL95\u0026gtm=45je5a80v9220974383za200zd9220974383\u0026_p=1760385840737\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=97542192.1760385842\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_eu=AEAAAAQ\u0026_s=2\u0026tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480709~115616985~115834636~115834638~115868792~115868794\u0026sid=1760385841\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Flibrary.hydra.wiki%2Flibrary\u0026dt=Hydra%20Library%20%7C%20Links%20for%20Hydra%20Launcher\u0026en=scroll\u0026epn.percent_scrolled=90\u0026tfd=6686","fqdn":"region1.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:07.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:40:36 GMT","end":"Mon, 15 Dec 2025 08:40:35 GMT"},"fingerprint":{"sha1":"40:7E:33:E9:D5:23:31:43:6B:CB:8C:02:99:3E:C0:A1:96:B1:B2:DE","sha256":"BE:00:72:E8:21:36:BF:F1:E7:F3:E5:B6:86:FE:98:10:97:9F:3C:C4:3F:0A:F8:4D:E4:62:64:B7:70:FA:56:25"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-TMMPJ1FL95\u0026gtm=45je5a80v9220974383za200zd9220974383\u0026_p=1760385840737\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=97542192.1760385842\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_eu=AEAAAAQ\u0026_s=2\u0026tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480709~115616985~115834636~115834638~115868792~115868794\u0026sid=1760385841\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Flibrary.hydra.wiki%2Flibrary\u0026dt=Hydra%20Library%20%7C%20Links%20for%20Hydra%20Launcher\u0026en=scroll\u0026epn.percent_scrolled=90\u0026tfd=6686 HTTP/1.1\r\nHost: region1.google-analytics.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nOrigin: https://library.hydra.wiki\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 No Content\r\naccess-control-allow-origin: https://library.hydra.wiki\r\ndate: Mon, 13 Oct 2025 20:04:07 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:102:0\r\nreport-to: {\"group\":\"ascnsrsggc:102:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bettydwarfcoincident.com/ea/39/e9/ea39e9c2c020a9ed11a3e578c1a25a9b.js","fqdn":"bettydwarfcoincident.com","domain":"bettydwarfcoincident.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:00.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bettydwarfcoincident.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Sep 2025 21:00:25 GMT","end":"Sat, 13 Dec 2025 21:00:24 GMT"},"fingerprint":{"sha1":"66:64:9F:A1:CC:C1:A4:9C:18:11:5A:53:39:D8:CC:92:52:D2:7D:CD","sha256":"1F:99:48:34:FF:08:5E:FE:D9:26:9A:D6:3D:CF:5A:90:5C:4D:3D:81:03:E0:F4:78:51:7D:0C:BB:25:60:8F:D4"}}},"request":{"raw":"GET /ea/39/e9/ea39e9c2c020a9ed11a3e578c1a25a9b.js HTTP/1.1\r\nHost: bettydwarfcoincident.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Mon, 13 Oct 2025 20:04:00 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 38472\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: bettydwarfcoincident.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: aac10711941a71a737fc974f253860a6\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":106681,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"2feefa83228b4b4d3a71d88833ab5336","sha1":"7a827b5c38b7d5bb50ec4b82d2ffddf3669436db","sha256":"d243fbb9628bf675953bd70b8bbff4fe4a36e2f0d13e9319a100394b69a82f88","sha512":"4679f5f5e3731846ac9a73893a21a0ba8f41edd1fbaeb816bf23a1783eed78e95d02345564027c0b02cb635380d0ede7c06d8cba7d999aa575f88666aad7418f","ssdeep":"1536:R94DYewmZykjTzY67ytOUS5VlIXga6kSFf02mdBV4mCzCgiA0eQpE0I9Na2Q:snlT9RCgZ0eQp29Na2Q","tlshash":"28a3a4883f40f17d0796b47a323fa61af0791a01509cd69cf107f1a8ae6674ab43fe65","first_seen":"2025-10-13T20:04:33.567528Z","last_seen":"2025-10-13T20:04:33.567528Z","times_seen":1,"resource_available":true,"data":null}},"time_used":767,"timings":{"blocked":272,"dns":1,"connect":95,"send":0,"wait":98,"receive":94,"ssl":197},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"bettydwarfcoincident.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=450c8c26-18fb-43f3-960d-547a37a6288a\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=c3ddf49b76d1794238277509594f9009\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=20","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:02.622Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=450c8c26-18fb-43f3-960d-547a37a6288a\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=c3ddf49b76d1794238277509594f9009\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=20 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 13 Oct 2025 20:04:02 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 1\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e111fa5188c4d22c5ae8d82ec4ae17fa\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":693,"timings":{"blocked":297,"dns":1,"connect":94,"send":0,"wait":96,"receive":0,"ssl":200},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/interstitial/bottom_banner/1/img/close.svg","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:02.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/interstitial/bottom_banner/1/img/close.svg HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 13 Oct 2025 20:04:02 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lMbtN%2BCFi8ABwCsOgb5VkeqxF5oq0UJKJWwakCUuAkB%2Bb9EvVGheCsxocXKEvahGZMyLNc%2FksLjki%2BlIR%2B1vIZ0SoL6VheF97pCgV4hV\"}]}\r\nage: 1526951\r\ncf-cache-status: HIT\r\netag: W/\"65aa8501-4ff\"\r\ncontent-encoding: br\r\ncf-ray: 98e1719e28aab518-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1279,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"369850b9873659adf0951d845f57dba1","sha1":"a64257186daa33b6b318943a457b6cf8d80b26b6","sha256":"9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21","sha512":"6441b40e85c86e21362c7061a6b9610f52a5c801b274b246711546ad45c68c3e7f2f242f1621b90967eaeebf52709545d06283c2015d6b9ad7f6f7d37fb14a88","ssdeep":"","tlshash":"6821d8dc958f223ef324ff6189b316606ba423f6bb18c5bcb199a8157e1cb910c48e14","first_seen":"2023-04-07T22:39:47Z","last_seen":"2026-04-06T10:31:30.21267Z","times_seen":8805,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":37,"dns":1,"connect":1,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bettydwarfcoincident.com/pixel/sbs?c=1","fqdn":"bettydwarfcoincident.com","domain":"bettydwarfcoincident.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://library.hydra.wiki/library","date":"2025-10-13T20:04:03.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bettydwarfcoincident.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Sep 2025 21:00:25 GMT","end":"Sat, 13 Dec 2025 21:00:24 GMT"},"fingerprint":{"sha1":"66:64:9F:A1:CC:C1:A4:9C:18:11:5A:53:39:D8:CC:92:52:D2:7D:CD","sha256":"1F:99:48:34:FF:08:5E:FE:D9:26:9A:D6:3D:CF:5A:90:5C:4D:3D:81:03:E0:F4:78:51:7D:0C:BB:25:60:8F:D4"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: bettydwarfcoincident.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://library.hydra.wiki/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=450c8c26-18fb-43f3-960d-547a37a6288a:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27001098=1; slecc3ddf49b76d1794238277509594f9009=[5974464]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Mon, 13 Oct 2025 20:04:03 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: bettydwarfcoincident.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-13","alert":"Sinkholed","trigger":"bettydwarfcoincident.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}