{"report_id":"c605bc84-98d8-4a03-ad39-1726fc7f4fb1","version":6,"status":"done","tags":[],"date":"2025-10-30T14:32:11Z","url":{"schema":"http","addr":"www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","fqdn":"www.flowdoodxwn.com","domain":"flowdoodxwn.com","tld":"com"},"ip":{"addr":"104.21.60.13","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","fqdn":"www.flowdoodxwn.com","domain":"flowdoodxwn.com","tld":"com"},"title":"flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":""}},"submit":{"url":{"schema":"http","addr":"www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","fqdn":"www.flowdoodxwn.com","domain":"flowdoodxwn.com","tld":"com"},"ip":{"addr":"104.21.60.13","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-04T14:32:11Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":13}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"js.capndr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"storage.multstorage.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"fp.metricswpsh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"ur.foretopheaved.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"ur.foretopheaved.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"js.wpadmngr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"na.nawpush.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"amt3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"e7d46466e8.f4f0e4093e.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"js.wpadmngr.com","ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2021-06-02","domain_rank":77954,"first_seen":"2021-06-02T14:43:46Z","last_seen":"2025-10-27T17:16:36.466608Z","alert_count":1,"request_count":1,"received_data":149980,"sent_data":427,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"sm.luxsmab.com","ip":{"addr":"104.18.48.8","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-04-29","domain_rank":492434,"first_seen":"2025-06-06T00:49:08.423003Z","last_seen":"2025-10-22T17:36:42.035212Z","alert_count":0,"request_count":1,"received_data":112650,"sent_data":529,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2025-10-27T01:14:40.833317Z","alert_count":0,"request_count":1,"received_data":842,"sent_data":445,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-10-26T22:13:34.663946Z","alert_count":0,"request_count":1,"received_data":428180,"sent_data":440,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"a.labadena.com","ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"domain_registered":"2020-01-21","domain_rank":266368,"first_seen":"2020-05-24T00:28:49Z","last_seen":"2025-10-29T07:29:04.744034Z","alert_count":4,"request_count":4,"received_data":4690,"sent_data":2394,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"storage.multstorage.com","ip":{"addr":"76.223.26.96","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2023-09-22","domain_rank":101055,"first_seen":"2023-09-22T12:56:00Z","last_seen":"2025-10-27T08:06:03.662099Z","alert_count":1,"request_count":1,"received_data":144,"sent_data":543,"comment":"","tags":null,"fingerprints":[{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]}]},{"fqdn":"fp.metricswpsh.com","ip":{"addr":"157.90.84.242","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2021-10-29","domain_rank":154722,"first_seen":"2022-04-22T11:20:32Z","last_seen":"2025-10-27T08:06:03.692147Z","alert_count":2,"request_count":2,"received_data":829,"sent_data":1076,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"accounts.google.com","ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":103,"first_seen":"2012-05-23T06:57:57Z","last_seen":"2025-10-26T22:33:54.778126Z","alert_count":0,"request_count":3,"received_data":6933,"sent_data":1786,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}]},{"fqdn":"bereave.onelinevideo.com","ip":{"addr":"47.252.7.200","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"domain_registered":"2025-04-21","domain_rank":486265,"first_seen":"2025-06-06T00:49:08.421363Z","last_seen":"2025-10-22T18:25:59.022861Z","alert_count":0,"request_count":3,"received_data":738,"sent_data":1600,"comment":"","tags":null,"fingerprints":null},{"fqdn":"nereserv.com","ip":{"addr":"116.202.204.105","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2020-12-21","domain_rank":17097,"first_seen":"2020-12-21T11:07:56Z","last_seen":"2025-10-27T08:06:03.809049Z","alert_count":4,"request_count":2,"received_data":644,"sent_data":1138,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"na.nawpush.com","ip":{"addr":"45.133.44.24","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2020-12-21","domain_rank":175362,"first_seen":"2020-12-23T08:18:12Z","last_seen":"2025-10-27T17:16:36.513215Z","alert_count":1,"request_count":1,"received_data":1598,"sent_data":493,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"api.lixstreamingcaio.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-04-29","domain_rank":492115,"first_seen":"2025-06-01T10:17:55.903035Z","last_seen":"2025-10-24T01:42:57.912506Z","alert_count":0,"request_count":6,"received_data":5963,"sent_data":3427,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"js.capndr.com","ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2021-08-30","domain_rank":156902,"first_seen":"2021-08-30T12:51:01Z","last_seen":"2025-10-27T23:52:18.028634Z","alert_count":2,"request_count":2,"received_data":98908,"sent_data":855,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ur.foretopheaved.com","ip":{"addr":"188.42.241.189","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"domain_registered":"2025-07-10","domain_rank":0,"first_seen":"2025-08-13T14:30:31.596497Z","last_seen":"2025-10-27T06:02:50.285601Z","alert_count":2,"request_count":1,"received_data":1424,"sent_data":434,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"36946.phidonatome.com","ip":{"addr":"88.208.22.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-08-24","domain_rank":0,"first_seen":"2025-10-25T22:33:45.251193Z","last_seen":"2025-10-25T22:33:45.251193Z","alert_count":0,"request_count":1,"received_data":32111,"sent_data":425,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"lz.faenasturbit.com","ip":{"addr":"172.241.53.182","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-06-20","domain_rank":0,"first_seen":"2025-09-26T02:41:00.932867Z","last_seen":"2025-10-22T18:25:59.058289Z","alert_count":0,"request_count":1,"received_data":1492,"sent_data":435,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"bvtpk.com","ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-03-16","domain_rank":37068,"first_seen":"2025-05-21T11:34:02.786268Z","last_seen":"2025-10-29T01:47:24.902139Z","alert_count":0,"request_count":1,"received_data":111313,"sent_data":412,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"amt3.com","ip":{"addr":"139.45.195.9","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2004-03-18","domain_rank":8122,"first_seen":"2025-04-23T17:00:21.322227Z","last_seen":"2025-10-29T22:45:41.915467Z","alert_count":1,"request_count":1,"received_data":834,"sent_data":607,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"e7d46466e8.f4f0e4093e.com","ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2025-09-30","domain_rank":0,"first_seen":"2025-10-30T05:25:00.398152Z","last_seen":"2025-10-30T05:25:00.398152Z","alert_count":1,"request_count":1,"received_data":345,"sent_data":849,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.22.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-10-26T22:15:38.172198Z","alert_count":0,"request_count":1,"received_data":18928,"sent_data":457,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"enrtx.com","ip":{"addr":"94.130.197.239","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2024-10-07","domain_rank":18023,"first_seen":"2024-11-04T09:19:58Z","last_seen":"2025-10-27T09:13:28.338121Z","alert_count":0,"request_count":1,"received_data":9835,"sent_data":502,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.16.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"29363911-36946-ex.uncocleypercha.com","ip":{"addr":"88.208.22.4","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-08-28","domain_rank":0,"first_seen":"2025-10-30T14:32:13.748573Z","last_seen":"2025-10-30T14:32:13.748573Z","alert_count":0,"request_count":1,"received_data":2464,"sent_data":1414,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ads.google.com","ip":{"addr":"142.251.38.110","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":2062,"first_seen":"2013-08-25T13:03:13Z","last_seen":"2025-10-28T23:47:23.526706Z","alert_count":0,"request_count":1,"received_data":208,"sent_data":407,"comment":"","tags":null,"fingerprints":null},{"fqdn":"accuratephrase.com","ip":{"addr":"188.72.219.35","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2024-08-07","domain_rank":440697,"first_seen":"2024-08-17T02:04:15Z","last_seen":"2025-10-13T06:46:32.786035Z","alert_count":0,"request_count":1,"received_data":668,"sent_data":475,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.flowdoodxwn.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-26","domain_rank":0,"first_seen":"2025-10-30T14:32:13.769774Z","last_seen":"2025-10-30T14:32:13.769774Z","alert_count":0,"request_count":8,"received_data":2892700,"sent_data":4256,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.tapioni.com","ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-05-27","domain_rank":177570,"first_seen":"2021-07-01T10:46:55Z","last_seen":"2025-10-27T09:39:10.672368Z","alert_count":4,"request_count":4,"received_data":700136,"sent_data":1672,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ntvpforever.com","ip":{"addr":"116.202.204.105","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2021-11-18","domain_rank":18811,"first_seen":"2021-11-19T01:49:18Z","last_seen":"2025-10-27T08:06:03.822022Z","alert_count":0,"request_count":2,"received_data":681,"sent_data":1052,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.tapioni.com/ip-push.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"234db1e18366f7e413979a404360d46f","sha1":"e7dceeb1876e703a6d2ab89bd9df35a64886e3f2","sha256":"3e7d4dcc3892ff793e8c8a7bb6271ea75047599fa5809d5f5e45b2d295ebf459","sha512":"e8b0daecd87c566ced35978f6b5428d61b32b7d3f45af6dd7b48d4e07cafdd128f730b635a804c712b76d371c804db1629989b8aae43056323a9cbc7078c0a4d","ssdeep":"1536:gmodQeNLvXl70gGYlR5U3lItL+5HOUOdxuIV9LmWJgYeZJCt0ZqKyLKPHHQAtC/4:XodQeNB0gllgz5uzxup","tlshash":"c2d3518dbac1b5610ba37064023f640ef2bb3a54b44bc9c0f629d5d06e7e94f6167e2d","size":134898,"data":"","first_seen":"2025-10-22T17:23:50.676656Z","last_seen":"2025-11-01T07:48:06.418074Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/vast-im.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8185f26ebe3e4675a3248b15e927b2d2","sha1":"d47683a50e5838a4843c58117a42ab17aec96ebe","sha256":"c841b953de5b67e61da9c796353eb552eea622f3b0cac6cb85802f312abe03ba","sha512":"ede02da627af03fc9e5bfea659502b6ac3f96f655ec222290f77e904edec9c9321b9fa13a44feef6bcb2377da1a1044524d5f3883f8f6996c434ccf302a0ecef","ssdeep":"6144:IdFL92ASnqBYfmMklUIWXsVjC+TpcB86ccfC:S97SnqBYfmMklUIWXAjC+9886ccfC","tlshash":"4764a4c9b6c6b0a543e7b0b8403f520ef276a955b44ac9c0e266e9d0ac7c94e5037f7d","size":315937,"data":"","first_seen":"2025-10-22T22:12:54.226509Z","last_seen":"2025-11-01T07:20:29.848175Z","times_seen":68,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/spots/494334?s1=1923286547889786882\u0026fs1=1\u0026i=1\u0026url=https%3A%2F%2Fwww.flowdoodxwn.com%2Fe%2FLwgHZXhx%3Flv1%3Dvidcloudmv.com\u0026sid=cb70020d-0dbb-496e-8ccb-b4a6f7fb14a0","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"introduction_type":"scriptElement","is_inline":false,"md5":"f84e641c6d70dc87435ebef72d9adacc","sha1":"d7cc2fd7a1cb7294acc79efeede27c94f39e1994","sha256":"8ddb0ad30355ab8e5f1ef17b9f718677a5533b133bf6ebe0f90de1f25c96c4d4","sha512":"0d17fcd52c3ba64508628e7876284d6620781d10188e901ebe33d007fa6b265e2e70728e014575deb235dd754b9a6da272fea2494c633633092d6481eb01f975","ssdeep":"","tlshash":"2e518684d6f86216f62710b0dd7acb9f655ee24192198075eff726a9c3cc64c06712ce","size":2573,"data":"","first_seen":"2025-10-30T14:32:25.973728Z","last_seen":"2025-10-30T14:32:25.973728Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","fqdn":"www.flowdoodxwn.com","domain":"flowdoodxwn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"21c18bdf0b85cac648181b0fda8c2f35","sha1":"ac5e740cd3011e645d4d92f117699d743b819acb","sha256":"264638badeb5ca45bdabf7ea2e8407322bd8e210d07745d0fcee6b3a5aff3b69","sha512":"7ed4d29f1178a5f105a4ebd39f646fdbe9cfb5e467c6e271661e2b8a8d3a1bb97afaaf988136ec3531a181b422271ae43b0c99178447974fb9c4d602b153d143","ssdeep":"","tlshash":"33e06f9a0c025060865b607b833d8b0cb022a1038435d040b4ace04f3f20fca9c2ff78","size":383,"data":"","first_seen":"2025-10-30T14:32:25.97671Z","last_seen":"2025-11-16T06:53:30.779829Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"36946.phidonatome.com/4/js/260941","fqdn":"36946.phidonatome.com","domain":"phidonatome.com","tld":"com"},"ip":{"addr":"88.208.22.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"52bcb75c76fd11c9b370fbef96645a39","sha1":"06e1ea3505e0e375eaa3fd7dadc85f30334ac71d","sha256":"33d36e48a9155ca8edc1b7cdbe6f6b3e4b9c2713f8b2824302a74e41a9c60771","sha512":"ac283af4d070a8d3086737a52f30726989e5d9d72a112de472a89eae712ef74400b3806de73ddd70da54a9a0d1f5fa302023fe2a4864e3b116a8283b25c8b012","ssdeep":"768:Hymbr/4nqZVnyTPxVC2/R3hMwsZwJmvnDY87bBZzBPZvzXRb7iGqj:ryxnufF3qj","tlshash":"56e22a95f996703043f7187a403f511af3361a94789e8460da2b99822c66fcb837bf7d","size":31409,"data":"","first_seen":"2025-10-30T14:32:25.96283Z","last_seen":"2025-10-30T14:32:25.96283Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","fqdn":"www.flowdoodxwn.com","domain":"flowdoodxwn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c4b39905819a02943aab42aaa3ace049","sha1":"397c25ba91f8946c07fcd15b85dde33073d13cc0","sha256":"56b98849a8c00948afc8281671da6d0955145a28b9cab57cb3f3cb67803dc520","sha512":"45185272dd93386022e633bba5581ebd898db3eae1dac640eaab69d546c0f1037b10c423e2b94e8383cf196255c6fa96b4374e9ecad48cd30475491950b1e7c9","ssdeep":"","tlshash":"10c08ca82aab4c7110f73a428fbf21057016a3132090cd313e0eb6848f34e2bda94808","size":190,"data":"","first_seen":"2025-08-29T08:56:06.9123Z","last_seen":"2026-02-02T17:50:52.010918Z","times_seen":319,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lz.faenasturbit.com/sSB8ld39qI9j8pgT/130607","fqdn":"lz.faenasturbit.com","domain":"faenasturbit.com","tld":"com"},"ip":{"addr":"172.241.53.182","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"f7a2939527fd9e68723da600e96d76bd","sha1":"a9e717b6364d2895ee0a716050db32ca0ef1bb42","sha256":"d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a","sha512":"e6956ec633c76eb3ebc408528f950b81373238cd1d5b9fff5ddd97089ea14a1ff5934f23769bac5d93cc4cdb6a1fbc4ce69baebfb940a55d8a7a89caccaf92b5","ssdeep":"","tlshash":"ec300000003000000000000000000000000c0000000000000000000000000c00000000","size":5,"data":"","first_seen":"2023-03-07T01:14:39Z","last_seen":"2026-04-26T17:01:20.409418Z","times_seen":14055,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","fqdn":"www.flowdoodxwn.com","domain":"flowdoodxwn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"20c32381f2958704dbda31cb9899e749","sha1":"0d1f76bf765e0b54db0c3b4c5e52a593c00122d2","sha256":"289167e4f6166260213381fc3fcdabb568382bd426fb4774a2bd57fc4469cbef","sha512":"a0f4ae95a388456981c5f0b99af0f6fea7f1bd845a413b3ab910ba2c7dac1e9f4d3eec0f542a28a8034ea6bb849a466ad2d22beb0abdf5f0955400a37d99e7dc","ssdeep":"","tlshash":"b4c022b465a89030001800a9307bc6ad3830300865927084889d781c9a70ed30452c64","size":188,"data":"","first_seen":"2025-10-30T14:32:25.979508Z","last_seen":"2025-11-19T23:14:59.414178Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"javascriptURL","is_inline":false,"md5":"68934a3e9455fa72420237eb05902327","sha1":"7cb6efb98ba5972a9b5090dc2e517fe14d12cb04","sha256":"fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa","sha512":"719fa67eef49c4b2a2b83f0c62bddd88c106aaadb7e21ae057c8802b700e36f81fe3f144812d8b05d66dc663d908b25645e153262cf6d457aa34e684af9e328d","ssdeep":"","tlshash":"aa3000000000000c000000000000000000000000000000000000000030000000000000","size":5,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-26T17:01:00.64065Z","times_seen":69683,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/asg_embed.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1093619d97a61fa7ce2f8d49c60cd231","sha1":"7f26ad5a0cbabdadea7a9d9b7b199f7bc713062d","sha256":"17b2b709ef9077f810aa9997fb69052f2d98de8ba6347bfcf9fbb8d6d1526c63","sha512":"0704683b95e6e4303c67e6f81d5d4a17e40a118fc026c1a0536100034c9c65dcdbad33cce607717df85625a6bb51911cf64926001701d26b0c7c7802b31a99e9","ssdeep":"6144:M11ClGoWve5tbyJ3xuG/KMInUsrIFRRrOJO7GG0iiGlNAkw5GJlY3mADPIahWkAx:1lGezm3xuGCQ77","tlshash":"1534a68db6c1b06107a36174062f646af3773a44b45ec480b72dd9d16ebaa0f6d27e3c","size":245260,"data":"","first_seen":"2025-10-22T11:29:03.885295Z","last_seen":"2025-11-01T07:48:06.406226Z","times_seen":79,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodxwn.com/assets/vendor-chunks-yysNIwRY-1761807466787.js","fqdn":"www.flowdoodxwn.com","domain":"flowdoodxwn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"8898d7931d9c840ef747b6707c8ba138","sha1":"683e4eb9ac2e703943a19b19778f4598cea97f4d","sha256":"a6b40cbde6c5d3cf597006e29703e1b7f056b6b3055753d979235056c204a704","sha512":"8d78d0bbf5821f32fe7b023b27d13d476b00a5675e34c8cc26b0b0b7cc0c3fc8eb6368d896a4d8bf91a9ef6a1e63a01add3260e919247ef4a6d1543a5e1226ec","ssdeep":"24576:TLgcTD3IaDerXpsBbIZ58O6gJ2dSG6MIIsPGiUcWFYMKduqCw:TscTD3IaDerXpsBbIZ58O6gq6MIIsPGg","tlshash":"04454cd972a67062879361a4503f1207723a7d16248cc05cf63bf9ea2eb8d09647bf7d","size":1269720,"data":"","first_seen":"2025-10-22T18:26:11.434592Z","last_seen":"2025-11-03T03:56:15.096326Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"12dd498bf90c536803c2aad708b66c2b","sha1":"5f9363d39a405d1c94328cf2303ff4a05c0ad163","sha256":"c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a","sha512":"ec593a501ebf74c092e564a1aaf0b477d3da6813c9a88f29d0d2a0db8143bdf19718ba4e6b13f64295b077ca5cb9c13460c30f9f2f35982a82597b22f79ffdd1","ssdeep":"192:l3GySZoj5oOg8pu564aEzn5nVMnyk3sBakk3cx7x0IlQV0Hf1b5SwU+ahpfex/W9:lWytjU64auV0ISjyW5RAe","tlshash":"6f82b38cb295f0b553d710b5403f910fe2366928654ec4d8f288d5ea2c7899d663bf3d","size":17908,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-26T12:48:39.756129Z","times_seen":7128,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/adgpt.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a0eaaed582ff685dd1612d9b403738ff","sha1":"e1edc160f929904d6f72cf06fb89bdee0820d8c0","sha256":"1329ad4e3e1558a61554e9d122ddfd9cd3fc384efbdda3f84ff8c411a0456101","sha512":"b97c6ab213782628b715a2409294c82921e46608b494d6369217198f2418f4a0f13c9458088adee2582b634c35e0effcbf8043c2ed1c50ececfca56b068d548a","ssdeep":"","tlshash":"784126ee25a0fda0079b714c602b180af0bc35e0e3ace8c69ff984b43d3c6441111aed","size":2370,"data":"","first_seen":"2025-10-23T23:38:15.306982Z","last_seen":"2025-11-01T07:48:06.412972Z","times_seen":74,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2afa7cba6f57f3eeae78df95b73f168b","sha1":"b8040032d652bb99cc9740c56bcfa63a73b1b1d5","sha256":"5759a83ef6b24ce80a2bb47651036559180df35a4e402ccd54258160c3e9cb36","sha512":"00520a391f3ceae5383a66496f08207353653261576915a091505afaaea981d8862ddfee9a7344be7371e7626cfca59e75f806f9527264eb26f2a210c4d08f74","ssdeep":"1536:l/IKgzKrExo6JrQMWd3OYLrqZLCaZ7xxGm3xw0Jqk1bLyP6sJcznlaM8DY3sq09q:l4wqpOOYLALCa5xxG5FMP32TZIk5ebz","tlshash":"f0b32ba072d5a811527fb12c0827d46ca56a4d8404cfc6bbd2d5a837e4a432dd3bbff6","size":110119,"data":"","first_seen":"2025-10-30T14:32:25.9658Z","last_seen":"2025-10-31T09:26:33.843523Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.capndr.com/popunder-admanager/build.m.js","fqdn":"js.capndr.com","domain":"capndr.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc292d0b58a5b4843fb530c1e1193832","sha1":"90931927d6bd19eb89d9a566a947168bc3424a20","sha256":"6321c2377db5d2b63981e348a3cb0cef1981d899d4186f70ccba179d87f69f68","sha512":"bd92dba0c756a35255357ba8193c2f1a79f1c2035d1faa7b3e82555765de3eee4f2827924d765ae3e30b820e42b0ad97c03278b5a0344665310019a52404c5c0","ssdeep":"768:ubVWcprgLsdOKoFiXE9VhlKAelZ8JnN2m+sfy2WnXSqeq3Sg9C4+XuSOscdFPmze:WYmOKjoM8JzdGeGtF","tlshash":"b4a318cdb7d2707042a7a4ba902f151ab33f29197809442cf969cdd138ad94f9327f79","size":98121,"data":"","first_seen":"2025-10-28T11:23:42.059576Z","last_seen":"2025-10-31T08:54:22.807308Z","times_seen":36,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-FZ6E2FXG92","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6843e8c44f2e5d610d2f8345e24708e2","sha1":"cb366e6f78c3e1197a69c0f75eece49f56f04667","sha256":"fc2ff9e804a11075b69d95ba0545c48093b01e7494e4246f0914e35186f5bf9a","sha512":"3979b3151a3ed509aef28932967550f743a1f7836290d38f4289b3fb72ce9812c5ba040b3be28475483a626ee5e94c136f9c917e144b7c8b878e3c7bbf404ecb","ssdeep":"6144:X4BMw1Rg1H8fId75KGqEA9yC6LzChXO+giTLcAJAHZMn5U10FGmQ:XWN1RqCId75KGqEthzCSAJjg","tlshash":"739419ce73c674269396f078503f118ba57b29a2b45cc896f189cce42d34a9a4277f7c","size":427576,"data":"","first_seen":"2025-10-30T14:32:25.927417Z","last_seen":"2025-10-30T14:32:25.927417Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodxwn.com/assets/main-sUw5dg9U-1761807466787.js","fqdn":"www.flowdoodxwn.com","domain":"flowdoodxwn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"94a2a075d4aed3473e1000db4b546ae1","sha1":"1e48cea811a99f0d2194ce25f31bffbb69d31d2f","sha256":"183815e94986b1ec276064de4dfaafe4ca3ccae1bd4e8ec15b27f4334f910e2a","sha512":"611c11ed027bc1861ca67aa86e6e7ebe64066527d026fb7b6a7fe06dfad09367a5dc9b1937a9a8ba9eebe83363f92dcf4ff2162da3af206d56bb6f94a4d1575f","ssdeep":"1536:BM25N0FTsFbG5nCfjxGg4asHq8FfLlBPBHLQg6/vUF1FfFLFcS3q4emaWQSFSW:Bbv0yFbG5mUtHBHaKN3q4emk5W","tlshash":"afa36eed602d8f3cf86109c1783ea5347429366bfa18c8a1f0bd3c125b94dc5a5aa7dd","size":101368,"data":"","first_seen":"2025-10-30T14:32:25.983667Z","last_seen":"2025-10-30T14:32:25.983667Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ur.foretopheaved.com/r4xjjmZUr51mvyQ/RNklR","fqdn":"ur.foretopheaved.com","domain":"foretopheaved.com","tld":"com"},"ip":{"addr":"188.42.241.189","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"848667c49f5d3aef59cd65ed276cd7ae","sha1":"bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763","sha256":"cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8","sha512":"4248ad0e684224ba8503b1e73517aae6ffe4431cd16b7633d2ccbf4b96f845e318dbee175d19cd4676ca37353f53add2231ed167ad6c4aa0d9fe185f7359238c","ssdeep":"","tlshash":"f23000000000000000cc00000000000000000000c000000000000000000000003c0000","size":5,"data":"","first_seen":"2025-04-24T10:17:49.831301Z","last_seen":"2026-04-26T17:01:00.590711Z","times_seen":15793,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.wpadmngr.com/static/adManager.js","fqdn":"js.wpadmngr.com","domain":"wpadmngr.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c90d1ef9543d7d56a6869ed4be6f7847","sha1":"6ff159593c9698ad541e6d3c149847b110c3deb6","sha256":"e7e748a324a548da8ce1ccc081a1339bf22142939106758ba1803fabafc42b2e","sha512":"8ac7ce5a0c7bc4daabb49051583a693f53e9d884f8deb32158c604abe682bfd2969dc1ac4e6ea8c50c0e63684ddd7424770fa0d7fbaf42c113e8118e981f0dbc","ssdeep":"1536:Z2c1pgoXEptQy9RixdpOkxQKf7YbK2Ec+tskajUOPVKIZujAB5R1pKKfVf3dnCjH:eRizplOK8mvDtsjbnujATLQ3+da","tlshash":"64e33ac9b2d2b47407e75099d43f1206f33a1a16b80c9058f6a6e9c17878ddb9237f7a","size":149592,"data":"","first_seen":"2025-10-20T14:02:56.309645Z","last_seen":"2025-11-06T12:09:31.49625Z","times_seen":392,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/users/494333?host=www.flowdoodxwn.com\u0026ev=223\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fwww.flowdoodxwn.com%2Fe%2FLwgHZXhx%3Flv1%3Dvidcloudmv.com\u0026sid=cb70020d-0dbb-496e-8ccb-b4a6f7fb14a0\u0026ab=1\u0026i=1\u0026s1=1923286547889786882\u0026fs1=1\u0026url=https%3A%2F%2Fwww.flowdoodxwn.com%2Fe%2FLwgHZXhx%3Flv1%3Dvidcloudmv.com","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"introduction_type":"scriptElement","is_inline":false,"md5":"8842ceda3fd00de3170848eaec9c15ff","sha1":"d63309b143320a63727416380007e9a1af37c502","sha256":"f7c97aa5f859841f8174302c937fbfd5b1a77058270111d2eb2d06d34ed95940","sha512":"36b8fe257508e324ba9333a3cd92b164db8b64f04b3979818999a9ba4a0e5d03495fde3088c43f55efafaedc3387e744f348c6bc8737418633bd52e9a38fa71c","ssdeep":"","tlshash":"980102c5465c95ff4348e0b3c93d4eb54dce4d782b546005fb38c31b58ca18142b428b","size":660,"data":"","first_seen":"2025-10-30T14:32:25.967251Z","last_seen":"2025-10-30T14:32:25.967251Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v1/user/gray/rules/check","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:54.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 09:33:43 GMT","end":"Wed, 21 Jan 2026 10:32:28 GMT"},"fingerprint":{"sha1":"4B:56:A4:B4:FD:CC:C3:10:87:7C:9D:AF:AA:DD:15:76:A6:A6:24:82","sha256":"47:9F:6B:6B:87:90:3E:BD:D7:80:43:FF:15:2C:13:C1:55:79:08:46:0A:9F:49:69:9F:4A:06:B8:50:C5:B3:3A"}}},"request":{"raw":"POST /v1/user/gray/rules/check HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 259\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:54 GMT\r\ncontent-type: application/json\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.flowdoodxwn.com\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nx-xbox-platform: streaming\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uTycSi2VmH8FmrAIEtQW3c%2F3knFX81Z%2Ft5d62NSMPLdrq4KKNifMrW%2F4nkTacGeYGCwCIUeBZn351uongxsWpAzy4UVSshJc37v7fdgOXXmMSko3ujU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 996b9e73de420b41-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":281,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"a3ccdf4f5cc8da7a6c2caa521331e46a","sha1":"dfe98614ee3b455bca14db2eef682f1338580a8a","sha256":"017e430f25345405c1b0bfeb89dce3a8f2be65237a718e8ad7563b2e977d9b5f","sha512":"afacf3e0a96434042d8417442f5a16ed1642ffb0e964552926b6ef374bfd2cd4e2a270fd66ee6fa906a67a47e750c72731cbcae88c0189c0a51c7a0f3bbe1b24","ssdeep":"","tlshash":"34d05e7d297154ad14985152d651e9c9f78058aabf58b750c423c11f34eb0c8723d2b7","first_seen":"2025-10-16T16:52:07.242118Z","last_seen":"2025-11-20T22:31:42.767036Z","times_seen":72,"resource_available":false,"data":null}},"time_used":564,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":564,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.capndr.com/popunder-admanager/build.m.js","fqdn":"js.capndr.com","domain":"capndr.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:55.847Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"js.capndr.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Oct 2025 02:32:03 GMT","end":"Sun, 11 Jan 2026 02:32:02 GMT"},"fingerprint":{"sha1":"4F:91:E2:5E:A1:B1:4D:7F:49:01:1E:73:C6:07:EB:0A:BE:44:4C:44","sha256":"7B:0D:8E:03:0E:6E:23:65:30:3D:E8:FC:0C:E7:66:46:E2:5B:7F:FA:FD:D2:FF:61:4C:A4:18:08:24:70:51:6B"}}},"request":{"raw":"GET /popunder-admanager/build.m.js HTTP/1.1\r\nHost: js.capndr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:55 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx/1.18.0\r\nlast-modified: Tue, 28 Oct 2025 08:52:33 GMT\r\netag: W/\"69008451-17f49\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 30 Oct 2025 14:36:55 GMT\r\ncache-control: max-age=300\r\nx-cdn-host-id: AH1747\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":98121,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"dc292d0b58a5b4843fb530c1e1193832","sha1":"90931927d6bd19eb89d9a566a947168bc3424a20","sha256":"6321c2377db5d2b63981e348a3cb0cef1981d899d4186f70ccba179d87f69f68","sha512":"bd92dba0c756a35255357ba8193c2f1a79f1c2035d1faa7b3e82555765de3eee4f2827924d765ae3e30b820e42b0ad97c03278b5a0344665310019a52404c5c0","ssdeep":"768:ubVWcprgLsdOKoFiXE9VhlKAelZ8JnN2m+sfy2WnXSqeq3Sg9C4+XuSOscdFPmze:WYmOKjoM8JzdGeGtF","tlshash":"b4a318cdb7d2707042a7a4ba902f151ab33f29197809442cf969cdd138ad94f9327f79","first_seen":"2025-10-28T11:23:42.059576Z","last_seen":"2025-10-31T08:54:22.807308Z","times_seen":36,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"js.capndr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-FZ6E2FXG92","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:47.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:37:40 GMT","end":"Mon, 05 Jan 2026 08:37:39 GMT"},"fingerprint":{"sha1":"A0:B4:2E:82:A1:27:01:D4:2F:43:C6:5A:4C:76:BD:AA:46:E7:DF:A1","sha256":"EE:18:CE:69:D5:34:E0:87:E6:41:61:C2:8F:06:9E:82:E4:85:2F:5E:5E:4B:99:79:9B:C2:6B:E3:A6:EC:EA:A9"}}},"request":{"raw":"GET /gtag/js?id=G-FZ6E2FXG92 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 30 Oct 2025 14:31:47 GMT\r\nexpires: Thu, 30 Oct 2025 14:31:47 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 142096\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":427576,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"6843e8c44f2e5d610d2f8345e24708e2","sha1":"cb366e6f78c3e1197a69c0f75eece49f56f04667","sha256":"fc2ff9e804a11075b69d95ba0545c48093b01e7494e4246f0914e35186f5bf9a","sha512":"3979b3151a3ed509aef28932967550f743a1f7836290d38f4289b3fb72ce9812c5ba040b3be28475483a626ee5e94c136f9c917e144b7c8b878e3c7bbf404ecb","ssdeep":"6144:X4BMw1Rg1H8fId75KGqEA9yC6LzChXO+giTLcAJAHZMn5U10FGmQ:XWN1RqCId75KGqEthzCSAJjg","tlshash":"739419ce73c674269396f078503f118ba57b29a2b45cc896f189cce42d34a9a4277f7c","first_seen":"2025-10-30T14:32:25.927417Z","last_seen":"2025-10-30T14:32:25.927417Z","times_seen":1,"resource_available":true,"data":null}},"time_used":401,"timings":{"blocked":132,"dns":1,"connect":28,"send":0,"wait":54,"receive":80,"ssl":102},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/users/494331?v2=1\u0026fill=0\u0026s1=1923286547889786882\u0026fs1=1\u0026i=1\u0026url=https%3A%2F%2Fwww.flowdoodxwn.com%2Fe%2FLwgHZXhx%3Flv1%3Dvidcloudmv.com\u0026sid=cb70020d-0dbb-496e-8ccb-b4a6f7fb14a0","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:51.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 23:28:42 GMT","end":"Sun, 07 Dec 2025 23:28:41 GMT"},"fingerprint":{"sha1":"75:0C:2C:D1:88:D9:87:78:0A:96:30:7B:67:42:16:4C:38:3E:51:6C","sha256":"2D:C0:E0:B0:44:25:E2:6F:08:EA:D5:19:60:6E:39:05:4F:0A:AC:38:FA:D8:9F:D6:B8:A1:C4:6F:3B:67:51:37"}}},"request":{"raw":"GET /api/users/494331?v2=1\u0026fill=0\u0026s1=1923286547889786882\u0026fs1=1\u0026i=1\u0026url=https%3A%2F%2Fwww.flowdoodxwn.com%2Fe%2FLwgHZXhx%3Flv1%3Dvidcloudmv.com\u0026sid=cb70020d-0dbb-496e-8ccb-b4a6f7fb14a0 HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flowdoodxwn.com/\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 30 Oct 2025 14:31:51 GMT\r\ncontent-type: text/xml\r\nvary: Accept-Encoding\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://www.flowdoodxwn.com\r\naccess-control-expose-headers: X-Asg-Config, X-t\r\nset-cookie: nauid=x8KKeKDEIRlKDLrwvNhR; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None\r\nx-robots-tag: noindex, nofollow\r\nx-t: 0\r\ncache-control: private\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":96,"size_decoded":0,"mime_type":"text/xml","magic":"XML 1.0 document, ASCII text","md5":"73d174f378b492e8958d14c2e6a9a4ec","sha1":"7d699dc411131a000b55c5e3808d6c75b443a25f","sha256":"c6f441dbb28602e988f9ae260f3f9c8556ac8d11eac13a6f997c04519267a621","sha512":"dd3c103c5a448e2e3df63dd51379b0f2225bbe5ce804402f5b13d102bd64500652eff4a136f311426d152d0068f4e9d0ce036e054b567246fb9e1a4156c0d195","ssdeep":"","tlshash":"e0b012867301b43305f16f135b24c01513783b85089d588ce8f30ad01e6440c03481ce","first_seen":"2025-09-24T04:41:31.323262Z","last_seen":"2025-11-20T22:31:42.782605Z","times_seen":115,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":35,"dns":1,"connect":13,"send":0,"wait":27,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accuratephrase.com/cqDJ9V6rb.2U5jl/S/WDQM9WN/jHY/4OOCD-kf3/NqiV0j2_NDjKgH4cODTtce3l","fqdn":"accuratephrase.com","domain":"accuratephrase.com","tld":"com"},"ip":{"addr":"188.72.219.35","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:54.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"accuratephrase.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 06:43:11 GMT","end":"Sat, 10 Jan 2026 06:43:10 GMT"},"fingerprint":{"sha1":"5C:01:82:3D:3E:91:A2:72:76:A4:E8:DA:42:F8:FD:E6:74:85:B6:CF","sha256":"70:75:DE:E9:C6:17:AD:2B:3D:6E:6A:92:30:CC:7F:07:FE:0A:01:18:13:08:46:C7:F6:A5:EE:0D:04:8E:7E:00"}}},"request":{"raw":"GET /cqDJ9V6rb.2U5jl/S/WDQM9WN/jHY/4OOCD-kf3/NqiV0j2_NDjKgH4cODTtce3l HTTP/1.1\r\nHost: accuratephrase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 30 Oct 2025 14:31:54 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 0\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64\r\nexpires: Mon, 26 Jul 2011 05:00:00 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: Content-Type\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T17:08:26.179498Z","times_seen":14237337,"resource_available":true,"data":null}},"time_used":218,"timings":{"blocked":88,"dns":33,"connect":17,"send":0,"wait":36,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodxwn.com/favicon.ico","fqdn":"www.flowdoodxwn.com","domain":"flowdoodxwn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:49.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flowdoodxwn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Sep 2025 05:54:15 GMT","end":"Thu, 25 Dec 2025 06:52:42 GMT"},"fingerprint":{"sha1":"DA:FF:54:36:61:AE:68:21:E0:25:1B:19:C3:0E:A4:0A:E2:B0:A4:3B","sha256":"B5:3A:E4:11:C7:48:60:33:52:05:5C:23:C5:02:28:F2:E4:8A:EC:59:A2:EA:F5:A2:AD:F0:C3:3B:89:22:DE:37"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.flowdoodxwn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com\r\nCookie: _ga_FZ6E2FXG92=GS2.1.s1761834707$o1$g0$t1761834707$j60$l0$h0; _ga=GA1.1.1998045292.1761834708\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:49 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A33E97C1DB016B7890248BDE4\r\nlast-modified: Thu, 30 Oct 2025 06:57:57 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2565223\r\nvia: EU-ESP-madrid-AREA1-CACHE2[2],EU-ESP-madrid-AREA1-CACHE5[0,TCP_HIT,1],EU-IRL-dublin-GLOBAL1-CACHE6[11],EU-IRL-dublin-GLOBAL1-CACHE20[0,TCP_HIT,7]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 017115387afdaf061ae6f10a7688718e\r\nnginx-hit: 1\r\nage: 26777\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncf-cache-status: DYNAMIC\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5FV6akE6y6SY9YIKpT4dXVrvyUDGle1PqhzpYggQxQ%2BRzLwPuC2%2FhfrlbgM%2Bqt%2BCLCAdCqY9xrtH0RYxzVOtRZXpUEw6xWUlgnusbGIncuzZ\"}]}\r\ncontent-encoding: br\r\ncf-ray: 996b9e545def56c9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2123,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"b226c5cfc7ebd2de0dddb4cbf6628f08","sha1":"ecffe8f020b86e5ad08841dbaff743633b39e805","sha256":"a0ac07faba80d95d04deb641272ffea7dd7996073da8d71f1b05b0da110ba9f3","sha512":"ee2cd0d3337d393135d0fa8d5c66ef1c2a93aee3b8da397509b11c85705a4ce36f6e3fc26e2f65fe33c382ea669a68c10af585c940f5f7c0cbc1e388502cc0a2","ssdeep":"","tlshash":"1c4160472de3481424218a546fe2f128ad66b2035b49f94571ee713cdf81b83ccc38a4","first_seen":"2025-10-30T14:32:25.932951Z","last_seen":"2025-10-30T14:32:25.932951Z","times_seen":1,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":81,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodxwn.com/assets/vendor-chunks-yysNIwRY-1761807466787.js","fqdn":"www.flowdoodxwn.com","domain":"flowdoodxwn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:49.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flowdoodxwn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Sep 2025 05:54:15 GMT","end":"Thu, 25 Dec 2025 06:52:42 GMT"},"fingerprint":{"sha1":"DA:FF:54:36:61:AE:68:21:E0:25:1B:19:C3:0E:A4:0A:E2:B0:A4:3B","sha256":"B5:3A:E4:11:C7:48:60:33:52:05:5C:23:C5:02:28:F2:E4:8A:EC:59:A2:EA:F5:A2:AD:F0:C3:3B:89:22:DE:37"}}},"request":{"raw":"GET /assets/vendor-chunks-yysNIwRY-1761807466787.js HTTP/1.1\r\nHost: www.flowdoodxwn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/assets/main-sUw5dg9U-1761807466787.js\r\nCookie: _ga_FZ6E2FXG92=GS2.1.s1761834707$o1$g0$t1761834707$j60$l0$h0; _ga=GA1.1.1998045292.1761834708\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:49 GMT\r\ncontent-type: application/x-javascript\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A33E96B59B118C05F9E14F2DA\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 30 Oct 2025 06:57:57 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2565223\r\nvia: EU-ESP-madrid-AREA1-CACHE3[5],EU-ESP-madrid-AREA1-CACHE5[0,TCP_HIT,4],EU-IRL-dublin-GLOBAL1-CACHE16[12],EU-IRL-dublin-GLOBAL1-CACHE8[0,TCP_HIT,5]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 253057df728f8980440b6ef0427c0679\r\nnginx-hit: 1\r\nage: 26777\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t1uCSL4eY0zMR1UnOeg7QiRsMIjwi6LnCv%2FEtPQsY2O7qpH%2FyVgmMvxGSOQrc0dGFMkMR7NfW%2BD4JgWgzC3SAestqYXXTDqV%2FUx%2F3ONFc1Iv\"}]}\r\netag: W/\"8898d7931d9c840ef747b6707c8ba138\"\r\ncontent-encoding: br\r\ncf-ray: 996b9e55bf7f56c9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1269720,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (37925)","md5":"1f7f489abd21ebc22f4dfe364f33ceaa","sha1":"1ab7f4413e1f48775ea949987258fd45c8ab0c90","sha256":"94a78da6f81d7a55d6d78786f431c1bb6c929dee2b530a49edca4a8d301869ca","sha512":"fc7fc8a33e1b274e0ca43255a88b4abc0349ac63f47cf3d28e138f2c2c31d100901e0c55489751114acde08b7215b3f218912008e379955d0e138439ff17569c","ssdeep":"24576:TLgcTD3IaDerXpsBbIZ58O6gJ2dSG6MIIsPGiUcWFYMKduqCq:TscTD3IaDerXpsBbIZ58O6gq6MIIsPGa","tlshash":"28254bd932a6706287d361a4503f5207723a7d16248cc45cf63af9ea2eb8d09647bf7c","first_seen":"2025-10-22T18:26:11.322422Z","last_seen":"2025-11-03T03:56:15.081511Z","times_seen":30,"resource_available":false,"data":null}},"time_used":527,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":137,"receive":390,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"storage.multstorage.com/log/count.html","fqdn":"storage.multstorage.com","domain":"multstorage.com","tld":"com"},"ip":{"addr":"76.223.26.96","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:55.836Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"storage.multstorage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 02:54:50 GMT","end":"Mon, 22 Dec 2025 02:54:49 GMT"},"fingerprint":{"sha1":"A7:F0:92:B0:60:17:0F:89:16:0D:51:27:DB:FE:C6:A0:D9:39:15:0F","sha256":"D8:BB:7C:8D:91:E4:6A:95:F9:86:5F:70:CE:DE:E9:AA:14:7C:0B:84:56:FC:96:09:E6:62:FD:5E:68:8E:E2:11"}}},"request":{"raw":"GET /log/count.html HTTP/1.1\r\nHost: storage.multstorage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 410 Gone\r\nalt-svc: h3=\":50944\"; ma=2592000\r\nserver: Caddy\r\ncontent-length: 0\r\ndate: Thu, 30 Oct 2025 14:31:55 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"410","status_text":"Gone","fingerprints":[{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T17:08:26.179498Z","times_seen":14237337,"resource_available":true,"data":null}},"time_used":231,"timings":{"blocked":105,"dns":41,"connect":9,"send":0,"wait":21,"receive":0,"ssl":42},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"storage.multstorage.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fp.metricswpsh.com/fp?tag_id=349919","fqdn":"fp.metricswpsh.com","domain":"metricswpsh.com","tld":"com"},"ip":{"addr":"157.90.84.242","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:56.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"notification.tubecup.net","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 Aug 2025 02:47:45 GMT","end":"Thu, 13 Nov 2025 02:47:44 GMT"},"fingerprint":{"sha1":"F4:AD:2A:0D:F1:0A:AB:04:F2:6F:6F:72:39:99:7F:4B:E4:5B:2E:4C","sha256":"12:8C:54:04:9B:26:0A:7E:35:D0:23:72:4F:A8:FC:52:77:D0:9D:FA:F5:AC:FE:2F:D2:49:97:F4:24:B6:72:0A"}}},"request":{"raw":"POST /fp?tag_id=349919 HTTP/1.1\r\nHost: fp.metricswpsh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 1970\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 30 Oct 2025 14:31:56 GMT\r\nContent-Type: application/json; charset=UTF-8\r\nContent-Length: 58\r\nConnection: keep-alive\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Origin: https://www.flowdoodxwn.com\r\nSet-Cookie: id=18121962098433940621; Expires=Fri, 30 Oct 2026 14:31:56 GMT; Secure; SameSite=None\r\nVary: Origin\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"c4efc1d6d16235d9433cd2565d887460","sha1":"22d069a5f536640e46122475c79db933e82d7f2e","sha256":"f0a6b8c736b7d8c5d3304a9ccd10d2114a0f25f2ba946cce62204df3384a131f","sha512":"af1cfe529f3173efdc7f4aff67355529095e775d8edb38d8a7c9565e09807aff470a465ffdf89ef6555f06cc88efa675823becc942896c63fa64a3140858f539","ssdeep":"","tlshash":"5ba00294c5c00e3c80200c3a73cf901628e4d304120217880ca66b5108822abe333c91","first_seen":"2025-07-26T17:44:43.174102Z","last_seen":"2026-04-26T14:52:42.909021Z","times_seen":6353,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":13,"connect":31,"send":0,"wait":25,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"fp.metricswpsh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026dsh=S1979735409%3A1761834716658481\u0026hl=en\u0026ifkv=ARESoU2UbFqLVrWOyCmkHGyvoMFMcy1K2ESizV0vAHkPzDCCvDQSbubj4SbH5Y2TAWhT7U1G2ARAUA\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:56.739Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:39:49 GMT","end":"Mon, 05 Jan 2026 08:39:48 GMT"},"fingerprint":{"sha1":"00:1E:AE:67:BB:25:41:AD:21:F2:16:82:FE:7C:79:27:80:DB:D9:9D","sha256":"69:46:2C:32:2B:8C:37:3A:EC:D5:1E:DF:4E:0A:3D:1A:AD:70:5B:07:77:3B:6B:59:E3:84:19:E2:3E:F1:42:0F"}}},"request":{"raw":"GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026dsh=S1979735409%3A1761834716658481\u0026hl=en\u0026ifkv=ARESoU2UbFqLVrWOyCmkHGyvoMFMcy1K2ESizV0vAHkPzDCCvDQSbubj4SbH5Y2TAWhT7U1G2ARAUA\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Thu, 30 Oct 2025 14:31:56 GMT\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncontent-security-policy: script-src 'nonce-YNkE60GerY91URePGuszWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.google.com/tools/feedback/ https://www.gstatic.com/feedback/js/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://support.google.com/inapp/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport\r\ncontent-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/recaptcha/enterprise.js https://www.gstatic.com/recaptcha/ https://www.google.com/tools/feedback/chat_load.js https://www.google.com/tools/feedback/help_api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.gstatic.com/feedback/js/ https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.mnCtys1ifsE.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"AccountsSignInUi\"\r\nreport-to: {\"group\":\"AccountsSignInUi\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi\"}]}\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T17:08:26.179498Z","times_seen":14237337,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/vast-im.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:51.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tapioni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 10:12:45 GMT","end":"Tue, 16 Dec 2025 11:12:39 GMT"},"fingerprint":{"sha1":"53:EE:30:9F:D0:82:6E:D3:05:D7:06:C0:89:A1:7F:95:D2:E2:01:7E","sha256":"21:58:AE:A3:46:B3:6B:EB:5F:82:88:D2:99:DE:87:F2:60:5D:36:27:10:AC:28:89:4F:06:F7:18:18:B4:95:23"}}},"request":{"raw":"GET /vast-im.js HTTP/1.1\r\nHost: cdn.tapioni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:51 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 89045\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Oct 2025 09:38:19 GMT\r\nvary: Accept-Encoding\r\netag: \"68f20e8b-15bd5\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nage: 643281\r\ncf-cache-status: HIT\r\ncf-ray: 996b9e632fa1b28a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":315937,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators","md5":"8185f26ebe3e4675a3248b15e927b2d2","sha1":"d47683a50e5838a4843c58117a42ab17aec96ebe","sha256":"c841b953de5b67e61da9c796353eb552eea622f3b0cac6cb85802f312abe03ba","sha512":"ede02da627af03fc9e5bfea659502b6ac3f96f655ec222290f77e904edec9c9321b9fa13a44feef6bcb2377da1a1044524d5f3883f8f6996c434ccf302a0ecef","ssdeep":"6144:IdFL92ASnqBYfmMklUIWXsVjC+TpcB86ccfC:S97SnqBYfmMklUIWXAjC+9886ccfC","tlshash":"4764a4c9b6c6b0a543e7b0b8403f520ef276a955b44ac9c0e266e9d0ac7c94e5037f7d","first_seen":"2025-10-22T22:12:54.226509Z","last_seen":"2025-11-01T07:20:29.848175Z","times_seen":68,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":85,"dns":64,"connect":4,"send":0,"wait":6,"receive":3,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:51.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/postscribe/2.0.8/postscribe.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:51 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 5117\r\ncf-ray: 996b9e6488960b69-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03faa-45f4\"\r\nlast-modified: Mon, 04 May 2020 16:15:38 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 735249\r\nexpires: Tue, 20 Oct 2026 14:31:51 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=qJ4bVrUcC1hJIl4azbEtYvUOjL%2FS1brs1xQt9ViA8db3hQgVk7nm%2B%2Bjz73cMPZyghNT9gr7HRfwektBDRLjHSMmswv59SYdNx4z8MLhLoZyaXjohAGj47SLXB%2BWj8055%2B67xngDj\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17908,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (17660)","md5":"12dd498bf90c536803c2aad708b66c2b","sha1":"5f9363d39a405d1c94328cf2303ff4a05c0ad163","sha256":"c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a","sha512":"ec593a501ebf74c092e564a1aaf0b477d3da6813c9a88f29d0d2a0db8143bdf19718ba4e6b13f64295b077ca5cb9c13460c30f9f2f35982a82597b22f79ffdd1","ssdeep":"192:l3GySZoj5oOg8pu564aEzn5nVMnyk3sBakk3cx7x0IlQV0Hf1b5SwU+ahpfex/W9:lWytjU64auV0ISjyW5RAe","tlshash":"6f82b38cb295f0b553d710b5403f910fe2366928654ec4d8f288d5ea2c7899d663bf3d","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-26T12:48:39.756129Z","times_seen":7128,"resource_available":true,"data":null}},"time_used":55,"timings":{"blocked":16,"dns":0,"connect":1,"send":0,"wait":24,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"enrtx.com/get/","fqdn":"enrtx.com","domain":"enrtx.com","tld":"com"},"ip":{"addr":"94.130.197.239","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:56.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"popunder-base.infrapu.sh","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Sep 2025 07:32:10 GMT","end":"Thu, 04 Dec 2025 07:32:09 GMT"},"fingerprint":{"sha1":"50:EA:C1:7E:9B:20:00:A4:62:CE:FD:F9:FD:D2:E9:BE:77:FE:08:47","sha256":"81:9C:C4:CA:23:66:01:BB:6E:7A:21:04:B3:6B:69:EF:E7:F2:C5:8D:CB:6E:F7:3D:A2:3C:90:1F:BE:0B:6F:48"}}},"request":{"raw":"POST /get/ HTTP/1.1\r\nHost: enrtx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flowdoodxwn.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1746\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.16.0\r\ndate: Thu, 30 Oct 2025 14:31:57 GMT\r\ncontent-type: application/json\r\ncontent-length: 3135\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.16.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9456,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0620acc80b306c3671490a9ae780dcf7","sha1":"166c1417194a7e01e18bac2fc639725a02f3a6c1","sha256":"4994b250a441890cc93f651f94509e4ccc2202205a26e5e373d67c24a6f91aeb","sha512":"7343e0427d5377211377dc05a4b845358f4271ff62ebcc4ba02911a4ed7107843c6c3a7047bade60ae3d7417e84d7b41f2eb18bdfd89f82896be6d44a38e8f21","ssdeep":"192:59eXXDxyhNPn24Y0srPn24V9eXXDxyhz0s5:58XXDxM/srX8XXDxfs5","tlshash":"22123b425793dd20bd8e69c2a3f7e304c667c6b94f4b9c9fd9e50b65888e26210c5f1c","first_seen":"2025-10-30T14:32:25.939636Z","last_seen":"2025-10-30T14:32:25.939636Z","times_seen":1,"resource_available":false,"data":null}},"time_used":479,"timings":{"blocked":116,"dns":35,"connect":25,"send":0,"wait":244,"receive":1,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"29363911-36946-ex.uncocleypercha.com/hiVGDoQwNAzpZtczvVjDLi9Mktk7qIvcL_RROMqaGJgcMJuXqthY_cOGVNNgbZHeztkLK6Qiha69FenlHea5aULCk6eXuLnWeAARGO8ke3phtcxwxrWpRx9dzLMyk4bz49s905AiOvLt8ioMTvx-IqmqrYo2IPU5?kws=\u0026pageUri=https%3A%2F%2Fwww.flowdoodxwn.com%2Fe%2FLwgHZXhx%3Flv1%3Dvidcloudmv.com\u0026referer=\u0026bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22false%22%2C%22Win32%22%2C%22llvmpipe%22%2C%22Mozilla%22%2C%22llvmpipe%22%2C%22Mesa%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Thu%20Oct%2030%202025%2014%3A31%3A55%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22true%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D\u0026btdb=0\u0026prsl=1","fqdn":"29363911-36946-ex.uncocleypercha.com","domain":"uncocleypercha.com","tld":"com"},"ip":{"addr":"88.208.22.4","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:58.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.uncocleypercha.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 Aug 2025 13:23:39 GMT","end":"Wed, 26 Nov 2025 13:23:38 GMT"},"fingerprint":{"sha1":"22:8A:CB:BF:F6:C8:BB:63:3B:40:60:50:E5:68:99:7F:9B:12:0F:74","sha256":"D1:A4:E0:CC:A1:89:9F:AB:A7:F6:82:AB:E0:1A:43:E1:74:3B:AA:F3:D3:9C:2F:D7:6A:20:6D:23:3C:ED:D7:6A"}}},"request":{"raw":"GET /hiVGDoQwNAzpZtczvVjDLi9Mktk7qIvcL_RROMqaGJgcMJuXqthY_cOGVNNgbZHeztkLK6Qiha69FenlHea5aULCk6eXuLnWeAARGO8ke3phtcxwxrWpRx9dzLMyk4bz49s905AiOvLt8ioMTvx-IqmqrYo2IPU5?kws=\u0026pageUri=https%3A%2F%2Fwww.flowdoodxwn.com%2Fe%2FLwgHZXhx%3Flv1%3Dvidcloudmv.com\u0026referer=\u0026bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22false%22%2C%22Win32%22%2C%22llvmpipe%22%2C%22Mozilla%22%2C%22llvmpipe%22%2C%22Mesa%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Thu%20Oct%2030%202025%2014%3A31%3A55%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22true%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D\u0026btdb=0\u0026prsl=1 HTTP/1.1\r\nHost: 29363911-36946-ex.uncocleypercha.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 30 Oct 2025 14:31:58 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: https://www.flowdoodxwn.com\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 86400\r\nreferrer-policy: unsafe-url\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory\r\naccept-ch-lifetime: 31536000\r\np3p: CP=\"NOI DEVa TAIa OUR BUS UNI STA\"\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\nlast-modified: Thu, 30 Oct 2025 14:31:58 UTC\r\nexpires: Thu, 30 Oct 2025 14:31:58 UTC\r\nset-cookie: _ccid=6306229673969899653; expires=Mon, 30 Oct 2028 14:31:58 GMT; domain=uncocleypercha.com; path=/; HttpOnly; secure; SameSite=None\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1528,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (1528), with no line terminators","md5":"5838b92f19720291931e823bb50374f7","sha1":"76d0377e5dddae5717bbf2c7e72d0eccef339932","sha256":"8c1721aea84bdbdbfd6bd7955362543a9b23d7240bff5bbf643fcc1cd326f0ec","sha512":"71800d136883651c19ccca07ebb30b0a87f21065fa7316148609eef9a028dfb685fbcb9f9b55636c66b74b06a102badbef6a41ab44376aa7085b83112cf6c316","ssdeep":"","tlshash":"8231dc41b16914612a047090d0f06f293e9feed893790adcc4152bf860aadfd8651476","first_seen":"2025-10-30T14:32:25.941706Z","last_seen":"2025-10-30T14:32:25.941706Z","times_seen":1,"resource_available":false,"data":null}},"time_used":449,"timings":{"blocked":78,"dns":21,"connect":17,"send":0,"wait":292,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/ip-push.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:51.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tapioni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 10:12:45 GMT","end":"Tue, 16 Dec 2025 11:12:39 GMT"},"fingerprint":{"sha1":"53:EE:30:9F:D0:82:6E:D3:05:D7:06:C0:89:A1:7F:95:D2:E2:01:7E","sha256":"21:58:AE:A3:46:B3:6B:EB:5F:82:88:D2:99:DE:87:F2:60:5D:36:27:10:AC:28:89:4F:06:F7:18:18:B4:95:23"}}},"request":{"raw":"GET /ip-push.js HTTP/1.1\r\nHost: cdn.tapioni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:51 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 41300\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Oct 2025 09:38:19 GMT\r\nvary: Accept-Encoding\r\netag: \"68f20e8b-a154\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nage: 704703\r\ncf-cache-status: HIT\r\ncf-ray: 996b9e631f8cb28a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":134898,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65498), with no line terminators","md5":"234db1e18366f7e413979a404360d46f","sha1":"e7dceeb1876e703a6d2ab89bd9df35a64886e3f2","sha256":"3e7d4dcc3892ff793e8c8a7bb6271ea75047599fa5809d5f5e45b2d295ebf459","sha512":"e8b0daecd87c566ced35978f6b5428d61b32b7d3f45af6dd7b48d4e07cafdd128f730b635a804c712b76d371c804db1629989b8aae43056323a9cbc7078c0a4d","ssdeep":"1536:gmodQeNLvXl70gGYlR5U3lItL+5HOUOdxuIV9LmWJgYeZJCt0ZqKyLKPHHQAtC/4:XodQeNB0gllgz5uzxup","tlshash":"c2d3518dbac1b5610ba37064023f640ef2bb3a54b44bc9c0f629d5d06e7e94f6167e2d","first_seen":"2025-10-22T17:23:50.676656Z","last_seen":"2025-11-01T07:48:06.418074Z","times_seen":29,"resource_available":true,"data":null}},"time_used":172,"timings":{"blocked":81,"dns":65,"connect":1,"send":0,"wait":7,"receive":2,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"js.capndr.com/advertising.js","fqdn":"js.capndr.com","domain":"capndr.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:55.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"js.capndr.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Oct 2025 02:32:03 GMT","end":"Sun, 11 Jan 2026 02:32:02 GMT"},"fingerprint":{"sha1":"4F:91:E2:5E:A1:B1:4D:7F:49:01:1E:73:C6:07:EB:0A:BE:44:4C:44","sha256":"7B:0D:8E:03:0E:6E:23:65:30:3D:E8:FC:0C:E7:66:46:E2:5B:7F:FA:FD:D2:FF:61:4C:A4:18:08:24:70:51:6B"}}},"request":{"raw":"GET /advertising.js HTTP/1.1\r\nHost: js.capndr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:55 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 0\r\nserver: nginx/1.18.0\r\nlast-modified: Fri, 14 Jul 2023 08:23:25 GMT\r\netag: \"64b105fd-0\"\r\nexpires: Thu, 30 Oct 2025 14:36:55 GMT\r\ncache-control: max-age=300\r\nx-cdn-host-id: AH1747\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T17:08:26.179498Z","times_seen":14237337,"resource_available":true,"data":null}},"time_used":152,"timings":{"blocked":64,"dns":13,"connect":21,"send":0,"wait":21,"receive":2,"ssl":28},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"js.capndr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ur.foretopheaved.com/r4xjjmZUr51mvyQ/RNklR","fqdn":"ur.foretopheaved.com","domain":"foretopheaved.com","tld":"com"},"ip":{"addr":"188.42.241.189","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:54.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ur.foretopheaved.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Sep 2025 09:56:09 GMT","end":"Sat, 13 Dec 2025 09:56:08 GMT"},"fingerprint":{"sha1":"91:AA:F1:1B:14:24:36:CD:6B:51:31:6E:5E:C4:CF:18:8E:A6:40:19","sha256":"C9:CD:6B:8D:1D:0B:25:5F:FC:34:0D:27:E0:29:A6:64:DE:36:11:67:88:AF:25:45:05:AA:32:99:35:95:94:EE"}}},"request":{"raw":"GET /r4xjjmZUr51mvyQ/RNklR HTTP/1.1\r\nHost: ur.foretopheaved.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 30 Oct 2025 14:31:54 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://www.flowdoodxwn.com\r\naccess-control-allow-headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\naccess-control-max-age: 600\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nset-cookie: GL_UI4=eJw9jc1OhDAcB%2FkGddnkl%2FAA%2BwgtUtKrF1%2FBI2npn7UKdFMqq28v8eBtDjOZKIqSpka8FyekX0rgwrnsZSdaybpRqlZr2feCaSEZb8U0CTzYbQhKzxQyVNuifBjCniHXXq2mRr44Q3ONUnt338g3KbJVLYTy1Xqa3PdhqA%2FnkfLn7mC7HhwzJG5r0nOF8s2u5ijPj0g4O5%2BKCE%2B3WYXJ%2BWWwpoiRX70yhPgF1agCXZ3%2FQWlo%2BwzuBrjZDP%2F%2B3zi9c4bC0G5HQu7CO%2FlfoWNCFg%3D%3D; expires=Fri, 31-Oct-2025 14:31:54 GMT; Max-Age=86400; path=/; secure; SameSite=None\nGL_GI10=eJwViD0LglAYRu99ESGS4gGHRpdW0VLBJSTndGhoaBILEcRXrtrH1F9pb4r%2BVWtTWzacA%2BcIIcicgsoGRujaoWN7C9v1PcgClKSgvIaesDpnV0gFcpYgVWOcthVbMfd1N%2Fwc2r8hS0zWVXmxtlz1Xcl1CxoYxawaVll3hGx0Cer47%2FZgCsiTPgNVmRFtPu9Xcf8OwUY0vz33u9UD1LTQHD8IfrcSKq4%3D; expires=Fri, 31-Oct-2025 14:31:54 GMT; Max-Age=86400; path=/; secure; SameSite=None\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"848667c49f5d3aef59cd65ed276cd7ae","sha1":"bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763","sha256":"cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8","sha512":"4248ad0e684224ba8503b1e73517aae6ffe4431cd16b7633d2ccbf4b96f845e318dbee175d19cd4676ca37353f53add2231ed167ad6c4aa0d9fe185f7359238c","ssdeep":"","tlshash":"f23000000000000000cc00000000000000000000c000000000000000000000003c0000","first_seen":"2025-04-24T10:17:49.831301Z","last_seen":"2026-04-26T17:01:00.590711Z","times_seen":15793,"resource_available":true,"data":null}},"time_used":317,"timings":{"blocked":146,"dns":108,"connect":17,"send":0,"wait":20,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"ur.foretopheaved.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"ur.foretopheaved.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","fqdn":"www.flowdoodxwn.com","domain":"flowdoodxwn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-30T14:31:46.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flowdoodxwn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Sep 2025 05:54:15 GMT","end":"Thu, 25 Dec 2025 06:52:42 GMT"},"fingerprint":{"sha1":"DA:FF:54:36:61:AE:68:21:E0:25:1B:19:C3:0E:A4:0A:E2:B0:A4:3B","sha256":"B5:3A:E4:11:C7:48:60:33:52:05:5C:23:C5:02:28:F2:E4:8A:EC:59:A2:EA:F5:A2:AD:F0:C3:3B:89:22:DE:37"}}},"request":{"raw":"GET /e/LwgHZXhx?lv1=vidcloudmv.com HTTP/1.1\r\nHost: www.flowdoodxwn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:47 GMT\r\ncontent-type: text/html\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A33E95955B2D4470584D56777\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QrdfNuvs1aqQ0R%2FzNA6Zum9AT5E9iKOWEcDVz9lqDQr6w8qh%2FKkBJQgEmxr6Qx2VFTr%2BvICeaycz0gg7U8LwlOv3xypewKWo5EGRdcBR47tw\"}]}\r\nlast-modified: Thu, 30 Oct 2025 06:57:57 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2565224\r\nvia: EU-ESP-madrid-AREA1-CACHE2[3],EU-ESP-madrid-AREA1-CACHE4[0,TCP_HIT,2],EU-IRL-dublin-GLOBAL1-CACHE20[4],EU-IRL-dublin-GLOBAL1-CACHE12[0,TCP_HIT,2]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 30af1ed0496c60941f5981142d508f0c\r\nnginx-hit: 1\r\nage: 26776\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 996b9e414e4f7130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}],"data":{"size":2123,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"b226c5cfc7ebd2de0dddb4cbf6628f08","sha1":"ecffe8f020b86e5ad08841dbaff743633b39e805","sha256":"a0ac07faba80d95d04deb641272ffea7dd7996073da8d71f1b05b0da110ba9f3","sha512":"ee2cd0d3337d393135d0fa8d5c66ef1c2a93aee3b8da397509b11c85705a4ce36f6e3fc26e2f65fe33c382ea669a68c10af585c940f5f7c0cbc1e388502cc0a2","ssdeep":"","tlshash":"1c4160472de3481424218a546fe2f128ad66b2035b49f94571ee713cdf81b83ccc38a4","first_seen":"2025-10-30T14:32:25.932951Z","last_seen":"2025-10-30T14:32:25.932951Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1207,"timings":{"blocked":36,"dns":17,"connect":1,"send":0,"wait":1134,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bereave.onelinevideo.com/moire/calibre/eclipse","fqdn":"bereave.onelinevideo.com","domain":"onelinevideo.com","tld":"com"},"ip":{"addr":"47.252.7.200","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:51.447Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bereave.onelinevideo.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 21 Apr 2025 00:00:00 GMT","end":"Mon, 20 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E0:8E:3E:B2:04:D3:F1:8E:24:9D:86:3A:9E:82:A4:F5:45:3F:D1:AD","sha256":"92:99:82:77:56:12:E5:7A:6F:E4:9E:E1:33:D0:ED:6E:11:A4:AF:65:E4:1A:60:B9:75:F8:9B:59:74:D7:01:8B"}}},"request":{"raw":"POST /moire/calibre/eclipse HTTP/1.1\r\nHost: bereave.onelinevideo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flowdoodxwn.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 921\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:52 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: no-store\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with no line terminators","md5":"994bc2d786b80db30d25a86f0966738c","sha1":"963d6537316f5eff300dc7ce3be2fe9435cfaba7","sha256":"f1120f8318bd34b74df6893a5d70d6a0ebaca4f09fcc9c77c4613d23da706bce","sha512":"b495346134e4456027108a1274dd2aedd64acc6d30f16301695c45057e2491b3ff24a760e170ebae568f5f03ecaa3bdea88d230e8a6c68465afe70d634772a7f","ssdeep":"","tlshash":"178004d054c43015f444711df17d77c050d1d1051454c751c07115417c0104440c4415","first_seen":"2025-10-30T14:32:25.945779Z","last_seen":"2025-10-30T14:32:25.945779Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1329,"timings":{"blocked":753,"dns":0,"connect":100,"send":0,"wait":103,"receive":0,"ssl":370},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/adgpt.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:55.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tapioni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 10:12:45 GMT","end":"Tue, 16 Dec 2025 11:12:39 GMT"},"fingerprint":{"sha1":"53:EE:30:9F:D0:82:6E:D3:05:D7:06:C0:89:A1:7F:95:D2:E2:01:7E","sha256":"21:58:AE:A3:46:B3:6B:EB:5F:82:88:D2:99:DE:87:F2:60:5D:36:27:10:AC:28:89:4F:06:F7:18:18:B4:95:23"}}},"request":{"raw":"GET /adgpt.js HTTP/1.1\r\nHost: cdn.tapioni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:55 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 872\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Oct 2025 09:38:19 GMT\r\nvary: Accept-Encoding\r\netag: \"68f20e8b-368\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nage: 563943\r\ncf-cache-status: HIT\r\ncf-ray: 996b9e790957b28a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2370,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (2370), with no line terminators","md5":"a0eaaed582ff685dd1612d9b403738ff","sha1":"e1edc160f929904d6f72cf06fb89bdee0820d8c0","sha256":"1329ad4e3e1558a61554e9d122ddfd9cd3fc384efbdda3f84ff8c411a0456101","sha512":"b97c6ab213782628b715a2409294c82921e46608b494d6369217198f2418f4a0f13c9458088adee2582b634c35e0effcbf8043c2ed1c50ececfca56b068d548a","ssdeep":"","tlshash":"784126ee25a0fda0079b714c602b180af0bc35e0e3ace8c69ff984b43d3c6441111aed","first_seen":"2025-10-23T23:38:15.306982Z","last_seen":"2025-11-01T07:48:06.412972Z","times_seen":74,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ntvpforever.com/keywords","fqdn":"ntvpforever.com","domain":"ntvpforever.com","tld":"com"},"ip":{"addr":"116.202.204.105","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:56.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 02:00:40 GMT","end":"Sat, 24 Jan 2026 02:00:39 GMT"},"fingerprint":{"sha1":"2B:72:A9:3F:14:00:92:B9:05:AC:BC:3B:22:CB:D9:87:80:23:C8:3D","sha256":"60:5B:BA:7E:5F:7A:B1:E0:55:4D:4C:29:EA:C7:21:68:37:AF:03:5B:A7:3D:15:98:F1:65:96:AB:4A:3E:17:3B"}}},"request":{"raw":"POST /keywords HTTP/1.1\r\nHost: ntvpforever.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 87\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0\r\ndate: Thu, 30 Oct 2025 14:31:55 GMT\r\ncontent-type: application/json\r\ncontent-length: 15\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"32323194b8b07fd0aa9b6f7fc79a7b30","sha1":"ea248c45722bff267b55a453dc794bc42171cef6","sha256":"080040b4937f3f423f32cd7f19b2a79ba1e1e213f1d9f4f4db4f609d4ad778d8","sha512":"e6b7cefe758be1e47a28ed8fc319cd61814e942838f0f65a26e629f0af39fae2547bece75c020c0cad5294b741a20911757b43b493dea2d3b109e4cf3ae3e9a3","ssdeep":"","tlshash":"9d600008200a08020880a000a20082002000a002002008282880008083002000888800","first_seen":"2023-09-22T06:12:14Z","last_seen":"2026-04-26T11:17:30.745576Z","times_seen":2385,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026dsh=S1979735409:1761834716658481\u0026ifkv=ARESoU19Ts_IGcFQ2JAhf9QYh18Es2enM0KvPtNmU5vdBUhZuuu2Sm3lpqSQXpTUbTf63D9hw9Mvmw","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:56.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:39:49 GMT","end":"Mon, 05 Jan 2026 08:39:48 GMT"},"fingerprint":{"sha1":"00:1E:AE:67:BB:25:41:AD:21:F2:16:82:FE:7C:79:27:80:DB:D9:9D","sha256":"69:46:2C:32:2B:8C:37:3A:EC:D5:1E:DF:4E:0A:3D:1A:AD:70:5B:07:77:3B:6B:59:E3:84:19:E2:3E:F1:42:0F"}}},"request":{"raw":"GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026dsh=S1979735409:1761834716658481\u0026ifkv=ARESoU19Ts_IGcFQ2JAhf9QYh18Es2enM0KvPtNmU5vdBUhZuuu2Sm3lpqSQXpTUbTf63D9hw9Mvmw HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: __Host-GAPS=1:TIS2-gLyfgKDLhZ8bQ3kpwSDPrvvNw:HKXc_7gf-xkdDLFE;Path=/;Expires=Sat, 30-Oct-2027 14:31:56 GMT;Secure;HttpOnly;Priority=HIGH\r\nx-frame-options: DENY\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Thu, 30 Oct 2025 14:31:56 GMT\r\nlocation: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026dsh=S1979735409%3A1761834716658481\u0026hl=en\u0026ifkv=ARESoU2UbFqLVrWOyCmkHGyvoMFMcy1K2ESizV0vAHkPzDCCvDQSbubj4SbH5Y2TAWhT7U1G2ARAUA\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: script-src 'nonce-EtyIw3JWXI3OpnWHH-VMGA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_gse_qebhlk\"\r\nreport-to: {\"group\":\"coop_gse_qebhlk\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gse_qebhlk\"}]}\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 417\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T17:08:26.179498Z","times_seen":14237337,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bereave.onelinevideo.com/moire/calibre/eclipse","fqdn":"bereave.onelinevideo.com","domain":"onelinevideo.com","tld":"com"},"ip":{"addr":"47.252.7.200","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:32:04.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bereave.onelinevideo.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 21 Apr 2025 00:00:00 GMT","end":"Mon, 20 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E0:8E:3E:B2:04:D3:F1:8E:24:9D:86:3A:9E:82:A4:F5:45:3F:D1:AD","sha256":"92:99:82:77:56:12:E5:7A:6F:E4:9E:E1:33:D0:ED:6E:11:A4:AF:65:E4:1A:60:B9:75:F8:9B:59:74:D7:01:8B"}}},"request":{"raw":"POST /moire/calibre/eclipse HTTP/1.1\r\nHost: bereave.onelinevideo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flowdoodxwn.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1338\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 30 Oct 2025 14:32:04 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: no-store\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with no line terminators","md5":"53ba6872083a30f5e432c69cb9181c2c","sha1":"bce1abb891f87c32ac37dab579c569facccff12b","sha256":"d812582bb2d3102622e2e9ecce15c070e85030d0f77781dee72f3989e5601a41","sha512":"ec2d4cef904719503a739551225d55c79fdc33dfec53d479eb6f8f32c7172a6ee6bf2166c665ad203194925f51a40f6dea41bf42be3c0d66093d22d4c0d4748a","ssdeep":"","tlshash":"6b800414130141101707f015d055f404d0c07447410100054df105d11f7c0440c54500","first_seen":"2025-10-30T14:32:25.949662Z","last_seen":"2025-10-30T14:32:25.949662Z","times_seen":1,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodxwn.com/assets/main-sUw5dg9U-1761807466787.js","fqdn":"www.flowdoodxwn.com","domain":"flowdoodxwn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:47.431Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flowdoodxwn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Sep 2025 05:54:15 GMT","end":"Thu, 25 Dec 2025 06:52:42 GMT"},"fingerprint":{"sha1":"DA:FF:54:36:61:AE:68:21:E0:25:1B:19:C3:0E:A4:0A:E2:B0:A4:3B","sha256":"B5:3A:E4:11:C7:48:60:33:52:05:5C:23:C5:02:28:F2:E4:8A:EC:59:A2:EA:F5:A2:AD:F0:C3:3B:89:22:DE:37"}}},"request":{"raw":"GET /assets/main-sUw5dg9U-1761807466787.js HTTP/1.1\r\nHost: www.flowdoodxwn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:48 GMT\r\ncontent-type: application/x-javascript\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A33E93DBCB15A3F6A168AD1C6\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 30 Oct 2025 06:57:56 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nvia: EA-IDN-kabbekasi-EDGE4-CACHE28[6],EA-IDN-kabbekasi-EDGE4-CACHE8[0,TCP_HIT,2],EA-SGP-GLOBAL1-CACHE9[4],EA-SGP-GLOBAL1-CACHE6[0,TCP_HIT,3]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 767eecdc663235f704f1bea237a36a0f\r\nnginx-hit: 1\r\nage: 27191\r\nx-ccdn-expires: 2564809\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lOhggSSm9yV%2BIFlD8hxcFEJ9GjEvRNJmDfnRLwfFszPMbICUGuxyHg5vyN%2B1SeuXzOYJFSRSlS8As3bTzfMlurmWqKxFapoAyM%2F7%2FvYftJEZ\"}]}\r\netag: W/\"94a2a075d4aed3473e1000db4b546ae1\"\r\ncontent-encoding: br\r\ncf-ray: 996b9e496a4e56c9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":101368,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14304)","md5":"92d2cb673f741487d78f1c60f9a84e88","sha1":"f701f3915a40075ad2ef95b1edf3f76c6c482cb2","sha256":"3ece4d7417313317249e438b538e7bc76aa86870349278939ee75c967bbc4cd0","sha512":"ac5f6846494a9d9462426bd6381f7d925bb4bd1a9870330bf9a238dfba2b5072dc02daed4ae172ff2259fb8da76cb2fb4bcaea2235b220c2275bf42558227c15","ssdeep":"1536:BM25N0FTsFbG5nCfjxGg4asHq8FfLlBPBHLQg6/vUF1FfFLFcSYq4emaWQSFSW:Bbv0yFbG5mUtHBHaKNYq4emk5W","tlshash":"1fa37ded6029cf3cf86109c1783ea5347429366bfa18c8e1f1bd2c025b94dc5a5aa7dd","first_seen":"2025-10-30T14:32:25.951356Z","last_seen":"2025-10-30T14:32:25.951356Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1950,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1305,"receive":645,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodxwn.com/assets/vendor-chunks-DoTr35U9-1761807466787.css","fqdn":"www.flowdoodxwn.com","domain":"flowdoodxwn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:47.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flowdoodxwn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Sep 2025 05:54:15 GMT","end":"Thu, 25 Dec 2025 06:52:42 GMT"},"fingerprint":{"sha1":"DA:FF:54:36:61:AE:68:21:E0:25:1B:19:C3:0E:A4:0A:E2:B0:A4:3B","sha256":"B5:3A:E4:11:C7:48:60:33:52:05:5C:23:C5:02:28:F2:E4:8A:EC:59:A2:EA:F5:A2:AD:F0:C3:3B:89:22:DE:37"}}},"request":{"raw":"GET /assets/vendor-chunks-DoTr35U9-1761807466787.css HTTP/1.1\r\nHost: www.flowdoodxwn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:47 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A33E95DD5B19CBF09D43167E1\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 30 Oct 2025 06:57:57 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2565224\r\nvia: EU-ESP-madrid-AREA1-CACHE5[4],EU-ESP-madrid-AREA1-CACHE4[0,TCP_HIT,3],EU-IRL-dublin-GLOBAL1-CACHE11[8],EU-IRL-dublin-GLOBAL1-CACHE12[0,TCP_HIT,4]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 45edfa6e512004240f9fab1b66278a5c\r\nnginx-hit: 1\r\nage: 26776\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iD6GdnhLd59fqUA%2F2XFWK7sHP6TVfVAJ65erO05ewiL%2BxMVy%2F08Kg%2BP1w3aem3%2F6IcgfeQFerBypwtGagkHxNY9y%2B5gNXYepLr53z0Ga5%2FsP\"}]}\r\netag: W/\"583c695c76766d48b720411106e87599\"\r\ncontent-encoding: br\r\ncf-ray: 996b9e496a5456c9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":161718,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"583c695c76766d48b720411106e87599","sha1":"e7e75b7ea87593b675eac8f4937a1af7db66f102","sha256":"3f61af115313bbfe92c14794125043e3c53029cc5be9de758ce7a6a4e503275d","sha512":"a9c008b55f23c2460d6650529750b10d9ff30b66cdeb90ca7ad75ec21bb350c619593ae0e01975bacf784d013e08795f40f95c365deeaa4e594a6aa3785e2756","ssdeep":"768:eK4kaqXtxtd5+NuoRbV/es4idulogKFjY3xkjS5nz1miiJykXEK1rBw0OBp6EnUp:eKLvTdw7tejDxkjS5nzK8BTpZaKjpi","tlshash":"58f39569ea10a27de91faf259bc49f8ca224e881cd311af7f685610c4dc3bf115e274d","first_seen":"2025-06-14T07:01:13.355089Z","last_seen":"2026-02-27T13:27:16.333567Z","times_seen":523,"resource_available":false,"data":null}},"time_used":540,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":334,"receive":206,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodxwn.com/assets/main-V9Jz9HxG-1761807466787.css","fqdn":"www.flowdoodxwn.com","domain":"flowdoodxwn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:47.435Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flowdoodxwn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Sep 2025 05:54:15 GMT","end":"Thu, 25 Dec 2025 06:52:42 GMT"},"fingerprint":{"sha1":"DA:FF:54:36:61:AE:68:21:E0:25:1B:19:C3:0E:A4:0A:E2:B0:A4:3B","sha256":"B5:3A:E4:11:C7:48:60:33:52:05:5C:23:C5:02:28:F2:E4:8A:EC:59:A2:EA:F5:A2:AD:F0:C3:3B:89:22:DE:37"}}},"request":{"raw":"GET /assets/main-V9Jz9HxG-1761807466787.css HTTP/1.1\r\nHost: www.flowdoodxwn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:47 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A33E96B8CB113AF27F9011EEC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 30 Oct 2025 06:57:56 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2565224\r\nvia: EU-ESP-madrid-AREA1-CACHE5[4],EU-ESP-madrid-AREA1-CACHE4[0,TCP_HIT,3],EU-IRL-dublin-GLOBAL1-CACHE3[6],EU-IRL-dublin-GLOBAL1-CACHE6[0,TCP_HIT,2]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 3f15a65051a632e93ed77646520fc474\r\nnginx-hit: 1\r\nage: 26776\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rRBhXFOHgwhhpVH0gMWLhniR94tElqVh0c%2B6LfNlIAWtmopLuaMOI7GbSTLRchsX3KTkcy%2B2bUalksYstkYzuI7ssstzh7utkyVJm%2FuUT1vx\"}]}\r\netag: W/\"b9c85dd84150aa1204f36a4c5e1051a8\"\r\ncontent-encoding: br\r\ncf-ray: 996b9e496a5556c9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":62847,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (62846)","md5":"b9c85dd84150aa1204f36a4c5e1051a8","sha1":"cc6d7c39a3d40833469864744c2bfbd48b6bab0c","sha256":"1eaf6afd76b5cb42314d75dd2c382399f8a64048f0d7d4413de8067515d8360d","sha512":"d2fea52cd85ab72a052ac6a632d7954f3b8ab4aaf2a7f5a9862c53565462537c9bd2d47516a2b0beac26ba25435f343af753f31a021415184ce5eacc3cbc21a4","ssdeep":"1536:TSMWKxZ2v1/YdP5cgQ5qNsmbHDXEfSCZDfhTwDzfTK2HnO0iyAoP7GitdtmnyWlO:sKxZ2vmdh7Q5qNsmbHDXEfpDfhTwDzff","tlshash":"70538321b6178129b833b9e6e5d4e65e31349d0ec922d7def601b52dcece391243722e","first_seen":"2025-10-30T14:32:25.954234Z","last_seen":"2025-10-30T14:32:25.954234Z","times_seen":1,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":130,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.wpadmngr.com/static/adManager.js","fqdn":"js.wpadmngr.com","domain":"wpadmngr.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:54.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"js.wpadmngr.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 02 Sep 2025 03:32:10 GMT","end":"Mon, 01 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"A8:B8:5C:A8:67:08:FB:6F:5B:FE:20:D6:BB:7A:04:B0:B2:1A:BE:F7","sha256":"03:91:48:19:1B:C5:3E:CF:59:DE:C7:39:A3:C0:C3:E0:BC:41:15:48:FB:42:AB:77:8C:5B:FF:37:FE:1F:3C:54"}}},"request":{"raw":"GET /static/adManager.js HTTP/1.1\r\nHost: js.wpadmngr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:54 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx/1.18.0\r\nlast-modified: Mon, 20 Oct 2025 10:58:05 GMT\r\netag: W/\"68f615bd-24858\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 30 Oct 2025 14:36:54 GMT\r\ncache-control: max-age=300\r\nx-cdn-host-id: AH1747\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":149592,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c90d1ef9543d7d56a6869ed4be6f7847","sha1":"6ff159593c9698ad541e6d3c149847b110c3deb6","sha256":"e7e748a324a548da8ce1ccc081a1339bf22142939106758ba1803fabafc42b2e","sha512":"8ac7ce5a0c7bc4daabb49051583a693f53e9d884f8deb32158c604abe682bfd2969dc1ac4e6ea8c50c0e63684ddd7424770fa0d7fbaf42c113e8118e981f0dbc","ssdeep":"1536:Z2c1pgoXEptQy9RixdpOkxQKf7YbK2Ec+tskajUOPVKIZujAB5R1pKKfVf3dnCjH:eRizplOK8mvDtsjbnujATLQ3+da","tlshash":"64e33ac9b2d2b47407e75099d43f1206f33a1a16b80c9058f6a6e9c17878ddb9237f7a","first_seen":"2025-10-20T14:02:56.309645Z","last_seen":"2025-11-06T12:09:31.49625Z","times_seen":392,"resource_available":true,"data":null}},"time_used":193,"timings":{"blocked":73,"dns":25,"connect":21,"send":0,"wait":40,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"js.wpadmngr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sm.luxsmab.com/thumbnails/xbox-streaming/1923286547889786882/f6745360-0497-4f7a-8b9a-009a6f7a68ba/screenshot/3x3.jpg","fqdn":"sm.luxsmab.com","domain":"luxsmab.com","tld":"com"},"ip":{"addr":"104.18.48.8","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:32:04.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"luxsmab.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Oct 2025 04:00:36 GMT","end":"Wed, 14 Jan 2026 05:00:30 GMT"},"fingerprint":{"sha1":"A6:4A:9F:7E:AE:10:91:65:EE:0B:9B:83:C2:A5:D2:6F:0E:BE:B7:22","sha256":"68:F7:74:BD:17:BD:50:EE:18:62:75:7B:62:20:04:6A:A1:11:F6:00:43:C6:67:5C:B5:C8:20:5D:D5:31:58:CA"}}},"request":{"raw":"GET /thumbnails/xbox-streaming/1923286547889786882/f6745360-0497-4f7a-8b9a-009a6f7a68ba/screenshot/3x3.jpg HTTP/1.1\r\nHost: sm.luxsmab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 30 Oct 2025 14:32:04 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 111544\r\ncf-ray: 996b9eb25cec5697-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ncf-bgj: h2pri,csam-hash\r\ncloudservicediscount: CDN\r\ncontent-disposition: inline\r\netag: \"394e834ab3d98d22b23ca13ec5dc7437\"\r\nlast-modified: Wed, 29 Oct 2025 04:51:25 GMT\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-expires: 2513342\r\nx-ccdn-req-id-46b1: 2de0ef0f5d904afb4224ae184dade673\r\nvia: EU-GER-frankfurt-EDGE7-CACHE1[22],EU-GER-frankfurt-EDGE7-CACHE1[17,TCP_MISS,21],EU-GER-frankfurt-GLOBAL1-CACHE11[15],EU-GER-frankfurt-GLOBAL1-CACHE7[0,TCP_HIT,14]\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-amz-request-id: 0000019A3086A348B01F367618FFC0D5\r\nx-hcs-proxy-type: 1\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncf-cache-status: HIT\r\nage: 985\r\nexpires: Thu, 30 Oct 2025 18:32:04 GMT\r\ncache-control: public, max-age=14400\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":111544,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1056x1920, components 3","md5":"394e834ab3d98d22b23ca13ec5dc7437","sha1":"45b5e20555022cd857be7d75b3852e12b815f497","sha256":"c41c21f4d3593a353e4852ad1f62e3da0e9a10a494550691e000f50951f31198","sha512":"b96c59c8df245971e23dcc0f3abf2a2e31221d88f13abbffde49afc5a0d66ec2ad693e1fdf65b51e92b46b26af9a4f6dc8f0aa6932d531269aa437fdc57ac096","ssdeep":"3072:lp6gAB+TXy87jX16ekhgyCmVEOqXYDgptE/vnbk0aEUWz:lp/AEC89VyXXqXSgptsHavWz","tlshash":"fab312af18d867c81361a9f015eb0a768188acb607f16b5566b8c19bc3c9e21332d793","first_seen":"2025-10-30T14:32:25.956996Z","last_seen":"2025-10-30T14:32:25.956996Z","times_seen":1,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":64,"dns":37,"connect":1,"send":0,"wait":23,"receive":9,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nereserv.com/in/dip?event_id=a252041a-4cc8-4b15-9d5a-5a93b7f0f283\u0026subid=1450210302\u0026spot_id=1457063\u0026created_at=2025-10-30\u0026timezone=0\u0026ver=1.168.28","fqdn":"nereserv.com","domain":"nereserv.com","tld":"com"},"ip":{"addr":"116.202.204.105","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:56.894Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 02:00:40 GMT","end":"Sat, 24 Jan 2026 02:00:39 GMT"},"fingerprint":{"sha1":"2B:72:A9:3F:14:00:92:B9:05:AC:BC:3B:22:CB:D9:87:80:23:C8:3D","sha256":"60:5B:BA:7E:5F:7A:B1:E0:55:4D:4C:29:EA:C7:21:68:37:AF:03:5B:A7:3D:15:98:F1:65:96:AB:4A:3E:17:3B"}}},"request":{"raw":"GET /in/dip?event_id=a252041a-4cc8-4b15-9d5a-5a93b7f0f283\u0026subid=1450210302\u0026spot_id=1457063\u0026created_at=2025-10-30\u0026timezone=0\u0026ver=1.168.28 HTTP/1.1\r\nHost: nereserv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0\r\ndate: Thu, 30 Oct 2025 14:31:57 GMT\r\ncontent-length: 0\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T17:08:26.179498Z","times_seen":14237337,"resource_available":true,"data":null}},"time_used":272,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bereave.onelinevideo.com/moire/calibre/eclipse","fqdn":"bereave.onelinevideo.com","domain":"onelinevideo.com","tld":"com"},"ip":{"addr":"47.252.7.200","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:51.439Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bereave.onelinevideo.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 21 Apr 2025 00:00:00 GMT","end":"Mon, 20 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E0:8E:3E:B2:04:D3:F1:8E:24:9D:86:3A:9E:82:A4:F5:45:3F:D1:AD","sha256":"92:99:82:77:56:12:E5:7A:6F:E4:9E:E1:33:D0:ED:6E:11:A4:AF:65:E4:1A:60:B9:75:F8:9B:59:74:D7:01:8B"}}},"request":{"raw":"POST /moire/calibre/eclipse HTTP/1.1\r\nHost: bereave.onelinevideo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flowdoodxwn.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 936\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:52 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: no-store\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with no line terminators","md5":"9853b5fe5f9d44b960adc247d22bd67a","sha1":"329ebc6f9fa5c0c205afc6873eee7d6a170235a4","sha256":"1be006adc9102f88d48a687ec7ba2b5ef00d288f05d05d733733738047157929","sha512":"4438e83da9b8c2b5131a096b9e9a269192fc3ad9af2fa54979ca54d70db2fc0d9fa98afb51635414dbedefa29e5ccbcb277818bbc9f529be3298906a87c1e284","ssdeep":"","tlshash":"9d80002bf00220302e2f8e0020cc23be02a803c28ac388ba80c0383fac8880028c8808","first_seen":"2025-10-30T14:32:25.958569Z","last_seen":"2025-10-30T14:32:25.958569Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1616,"timings":{"blocked":760,"dns":280,"connect":103,"send":0,"wait":104,"receive":0,"ssl":366},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/settings/494334","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:51.611Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 23:28:42 GMT","end":"Sun, 07 Dec 2025 23:28:41 GMT"},"fingerprint":{"sha1":"75:0C:2C:D1:88:D9:87:78:0A:96:30:7B:67:42:16:4C:38:3E:51:6C","sha256":"2D:C0:E0:B0:44:25:E2:6F:08:EA:D5:19:60:6E:39:05:4F:0A:AC:38:FA:D8:9F:D6:B8:A1:C4:6F:3B:67:51:37"}}},"request":{"raw":"GET /api/settings/494334 HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flowdoodxwn.com/\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 30 Oct 2025 14:31:51 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-robots-tag: noindex, nofollow\r\ncache-control: private\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"1be64b6d6652effba7dcf744e90def6a","sha1":"d9fbc7d1fa49fa4733f90a3739882d63972c2352","sha256":"72d79d0ad9a70ef53c1bab65c588d44bffb1a1b5aba0eb2f9f6a886c4c3aec4f","sha512":"ff1aee5b5d4ba25f4f78a0ddc80cd878856815c1ded88b32370c72bff242e73522e6aefb60fa5e53c434f10d2611dab7679152edf9321edc2b656e0265ef7006","ssdeep":"","tlshash":"408004c00dc1545410c010f4434043150103140f535c3304d41d1701147f4d17030150","first_seen":"2023-04-06T10:58:14Z","last_seen":"2026-04-26T13:52:22.832067Z","times_seen":7340,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":81,"dns":47,"connect":13,"send":0,"wait":13,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"na.nawpush.com/tags/349919?version_name=c\u0026domain=www.flowdoodxwn.com","fqdn":"na.nawpush.com","domain":"nawpush.com","tld":"com"},"ip":{"addr":"45.133.44.24","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:55.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"na.nawpush.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Sep 2025 02:32:20 GMT","end":"Thu, 18 Dec 2025 02:32:19 GMT"},"fingerprint":{"sha1":"38:85:B2:05:59:7D:15:16:9D:87:1B:83:46:10:68:2E:DC:7C:7A:D1","sha256":"FE:22:4E:C6:6F:85:46:CA:64:38:8F:48:77:17:E8:29:0E:7C:14:27:20:EA:A9:7B:CB:5E:49:87:A6:B0:60:2F"}}},"request":{"raw":"GET /tags/349919?version_name=c\u0026domain=www.flowdoodxwn.com HTTP/1.1\r\nHost: na.nawpush.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:55 GMT\r\ncontent-type: application/json\r\nserver: nginx/1.24.0\r\ncache-control: max-age=300, public\r\nx-cdn-host-id: DS5058\r\nx-proxy-cache: EXPIRED\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1355,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"5ebddcf6f54daa72b57e2720a7340cd8","sha1":"188de4ead16d498b073cf6f3c51ff0713724a923","sha256":"b4e408e1b573cc694a52c2724e820bb8541d7f8e73167845afbbc719a30e460c","sha512":"37708986a1d37f5ed6f4c8085aabfc1c1a5939c1def892e38cf8a41266d61c31739e613dd0082d055fabb62956e25128d88dc8c5109d746e838c7b5c17977b19","ssdeep":"","tlshash":"fe2153fc95359caac0c0478a84d67f4c02a4327bb2c8745af5ad09b816cf5961d2f20b","first_seen":"2025-10-25T22:33:56.227866Z","last_seen":"2025-10-31T08:54:22.801063Z","times_seen":4,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":73,"dns":26,"connect":19,"send":0,"wait":34,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"na.nawpush.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v1/user/gray/rules/check","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:51.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 09:33:43 GMT","end":"Wed, 21 Jan 2026 10:32:28 GMT"},"fingerprint":{"sha1":"4B:56:A4:B4:FD:CC:C3:10:87:7C:9D:AF:AA:DD:15:76:A6:A6:24:82","sha256":"47:9F:6B:6B:87:90:3E:BD:D7:80:43:FF:15:2C:13:C1:55:79:08:46:0A:9F:49:69:9F:4A:06:B8:50:C5:B3:3A"}}},"request":{"raw":"OPTIONS /v1/user/gray/rules/check HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.flowdoodxwn.com/\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:54 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.flowdoodxwn.com\r\naccess-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE\r\naccess-control-allow-headers: content-type\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FTtdXgIu7YSm3dWoBRtSHvQ8l%2FGBegqV%2FvpHA4REdZG1zzki%2FDz2m55SxaLogX3cO%2Bgzgwo%2BQcNcnIj64VC405bfBBFL8iVULDBpIWgRshlc5D6lspo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 996b9e62af860b41-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T17:08:26.179498Z","times_seen":14237337,"resource_available":true,"data":null}},"time_used":2755,"timings":{"blocked":0,"dns":1,"connect":0,"send":0,"wait":2753,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"36946.phidonatome.com/4/js/260941","fqdn":"36946.phidonatome.com","domain":"phidonatome.com","tld":"com"},"ip":{"addr":"88.208.22.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:54.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.phidonatome.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 Aug 2025 14:26:35 GMT","end":"Sat, 22 Nov 2025 14:26:34 GMT"},"fingerprint":{"sha1":"26:CF:61:32:62:A2:2E:AA:5B:BB:94:49:87:8F:5F:D3:FC:56:D3:A3","sha256":"11:B6:A8:6E:27:CF:3A:FB:9E:54:98:68:00:99:A8:AE:D3:70:FD:EB:48:73:1C:CE:3E:A1:96:8E:A9:37:C1:09"}}},"request":{"raw":"GET /4/js/260941 HTTP/1.1\r\nHost: 36946.phidonatome.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 30 Oct 2025 14:31:54 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-length: 11322\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 86400\r\nreferrer-policy: unsafe-url\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory\r\naccept-ch-lifetime: 31536000\r\nset-cookie: _ccid=6306229673969899653; expires=Mon, 30 Oct 2028 14:31:54 GMT; domain=phidonatome.com; path=/; HttpOnly; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31409,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (31409), with no line terminators","md5":"52bcb75c76fd11c9b370fbef96645a39","sha1":"06e1ea3505e0e375eaa3fd7dadc85f30334ac71d","sha256":"33d36e48a9155ca8edc1b7cdbe6f6b3e4b9c2713f8b2824302a74e41a9c60771","sha512":"ac283af4d070a8d3086737a52f30726989e5d9d72a112de472a89eae712ef74400b3806de73ddd70da54a9a0d1f5fa302023fe2a4864e3b116a8283b25c8b012","ssdeep":"768:Hymbr/4nqZVnyTPxVC2/R3hMwsZwJmvnDY87bBZzBPZvzXRb7iGqj:ryxnufF3qj","tlshash":"56e22a95f996703043f7187a403f511af3361a94789e8460da2b99822c66fcb837bf7d","first_seen":"2025-10-30T14:32:25.96283Z","last_seen":"2025-10-30T14:32:25.96283Z","times_seen":1,"resource_available":true,"data":null}},"time_used":173,"timings":{"blocked":70,"dns":20,"connect":18,"send":0,"wait":23,"receive":1,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ntvpforever.com/keywords","fqdn":"ntvpforever.com","domain":"ntvpforever.com","tld":"com"},"ip":{"addr":"116.202.204.105","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:55.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 02:00:40 GMT","end":"Sat, 24 Jan 2026 02:00:39 GMT"},"fingerprint":{"sha1":"2B:72:A9:3F:14:00:92:B9:05:AC:BC:3B:22:CB:D9:87:80:23:C8:3D","sha256":"60:5B:BA:7E:5F:7A:B1:E0:55:4D:4C:29:EA:C7:21:68:37:AF:03:5B:A7:3D:15:98:F1:65:96:AB:4A:3E:17:3B"}}},"request":{"raw":"OPTIONS /keywords HTTP/1.1\r\nHost: ntvpforever.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.flowdoodxwn.com/\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx/1.24.0\r\ndate: Thu, 30 Oct 2025 14:31:55 GMT\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T17:08:26.179498Z","times_seen":14237337,"resource_available":true,"data":null}},"time_used":191,"timings":{"blocked":83,"dns":4,"connect":25,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lz.faenasturbit.com/sSB8ld39qI9j8pgT/130607","fqdn":"lz.faenasturbit.com","domain":"faenasturbit.com","tld":"com"},"ip":{"addr":"172.241.53.182","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:51.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lz.faenasturbit.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 Aug 2025 21:30:44 GMT","end":"Sun, 23 Nov 2025 21:30:43 GMT"},"fingerprint":{"sha1":"13:83:22:2A:A8:74:75:99:1D:B5:40:D3:0C:98:ED:AE:AF:58:E6:7F","sha256":"CB:DB:2B:D4:50:B9:74:60:4A:8C:FB:0B:16:75:AA:35:D4:89:87:48:74:0B:08:15:A0:97:A6:B5:40:09:1D:FC"}}},"request":{"raw":"GET /sSB8ld39qI9j8pgT/130607 HTTP/1.1\r\nHost: lz.faenasturbit.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 30 Oct 2025 14:31:52 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 5\r\nvary: Origin\r\naccess-control-expose-headers: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Megageocheckolololo, X-Forwarded-For, X-Requested-With, Cache-Control, Pragma, Expires, Credentials\r\naccess-control-allow-methods: GET, HEAD, POST, PUT, OPTIONS\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\nset-cookie: GGI10=G/oAAMTPn1PZ5ukSnmw8bfFluN+NzXY8UNxgu2vRX1kBBUFRI0khkN4mIl6+sph1ZvUL+3+QLmPYQQgMNdBV21QNx4aMrtlAiGKwleH+ntQGAmTEmCDoFqnJiHnepJOR3v59EG8FIwaOdobz8JLu23zdp8CQsTYiK/UGYXW5Ny4h28/t9QY9BoGM1KWZOetFAxnyVyaG5gSZMngvluyDhYW+4JZLLNyzdOH/Bw==; max-age=3600000; path=/; secure; SameSite=None\nGUI42=G1EDAGRzTeWjR7p6Qu3mU4YH9Pm/d8f/s18Bwh2ttYAWSICBJJLv1p7hISgwsLmvbx6l1gny/4B8HjAzIAA9j+CKoejWQE7Q1BwPyagP3EDzrQkKAFxCMsFpubg+UtqnIlX8zN9T+7IO1X2MMktWiYNbyuVNiRJnf7wfUIbm+H7AEgzQyUwzPGiPsMTAVKsDJfFwD4xfforJPYXioCIf2lWxUYhhKoQ7HRcZYY50oYzyqxv9qsGaDbWD1wCyt75hKpW3uB8gHqUhyEoTSk1RxkUr1lwWVmkJtMRDLDKRhK6JKZeSpVJNYZhr9NBIY1zkqp1pIcXRmpOuXZbnZmrK1GQprh3FhAWw37LLQmbTCH66VE33X9bD3yqgSeP7AeXr1OsuO6qcJayqp9VMtT1A/4JTwT1AkJZzjPhTkAfWGyG/j8JzziRG0P/cNw==; max-age=3600000; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"f7a2939527fd9e68723da600e96d76bd","sha1":"a9e717b6364d2895ee0a716050db32ca0ef1bb42","sha256":"d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a","sha512":"e6956ec633c76eb3ebc408528f950b81373238cd1d5b9fff5ddd97089ea14a1ff5934f23769bac5d93cc4cdb6a1fbc4ce69baebfb940a55d8a7a89caccaf92b5","ssdeep":"","tlshash":"ec300000003000000000000000000000000c0000000000000000000000000c00000000","first_seen":"2023-03-07T01:14:39Z","last_seen":"2026-04-26T17:01:20.409418Z","times_seen":14055,"resource_available":true,"data":null}},"time_used":305,"timings":{"blocked":141,"dns":99,"connect":17,"send":0,"wait":23,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:54.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bvtpk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Sep 2025 16:15:33 GMT","end":"Mon, 08 Dec 2025 17:13:51 GMT"},"fingerprint":{"sha1":"57:53:1B:12:8D:B5:A7:B6:96:E2:B4:FE:90:A1:D8:FA:24:94:9A:B9","sha256":"4E:2A:10:4F:06:F6:4E:34:B3:5A:E6:9B:A2:C7:FC:B2:A4:7D:55:44:3D:06:2B:38:35:A7:52:1D:F2:4E:80:5E"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: bvtpk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:54 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-trace-id: f81d386655966fab870f0981738f6c99\r\ncache-control: public, max-age=600, s-maxage=1800\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 236\r\ncf-cache-status: HIT\r\nlast-modified: Thu, 30 Oct 2025 14:27:58 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q07WKLt%2BCQQQ4SRkVoAszbao9a8%2BaLQQ6AB%2BY1X1Cb9U4lhfeJRLkOllZiBfy8Miu1Go6PoPqXatfjXfSb65g7xzlvIFSp6Iew%3D%3D\"}]}\r\ncf-ray: 996b9e77ec3b4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":110119,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"2afa7cba6f57f3eeae78df95b73f168b","sha1":"b8040032d652bb99cc9740c56bcfa63a73b1b1d5","sha256":"5759a83ef6b24ce80a2bb47651036559180df35a4e402ccd54258160c3e9cb36","sha512":"00520a391f3ceae5383a66496f08207353653261576915a091505afaaea981d8862ddfee9a7344be7371e7626cfca59e75f806f9527264eb26f2a210c4d08f74","ssdeep":"1536:l/IKgzKrExo6JrQMWd3OYLrqZLCaZ7xxGm3xw0Jqk1bLyP6sJcznlaM8DY3sq09q:l4wqpOOYLALCa5xxG5FMP32TZIk5ebz","tlshash":"f0b32ba072d5a811527fb12c0827d46ca56a4d8404cfc6bbd2d5a837e4a432dd3bbff6","first_seen":"2025-10-30T14:32:25.9658Z","last_seen":"2025-10-31T09:26:33.843523Z","times_seen":7,"resource_available":true,"data":null}},"time_used":84,"timings":{"blocked":35,"dns":20,"connect":1,"send":0,"wait":6,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/users/494333?host=www.flowdoodxwn.com\u0026ev=223\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fwww.flowdoodxwn.com%2Fe%2FLwgHZXhx%3Flv1%3Dvidcloudmv.com\u0026sid=cb70020d-0dbb-496e-8ccb-b4a6f7fb14a0\u0026ab=1\u0026i=1\u0026s1=1923286547889786882\u0026fs1=1\u0026url=https%3A%2F%2Fwww.flowdoodxwn.com%2Fe%2FLwgHZXhx%3Flv1%3Dvidcloudmv.com","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:55.098Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 23:28:42 GMT","end":"Sun, 07 Dec 2025 23:28:41 GMT"},"fingerprint":{"sha1":"75:0C:2C:D1:88:D9:87:78:0A:96:30:7B:67:42:16:4C:38:3E:51:6C","sha256":"2D:C0:E0:B0:44:25:E2:6F:08:EA:D5:19:60:6E:39:05:4F:0A:AC:38:FA:D8:9F:D6:B8:A1:C4:6F:3B:67:51:37"}}},"request":{"raw":"GET /api/users/494333?host=www.flowdoodxwn.com\u0026ev=223\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fwww.flowdoodxwn.com%2Fe%2FLwgHZXhx%3Flv1%3Dvidcloudmv.com\u0026sid=cb70020d-0dbb-496e-8ccb-b4a6f7fb14a0\u0026ab=1\u0026i=1\u0026s1=1923286547889786882\u0026fs1=1\u0026url=https%3A%2F%2Fwww.flowdoodxwn.com%2Fe%2FLwgHZXhx%3Flv1%3Dvidcloudmv.com HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nCookie: nauid=x8KKeKDEIRlKDLrwvNhR\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 30 Oct 2025 14:31:55 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-robots-tag: noindex, nofollow\r\ncache-control: private\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":660,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (351)","md5":"8842ceda3fd00de3170848eaec9c15ff","sha1":"d63309b143320a63727416380007e9a1af37c502","sha256":"f7c97aa5f859841f8174302c937fbfd5b1a77058270111d2eb2d06d34ed95940","sha512":"36b8fe257508e324ba9333a3cd92b164db8b64f04b3979818999a9ba4a0e5d03495fde3088c43f55efafaedc3387e744f348c6bc8737418633bd52e9a38fa71c","ssdeep":"","tlshash":"980102c5465c95ff4348e0b3c93d4eb54dce4d782b546005fb38c31b58ca18142b428b","first_seen":"2025-10-30T14:32:25.967251Z","last_seen":"2025-10-30T14:32:25.967251Z","times_seen":1,"resource_available":true,"data":null}},"time_used":596,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":596,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodxwn.com/assets/icon-L3kzdSYP-1761807466787.png","fqdn":"www.flowdoodxwn.com","domain":"flowdoodxwn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:32:04.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flowdoodxwn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Sep 2025 05:54:15 GMT","end":"Thu, 25 Dec 2025 06:52:42 GMT"},"fingerprint":{"sha1":"DA:FF:54:36:61:AE:68:21:E0:25:1B:19:C3:0E:A4:0A:E2:B0:A4:3B","sha256":"B5:3A:E4:11:C7:48:60:33:52:05:5C:23:C5:02:28:F2:E4:8A:EC:59:A2:EA:F5:A2:AD:F0:C3:3B:89:22:DE:37"}}},"request":{"raw":"GET /assets/icon-L3kzdSYP-1761807466787.png HTTP/1.1\r\nHost: www.flowdoodxwn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com\r\nCookie: _ga_FZ6E2FXG92=GS2.1.s1761834707$o1$g0$t1761834707$j60$l0$h0; _ga=GA1.1.1998045292.1761834708; test=test\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Oct 2025 14:32:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 12350\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A33E945C6B11996F944097F0B\r\netag: \"37e3e456df677e380ab34f5e0043db7d\"\r\nlast-modified: Thu, 30 Oct 2025 06:57:56 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nvia: EA-IDN-kabbekasi-EDGE4-CACHE5[3],EA-IDN-kabbekasi-EDGE4-CACHE25[0,TCP_HIT,2],EA-SGP-GLOBAL1-CACHE3[2],EA-SGP-GLOBAL1-CACHE26[0,TCP_HIT,1]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 61479e4021752e2155bc342b7f58c447\r\nnginx-hit: 1\r\nage: 4603\r\nx-ccdn-expires: 2588174\r\naccept-ranges: bytes\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DrnGlLHjduO34VoLv0z9VDvT8TkjT9Eu77hfu3TgJHgtOdEk9daJWp4%2F71FvTMxhioAIjcP0r1vL5LiCmJAw2QTnhydDhfn%2FcmsUysrohQF6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 996b9eb11e1d56c9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12350,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGB, non-interlaced","md5":"37e3e456df677e380ab34f5e0043db7d","sha1":"64ad1b4cca68328e5d987582f76ae59ea79a2d63","sha256":"0d8d6d6357c54934d059569ec6bd54e03b1f0ebad04ace58f8af20a88c2ea8a1","sha512":"7850cd6a4b9fe0cf8b0f1c07851fa283d4929e8d03e2c860470d89b621fbc3147a83812facd7f6b51b2fcc1bafb3cafabae9694077b9497bf7570c83983a273e","ssdeep":"192:whxxxL8uzJHxhnGn6dm0rrkV5Hm1qjDbPU6tbNi/esZtkcJ7Pzx0Xqh8:whxxxlRxhI6Zy5G1uDA+bNetvhVc08","tlshash":"dc429df7d9287f5827e17b23bad19a22f0ed40ae92056004f5da45b757393c8c046e93","first_seen":"2025-06-18T09:39:56.944198Z","last_seen":"2026-02-27T13:27:16.34167Z","times_seen":398,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/asg_embed.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:54.808Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tapioni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 10:12:45 GMT","end":"Tue, 16 Dec 2025 11:12:39 GMT"},"fingerprint":{"sha1":"53:EE:30:9F:D0:82:6E:D3:05:D7:06:C0:89:A1:7F:95:D2:E2:01:7E","sha256":"21:58:AE:A3:46:B3:6B:EB:5F:82:88:D2:99:DE:87:F2:60:5D:36:27:10:AC:28:89:4F:06:F7:18:18:B4:95:23"}}},"request":{"raw":"GET /asg_embed.js HTTP/1.1\r\nHost: cdn.tapioni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:54 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 76815\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Oct 2025 09:38:19 GMT\r\nvary: Accept-Encoding\r\netag: \"68f20e8b-12c0f\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nage: 456339\r\ncf-cache-status: HIT\r\ncf-ray: 996b9e778d59b28a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":245260,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators","md5":"1093619d97a61fa7ce2f8d49c60cd231","sha1":"7f26ad5a0cbabdadea7a9d9b7b199f7bc713062d","sha256":"17b2b709ef9077f810aa9997fb69052f2d98de8ba6347bfcf9fbb8d6d1526c63","sha512":"0704683b95e6e4303c67e6f81d5d4a17e40a118fc026c1a0536100034c9c65dcdbad33cce607717df85625a6bb51911cf64926001701d26b0c7c7802b31a99e9","ssdeep":"6144:M11ClGoWve5tbyJ3xuG/KMInUsrIFRRrOJO7GG0iiGlNAkw5GJlY3mADPIahWkAx:1lGezm3xuGCQ77","tlshash":"1534a68db6c1b06107a36174062f646af3773a44b45ec480b72dd9d16ebaa0f6d27e3c","first_seen":"2025-10-22T11:29:03.885295Z","last_seen":"2025-11-01T07:48:06.406226Z","times_seen":79,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amt3.com/5/10111173/?oo=1\u0026js_build=iclick-v1.1605.0-rc2\u0026userId=08027257b15f4a26f5d5c764ab8838a8\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=0","fqdn":"amt3.com","domain":"amt3.com","tld":"com"},"ip":{"addr":"139.45.195.9","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:55.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"amt3.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Sep 2025 05:18:13 GMT","end":"Sun, 28 Dec 2025 05:18:12 GMT"},"fingerprint":{"sha1":"07:CE:BC:65:68:14:E9:3D:A9:36:B2:F9:9B:EA:24:70:92:ED:15:21","sha256":"7E:B5:03:72:AF:6E:A6:99:87:96:AD:4D:D5:AA:4C:88:B3:63:32:D8:27:9F:0C:82:05:6A:40:FC:4F:1F:87:51"}}},"request":{"raw":"POST /5/10111173/?oo=1\u0026js_build=iclick-v1.1605.0-rc2\u0026userId=08027257b15f4a26f5d5c764ab8838a8\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=0 HTTP/1.1\r\nHost: amt3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2649\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Thu, 30 Oct 2025 14:31:55 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://www.flowdoodxwn.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T17:08:26.179498Z","times_seen":14237337,"resource_available":true,"data":null}},"time_used":251,"timings":{"blocked":109,"dns":13,"connect":26,"send":0,"wait":33,"receive":0,"ssl":65},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"amt3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v2/s/home/resources/LwgHZXhx","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:51.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 09:33:43 GMT","end":"Wed, 21 Jan 2026 10:32:28 GMT"},"fingerprint":{"sha1":"4B:56:A4:B4:FD:CC:C3:10:87:7C:9D:AF:AA:DD:15:76:A6:A6:24:82","sha256":"47:9F:6B:6B:87:90:3E:BD:D7:80:43:FF:15:2C:13:C1:55:79:08:46:0A:9F:49:69:9F:4A:06:B8:50:C5:B3:3A"}}},"request":{"raw":"POST /v2/s/home/resources/LwgHZXhx HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flowdoodxwn.com/\r\nContent-Type: application/json\r\nX-Stream-L1: vidcloudmv.com\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:51 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.flowdoodxwn.com\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nx-xbox-platform: streaming\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9YU4HQXuLAKggaf5fnWV0qBNy8tavjXozdnCeazD12vLZrlQXHj5no8nAUK%2BZzY2Rp8EkKdkE9HTwcMtVDCW5hZgw%2FzwNQunLG0J8RL0uEwOmu0wkjImBA%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 996b9e60883776ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":550,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7b64a654b2a3a06863323c13047d2edd","sha1":"3c3e87eb0dec3b6d14630b340aa4ca9c466a63a2","sha256":"df44d45cc3d91c1307af131e6f7b26437ccf25cdda64729bb92bed8f43968dcc","sha512":"1874b9e82af8bea21019c6ab6ea10592b65093c102a5c5fd763aa764aaa91f6015adbcdba805951bf81c945a45cb7af8922f8b73a6370fd4bf55994534ada4a6","ssdeep":"","tlshash":"84f0c0ea8616d0906250274ea42e7e8a8031f10e88da34cec9639e08808c0c0652d3ac","first_seen":"2025-10-30T14:32:25.969955Z","last_seen":"2025-10-30T14:32:25.969955Z","times_seen":1,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v2/s/assets/f?id=cf17d11e-f421-4c26-bf43-021bca7b81a0\u0026uid=1923286547889786882","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:51.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 09:33:43 GMT","end":"Wed, 21 Jan 2026 10:32:28 GMT"},"fingerprint":{"sha1":"4B:56:A4:B4:FD:CC:C3:10:87:7C:9D:AF:AA:DD:15:76:A6:A6:24:82","sha256":"47:9F:6B:6B:87:90:3E:BD:D7:80:43:FF:15:2C:13:C1:55:79:08:46:0A:9F:49:69:9F:4A:06:B8:50:C5:B3:3A"}}},"request":{"raw":"GET /v2/s/assets/f?id=cf17d11e-f421-4c26-bf43-021bca7b81a0\u0026uid=1923286547889786882 HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flowdoodxwn.com/\r\nContent-Type: application/json\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Oct 2025 14:32:03 GMT\r\ncontent-type: application/json\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.flowdoodxwn.com\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nx-xbox-platform: streaming\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dGtox79dR4%2B6Mx0w4ZvlHsJ19t%2FdT9Pj1ismepznaiPNa9xHUviE%2FyfjuiMdEUSfujdowqHsSr6mezLIarxOFCeDes%2FPbT2MtmHxhc4ddRw%2BdB56KMo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 996b9e63e8a20b41-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":162,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"cefe707fe2479752edb8ed6c3c09a52c","sha1":"30787348118c7e5432dd10dd57e3b0b1f4c9059b","sha256":"8af7b05b8df740f816bdb55721bbaff238bf4ebfe49aefda90fd54b4253059ac","sha512":"3feb0a3970cef188fb08023b471acf5c31df9a7764ddf8d693c744f51776de3a88a4f70db7ebb9c3117fff7f7279270f22ca77bba310dc3b9838b86b11200cbb","ssdeep":"","tlshash":"a0c08c0c5717a527028385b20989462fd876bd78a395a060196aa858bb09a19f2e8760","first_seen":"2025-10-30T14:32:25.971884Z","last_seen":"2025-10-30T14:32:25.971884Z","times_seen":1,"resource_available":false,"data":null}},"time_used":12291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12290,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fp.metricswpsh.com/fp?tag_id=349919","fqdn":"fp.metricswpsh.com","domain":"metricswpsh.com","tld":"com"},"ip":{"addr":"157.90.84.242","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:55.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"notification.tubecup.net","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 Aug 2025 02:47:45 GMT","end":"Thu, 13 Nov 2025 02:47:44 GMT"},"fingerprint":{"sha1":"F4:AD:2A:0D:F1:0A:AB:04:F2:6F:6F:72:39:99:7F:4B:E4:5B:2E:4C","sha256":"12:8C:54:04:9B:26:0A:7E:35:D0:23:72:4F:A8:FC:52:77:D0:9D:FA:F5:AC:FE:2F:D2:49:97:F4:24:B6:72:0A"}}},"request":{"raw":"OPTIONS /fp?tag_id=349919 HTTP/1.1\r\nHost: fp.metricswpsh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.flowdoodxwn.com/\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx/1.20.1\r\nDate: Thu, 30 Oct 2025 14:31:55 GMT\r\nConnection: keep-alive\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Headers: content-type\r\nAccess-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\nAccess-Control-Allow-Origin: https://www.flowdoodxwn.com\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T17:08:26.179498Z","times_seen":14237337,"resource_available":true,"data":null}},"time_used":213,"timings":{"blocked":94,"dns":7,"connect":31,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"fp.metricswpsh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.flowdoodxwn.com/assets/vendor-chunks-yysNIwRY-1761807466787.js","fqdn":"www.flowdoodxwn.com","domain":"flowdoodxwn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:50.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flowdoodxwn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 26 Sep 2025 05:54:15 GMT","end":"Thu, 25 Dec 2025 06:52:42 GMT"},"fingerprint":{"sha1":"DA:FF:54:36:61:AE:68:21:E0:25:1B:19:C3:0E:A4:0A:E2:B0:A4:3B","sha256":"B5:3A:E4:11:C7:48:60:33:52:05:5C:23:C5:02:28:F2:E4:8A:EC:59:A2:EA:F5:A2:AD:F0:C3:3B:89:22:DE:37"}}},"request":{"raw":"GET /assets/vendor-chunks-yysNIwRY-1761807466787.js HTTP/1.1\r\nHost: www.flowdoodxwn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:50 GMT\r\ncontent-type: application/x-javascript\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019A33E96B59B118C05F9E14F2DA\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 30 Oct 2025 06:57:57 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2565223\r\nvia: EU-ESP-madrid-AREA1-CACHE3[5],EU-ESP-madrid-AREA1-CACHE5[0,TCP_HIT,4],EU-IRL-dublin-GLOBAL1-CACHE16[12],EU-IRL-dublin-GLOBAL1-CACHE8[0,TCP_HIT,5]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 253057df728f8980440b6ef0427c0679\r\nnginx-hit: 1\r\nage: 0\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3JzcN8qNlCdgoZb1hsVXzfcpqc%2FdkgWrsul4Slz9xlsjOhNl6kDrkFKZBZ5Tgnx9ls1jUohpPD4bvnoJ24NaTOOBVUP9JUFMRum5xeT7kA4V\"}]}\r\netag: W/\"8898d7931d9c840ef747b6707c8ba138\"\r\ncontent-encoding: br\r\ncf-ray: 996b9e59ccbf56c9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1269720,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (37925)","md5":"1f7f489abd21ebc22f4dfe364f33ceaa","sha1":"1ab7f4413e1f48775ea949987258fd45c8ab0c90","sha256":"94a78da6f81d7a55d6d78786f431c1bb6c929dee2b530a49edca4a8d301869ca","sha512":"fc7fc8a33e1b274e0ca43255a88b4abc0349ac63f47cf3d28e138f2c2c31d100901e0c55489751114acde08b7215b3f218912008e379955d0e138439ff17569c","ssdeep":"24576:TLgcTD3IaDerXpsBbIZ58O6gJ2dSG6MIIsPGiUcWFYMKduqCq:TscTD3IaDerXpsBbIZ58O6gq6MIIsPGa","tlshash":"28254bd932a6706287d361a4503f5207723a7d16248cc45cf63af9ea2eb8d09647bf7c","first_seen":"2025-10-22T18:26:11.322422Z","last_seen":"2025-11-03T03:56:15.081511Z","times_seen":30,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":63,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/spots/494334?s1=1923286547889786882\u0026fs1=1\u0026i=1\u0026url=https%3A%2F%2Fwww.flowdoodxwn.com%2Fe%2FLwgHZXhx%3Flv1%3Dvidcloudmv.com\u0026sid=cb70020d-0dbb-496e-8ccb-b4a6f7fb14a0","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:51.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 23:28:42 GMT","end":"Sun, 07 Dec 2025 23:28:41 GMT"},"fingerprint":{"sha1":"75:0C:2C:D1:88:D9:87:78:0A:96:30:7B:67:42:16:4C:38:3E:51:6C","sha256":"2D:C0:E0:B0:44:25:E2:6F:08:EA:D5:19:60:6E:39:05:4F:0A:AC:38:FA:D8:9F:D6:B8:A1:C4:6F:3B:67:51:37"}}},"request":{"raw":"GET /api/spots/494334?s1=1923286547889786882\u0026fs1=1\u0026i=1\u0026url=https%3A%2F%2Fwww.flowdoodxwn.com%2Fe%2FLwgHZXhx%3Flv1%3Dvidcloudmv.com\u0026sid=cb70020d-0dbb-496e-8ccb-b4a6f7fb14a0 HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 30 Oct 2025 14:31:51 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nset-cookie: nauid=3aG4ULB3YuxTYdFpv1YN; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None\r\nx-robots-tag: noindex, nofollow\r\ncache-control: private\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2573,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (2071)","md5":"f84e641c6d70dc87435ebef72d9adacc","sha1":"d7cc2fd7a1cb7294acc79efeede27c94f39e1994","sha256":"8ddb0ad30355ab8e5f1ef17b9f718677a5533b133bf6ebe0f90de1f25c96c4d4","sha512":"0d17fcd52c3ba64508628e7876284d6620781d10188e901ebe33d007fa6b265e2e70728e014575deb235dd754b9a6da272fea2494c633633092d6481eb01f975","ssdeep":"","tlshash":"2e518684d6f86216f62710b0dd7acb9f655ee24192198075eff726a9c3cc64c06712ce","first_seen":"2025-10-30T14:32:25.973728Z","last_seen":"2025-10-30T14:32:25.973728Z","times_seen":1,"resource_available":true,"data":null}},"time_used":234,"timings":{"blocked":103,"dns":44,"connect":26,"send":0,"wait":27,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e7d46466e8.f4f0e4093e.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTYwNTExMzc0OTUxNzMwODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIyLjM4LjciLCJ0YWdfaWQiOjM0OTkxOSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjYsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MH0=","fqdn":"e7d46466e8.f4f0e4093e.com","domain":"f4f0e4093e.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:55.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"e7d46466e8.f4f0e4093e.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 27 Oct 2025 02:47:54 GMT","end":"Sun, 25 Jan 2026 02:47:53 GMT"},"fingerprint":{"sha1":"B8:B0:3C:A4:5A:BE:2D:4B:8D:E4:B7:73:CB:D0:66:90:3C:AA:95:DB","sha256":"CB:74:1A:03:EF:A0:CD:05:B6:DD:DE:46:65:49:B5:7B:1E:CF:05:37:C9:8B:3C:9A:A9:9F:33:18:93:E5:B9:2B"}}},"request":{"raw":"GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTYwNTExMzc0OTUxNzMwODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIyLjM4LjciLCJ0YWdfaWQiOjM0OTkxOSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjYsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MH0= HTTP/1.1\r\nHost: e7d46466e8.f4f0e4093e.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:55 GMT\r\ncontent-length: 0\r\nserver: nginx/1.22.0\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nx-cdn-host-id: AH1747\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T17:08:26.179498Z","times_seen":14237337,"resource_available":true,"data":null}},"time_used":265,"timings":{"blocked":118,"dns":65,"connect":22,"send":0,"wait":31,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"e7d46466e8.f4f0e4093e.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nereserv.com/in/dip?event_id=a252041a-4cc8-4b15-9d5a-5a93b7f0f283\u0026subid=1450210302\u0026spot_id=1457063\u0026created_at=2025-10-30\u0026timezone=0\u0026ver=1.168.28","fqdn":"nereserv.com","domain":"nereserv.com","tld":"com"},"ip":{"addr":"116.202.204.105","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:56.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 02:00:40 GMT","end":"Sat, 24 Jan 2026 02:00:39 GMT"},"fingerprint":{"sha1":"2B:72:A9:3F:14:00:92:B9:05:AC:BC:3B:22:CB:D9:87:80:23:C8:3D","sha256":"60:5B:BA:7E:5F:7A:B1:E0:55:4D:4C:29:EA:C7:21:68:37:AF:03:5B:A7:3D:15:98:F1:65:96:AB:4A:3E:17:3B"}}},"request":{"raw":"GET /in/dip?event_id=a252041a-4cc8-4b15-9d5a-5a93b7f0f283\u0026subid=1450210302\u0026spot_id=1457063\u0026created_at=2025-10-30\u0026timezone=0\u0026ver=1.168.28 HTTP/1.1\r\nHost: nereserv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.24.0\r\ndate: Thu, 30 Oct 2025 14:31:56 GMT\r\ncontent-length: 0\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T17:08:26.179498Z","times_seen":14237337,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":8,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-30","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v2/s/assets/f?id=cf17d11e-f421-4c26-bf43-021bca7b81a0\u0026uid=1923286547889786882","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:51.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 09:33:43 GMT","end":"Wed, 21 Jan 2026 10:32:28 GMT"},"fingerprint":{"sha1":"4B:56:A4:B4:FD:CC:C3:10:87:7C:9D:AF:AA:DD:15:76:A6:A6:24:82","sha256":"47:9F:6B:6B:87:90:3E:BD:D7:80:43:FF:15:2C:13:C1:55:79:08:46:0A:9F:49:69:9F:4A:06:B8:50:C5:B3:3A"}}},"request":{"raw":"OPTIONS /v2/s/assets/f?id=cf17d11e-f421-4c26-bf43-021bca7b81a0\u0026uid=1923286547889786882 HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.flowdoodxwn.com/\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:51 GMT\r\ncontent-length: 0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.flowdoodxwn.com\r\naccess-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE\r\naccess-control-allow-headers: content-type\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rDfh%2FWEz75CG85hgaapYf%2BZFyppPTjES%2BMEIf2AECDFCR0BjhwRjab91W6Kc1fLTgWNO2F8jRcLD41r8a0BsSkkFYh%2FW2uz3ygN0DLO8AbR%2BRS0NXlc7Mg%3D%3D\"}]}\r\ncf-ray: 996b9e626d8676ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T17:08:26.179498Z","times_seen":14237337,"resource_available":true,"data":null}},"time_used":243,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:55.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 26 Oct 2025 15:37:01 GMT","end":"Sat, 24 Jan 2026 16:36:49 GMT"},"fingerprint":{"sha1":"84:49:FF:DC:BD:D8:BA:3D:2F:25:0B:EF:CA:E4:6D:73:79:8C:F9:7D","sha256":"AF:21:94:4D:14:07:CF:FC:E5:3C:3C:F4:AC:47:9E:83:98:6A:62:87:FB:8C:27:43:25:FB:97:CC:47:15:99:4A"}}},"request":{"raw":"GET /gid.js HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.flowdoodxwn.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:55 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://www.flowdoodxwn.com\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=08027257b15f4a26f5d5c764ab8838a8; expires=Fri, 30 Oct 2026 14:31:55 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 996b9e79b91e0b51-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"39ba8e8ad8c0a961cb90506d184eb896","sha1":"6c5ce7379208545be60eb5901250416c721e480e","sha256":"2bda01777d53fbba5057df771d7db0e8cbffc4ac31543b1e847f184982223453","sha512":"c88baa1317cfc8ec7b0b090ebf0ddf2d2e98753d0f4cf040215666e9669dec0ffd7b8982314d5fa825a80e3b55fe4f1900ea6b3fe2b2e9d2e39e87f44e5406a4","ssdeep":"","tlshash":"e2a002921e280786409415665946c643441458d3d54d97058dd594422e87aed958a241","first_seen":"2025-10-30T14:32:25.975165Z","last_seen":"2025-10-30T14:32:25.975165Z","times_seen":1,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":51,"dns":34,"connect":1,"send":0,"wait":39,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ads.google.com/","fqdn":"ads.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.38.110","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:55.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adwords.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 14:33:54 GMT","end":"Wed, 24 Dec 2025 14:33:53 GMT"},"fingerprint":{"sha1":"3A:31:12:89:B3:5B:A8:19:47:44:68:DE:72:EE:F7:C1:0C:7C:9C:6B","sha256":"4D:BA:CD:06:45:A2:B1:2F:B8:70:FC:8A:D0:3B:BB:10:22:84:B8:63:4C:60:E8:C7:A2:A4:E9:A2:AF:97:7B:E7"}}},"request":{"raw":"HEAD / HTTP/1.1\r\nHost: ads.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.flowdoodxwn.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"HEAD"},"response":{"raw":"HTTP/2 429 Too Many Requests\r\ncontent-length: 1103\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Thu, 30 Oct 2025 14:31:56 GMT\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"429","status_text":"Too Many Requests","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T17:08:26.179498Z","times_seen":14237337,"resource_available":true,"data":null}},"time_used":695,"timings":{"blocked":92,"dns":0,"connect":20,"send":0,"wait":508,"receive":4,"ssl":67},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"74.125.205.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:56.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:39:49 GMT","end":"Mon, 05 Jan 2026 08:39:48 GMT"},"fingerprint":{"sha1":"00:1E:AE:67:BB:25:41:AD:21:F2:16:82:FE:7C:79:27:80:DB:D9:9D","sha256":"69:46:2C:32:2B:8C:37:3A:EC:D5:1E:DF:4E:0A:3D:1A:AD:70:5B:07:77:3B:6B:59:E3:84:19:E2:3E:F1:42:0F"}}},"request":{"raw":"GET /ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: application/binary\r\nset-cookie: __Host-GAPS=1:FD2VrJo1VaU_TBFMl2V_8DAOaKEHFg:Vq4YPqdn1Z3UvdyG; Expires=Sat, 30-Oct-2027 14:31:56 GMT; Path=/; Secure; HttpOnly; Priority=HIGH\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Thu, 30 Oct 2025 14:31:56 GMT\r\nlocation: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026dsh=S1979735409:1761834716658481\u0026ifkv=ARESoU19Ts_IGcFQ2JAhf9QYh18Es2enM0KvPtNmU5vdBUhZuuu2Sm3lpqSQXpTUbTf63D9hw9Mvmw\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: script-src 'nonce-sBup7dKdSIXvVd-RfYaMmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport\r\ncross-origin-resource-policy: cross-origin\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncross-origin-opener-policy: unsafe-none\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T17:08:26.179498Z","times_seen":14237337,"resource_available":true,"data":null}},"time_used":256,"timings":{"blocked":106,"dns":0,"connect":29,"send":0,"wait":44,"receive":0,"ssl":74},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v2/s/home/resources/LwgHZXhx","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.flowdoodxwn.com/e/LwgHZXhx?lv1=vidcloudmv.com","date":"2025-10-30T14:31:50.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 09:33:43 GMT","end":"Wed, 21 Jan 2026 10:32:28 GMT"},"fingerprint":{"sha1":"4B:56:A4:B4:FD:CC:C3:10:87:7C:9D:AF:AA:DD:15:76:A6:A6:24:82","sha256":"47:9F:6B:6B:87:90:3E:BD:D7:80:43:FF:15:2C:13:C1:55:79:08:46:0A:9F:49:69:9F:4A:06:B8:50:C5:B3:3A"}}},"request":{"raw":"OPTIONS /v2/s/home/resources/LwgHZXhx HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,x-stream-l1\r\nReferer: https://www.flowdoodxwn.com/\r\nOrigin: https://www.flowdoodxwn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 30 Oct 2025 14:31:51 GMT\r\ncontent-length: 0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.flowdoodxwn.com\r\naccess-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE\r\naccess-control-allow-headers: content-type, x-stream-l1\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hHof%2BqBesiU85ZmsKX4yRLXmeQGpeRfw9nKCMdDSjXtKBJsxhMZnwJOGoiaMtCs6iNurixG0OQb63yfUJd9NEPBAbYADBAqgqr64%2FcJ7qbV2e0YKukTn4w%3D%3D\"}]}\r\ncf-ray: 996b9e5aadea76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T17:08:26.179498Z","times_seen":14237337,"resource_available":true,"data":null}},"time_used":1017,"timings":{"blocked":32,"dns":20,"connect":1,"send":0,"wait":943,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}