{"report_id":"c7852c38-78ae-4b2d-b733-a9174171478b","version":6,"status":"done","tags":[],"date":"2025-08-13T06:32:33Z","url":{"schema":"http","addr":"abcd-marly.com/","fqdn":"abcd-marly.com","domain":"abcd-marly.com","tld":"com"},"ip":{"addr":"172.67.140.226","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"abcd-marly.com/","fqdn":"abcd-marly.com","domain":"abcd-marly.com","tld":"com"},"title":"AiApp"},"submit":{"url":{"schema":"http","addr":"abcd-marly.com/","fqdn":"abcd-marly.com","domain":"abcd-marly.com","tld":"com"},"ip":{"addr":"172.67.140.226","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-09-17T06:32:33Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2025-08-13","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"abcd-marly.com/2.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2025-08-13","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"abcd-marly.com/1.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null},"summary":[{"fqdn":"code.jquery.com","ip":{"addr":"151.101.194.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2025-08-06T16:11:55.56616Z","alert_count":0,"request_count":1,"received_data":90388,"sent_data":451,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}]},{"fqdn":"cdn.plyr.io","ip":{"addr":"104.26.12.19","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-02-16","domain_rank":65563,"first_seen":"2015-03-05T06:48:14Z","last_seen":"2025-08-09T13:42:32.280326Z","alert_count":0,"request_count":4,"received_data":166901,"sent_data":1732,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"syimono1488.github.io","ip":{"addr":"185.199.108.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2013-03-08","domain_rank":0,"first_seen":"2023-10-12T12:05:44Z","last_seen":"2025-06-02T19:22:30.722825Z","alert_count":0,"request_count":5,"received_data":573881,"sent_data":2208,"comment":"","tags":null,"fingerprints":[{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"wtcprojects.com","ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-06-11","domain_rank":6371325,"first_seen":"2020-03-20T11:09:58Z","last_seen":"2023-12-08T14:26:27Z","alert_count":0,"request_count":6,"received_data":14115169,"sent_data":2780,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-08-06T15:20:03.099982Z","alert_count":0,"request_count":1,"received_data":103536,"sent_data":466,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"abcd-marly.com","ip":{"addr":"172.67.140.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":3,"request_count":7,"received_data":69833958,"sent_data":3117,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery:3.6.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Plyr:3.7.8","description":"Plyr is a simple, lightweight, accessible and customizable HTML5, YouTube and Vimeo media player that supports modern browsers.","website":"https://plyr.io","common_platform_enumeration":"","icon":"Plyr.png","categories":["Video players"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-08-06T15:14:12.503348Z","alert_count":0,"request_count":1,"received_data":6197,"sent_data":471,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-08-06T15:25:40.423241Z","alert_count":0,"request_count":2,"received_data":1069765,"sent_data":842,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"abcd-marly.com/","fqdn":"abcd-marly.com","domain":"abcd-marly.com","tld":"com"},"ip":{"addr":"172.67.140.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"01893c5d6d571016d2c1f6293073ecb4","sha1":"d641f28ac91fcb48a7fb7c0325211b8b91620fa2","sha256":"44a225f7ba93f74556aa168766d1fdb6ded03407fb4fbca4af09b20b86077c53","sha512":"2fb8bd295da523a361f15afbc8fa63ac72a7c13048a14f233607fdfb6859501a3d6253fb09278e22fd7f0a0b25336307666d58ecd11e79d0278ce5c12e2df4c9","ssdeep":"","tlshash":"a5d0c2abbbbb0a3003eff27e2c314b49343280080d0552093d7844b1642aec3707e6ae","size":290,"data":"","first_seen":"2025-08-13T06:32:39.877619Z","last_seen":"2026-04-04T23:42:55.567929Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abcd-marly.com/","fqdn":"abcd-marly.com","domain":"abcd-marly.com","tld":"com"},"ip":{"addr":"172.67.140.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5d592c20d62bf776a847b22979348822","sha1":"79676e12c7424da94044004d9765cbe0492795d2","sha256":"1533e417e174f58cbfc27c705dd238b922a566d330e0ff48b4e0872d2a59bd78","sha512":"405c97ab72d4888f2278668960717c184a5af5f0d092574bb75e452e340110839dab5973220d91cac1d50fabd0815bb7583a8555ab59f7b2b10608d60d9eebe7","ssdeep":"","tlshash":"cde07d2b75f960915f9760fa2f070598b22d510a30c9c3c3bd9502168d4543e4477bc9","size":327,"data":"","first_seen":"2025-08-13T06:32:39.878594Z","last_seen":"2025-08-13T06:32:39.878594Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abcd-marly.com/","fqdn":"abcd-marly.com","domain":"abcd-marly.com","tld":"com"},"ip":{"addr":"172.67.140.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"152f22b1aa32d57b89fc3fbc42bd6dc6","sha1":"75c682913fcd26d7ed264c56029ee94ddc9a9f32","sha256":"74ed946c5cdd6de01d7c0d647ec688a4c6c17caf9f8c1465893405e0623b21e1","sha512":"3611387a915e647d9d4e74ce216e5877f9b16501de242d9c49073ffd807cacd630d21702655b6b92e2e4cf5135ac91cf51562082f516011957b8a9a8d57fe379","ssdeep":"","tlshash":"64e0261a65b9a0554fa750f6790b889c7629302a74c1c7c769a601e28d4243b5877fc9","size":342,"data":"","first_seen":"2025-08-13T06:32:39.879549Z","last_seen":"2025-08-13T06:32:39.879549Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.4.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.194.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"12ca8400f87e54542829666a27f41a9d","sha1":"28acdde907461cd97754cd639539b539ecfed4e5","sha256":"41214c413a870103c09eb1efe9c1afe632da64de3e3cde0fd93500bdaa43f951","sha512":"b7fc37dcd3c6701d631ef34113d29a67eeeb82eb05bc2d6c4b3924d1a90f7f6abd93f1a7c9c8eb8090d0ca051ad9fca649e2b7e7050a899c7ed254b610959c22","ssdeep":"","tlshash":"631121ad3465b27e1ba311e4a137a74bf271117c605c04324b5dc8f5acb5caf8233a88","size":1000,"data":"","first_seen":"2023-05-10T01:05:51Z","last_seen":"2026-04-04T12:23:03.895234Z","times_seen":478,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abcd-marly.com/","fqdn":"abcd-marly.com","domain":"abcd-marly.com","tld":"com"},"ip":{"addr":"172.67.140.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"77a290a40006f45e39c1f97eef374b02","sha1":"00b769680a0748e40e971790fd568a6c5906fc5a","sha256":"07ff3b824fe3d091f31d6c71b088eb3c922af66375a59e5d3e4ecf4108d83d72","sha512":"654d8cbe736896348c6ad0e15bf66c7bfc997a03d7292a1e6c388b634d88f64927080ef410989063a9eaf991fc8ab83291b4790710f6ecf3463acd611031f362","ssdeep":"","tlshash":"da31dc4827b70cba15a7e4ef93ef6c0a382301ab3800cb29792c7b450fc19597aa53d0","size":1631,"data":"","first_seen":"2025-08-13T06:32:39.881208Z","last_seen":"2026-04-04T23:42:55.572809Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/hls.js@latest","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"142f125746bd328f84b0df007b766f61","sha1":"c32930ea0bf67aa670d413a910412247bc354323","sha256":"18e6dc38fbb0c71320d163ad97905a85283d03776cd487023fe0cf199f1cdbb2","sha512":"0966d803f01994e6fc765558f68e8ae7edce03cbf809d088a5f3cccd309c412e69cefb21893d213a35deea79f367346328ab7c6d6b6b016bb77e01171a6a9167","ssdeep":"6144:tx52dSp2y+rLpmFuMRzY6Gjwv59UUDl6VWSqKxgcL0TB6TOXmTQEGk26nUa0l/AC:tz23LY7RzVGjXoSqKx1nNGD9D","tlshash":"2eb42aed36a5a01683c2b169903f5517633a7d0a280cc12cfa2be9d72d7994db13bf74","size":533737,"data":"","first_seen":"2025-08-08T00:44:20.389624Z","last_seen":"2026-03-23T09:01:20.414374Z","times_seen":91,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abcd-marly.com/","fqdn":"abcd-marly.com","domain":"abcd-marly.com","tld":"com"},"ip":{"addr":"172.67.140.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1fd0072a3cb0f8c480826419cecf1f74","sha1":"b11c24639877857559d65e448c41c00a60fae29e","sha256":"3bcf558f963d3b5c1cc5b8cf065e4170ce5f856cc5b6ad9ffa6277ca0a06b903","sha512":"b0109cb511dde709383f444f5aa71c4ba4c4b1686de8e8defb7ed1de20e84d7b4ccd9b909d32e182621e842e5d50fe8408b3d8f9eae62b9832018029cf670b8b","ssdeep":"","tlshash":"c551ee6ba2bb04550e97e4f61bdb534c3131102b2506c7047a6c84d8bffedb19472f99","size":2830,"data":"","first_seen":"2025-08-13T06:32:39.882208Z","last_seen":"2026-04-04T23:42:55.574041Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abcd-marly.com/","fqdn":"abcd-marly.com","domain":"abcd-marly.com","tld":"com"},"ip":{"addr":"172.67.140.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b78bc920ceb4b808241a9ef48a0baffe","sha1":"377d0c156a4bf38e45922536682b77764fd3809f","sha256":"b14313b41bf8d9757690f012c62290cd93222b47e7eeb9d6f0b31fde4bb71a6e","sha512":"8f37103c6dff30b65e58e42d103946e13c5413b756e52473eaac127a998e4e8ef675ceac00132da6ec7814315aa27f93d99e5831ecbd92fd264e9cd068fc9f2e","ssdeep":"","tlshash":"db11ad7b37d604b15987a7ab67aef744b41090513d06ce4a528c0e21dfe5f2c50b76d8","size":1087,"data":"","first_seen":"2025-08-13T06:32:39.883127Z","last_seen":"2026-04-04T23:42:55.575534Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abcd-marly.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"abcd-marly.com","domain":"abcd-marly.com","tld":"com"},"ip":{"addr":"172.67.140.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-05T15:43:18.503379Z","times_seen":293093,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abcd-marly.com/","fqdn":"abcd-marly.com","domain":"abcd-marly.com","tld":"com"},"ip":{"addr":"172.67.140.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7dfae9aa3e85909c1c15ca96f263cfdf","sha1":"4572317cc88ed9146ae8e4f54bcd41cf03032da9","sha256":"68ec4669bb17a508577fd7455e010f3c026b5b779e30a3043c6d319fd72da299","sha512":"79094cb32bd73d48f8650261ecc180fdbc7d7d7ec80382fee10f76ffd299a5ae75a52845f01d6962df82ebe9f4a3c2970118550618263e42385582998ccf8804","ssdeep":"","tlshash":"2bf0ac14148a08e8108aa10d856ce3883cfc00ff31034092706e2f2d3fb55ba06797ba","size":646,"data":"","first_seen":"2025-08-13T06:32:39.884065Z","last_seen":"2026-02-13T19:42:52.607857Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abcd-marly.com/","fqdn":"abcd-marly.com","domain":"abcd-marly.com","tld":"com"},"ip":{"addr":"172.67.140.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e7cf3f085039f24d98b7129755d7d350","sha1":"47b8345fad2ec65afd0b8ef17df9f8c2526b33c5","sha256":"adb35dec6ccc8bc7c32e59d0193bb48d690645c8947940f477dc05d75b68f992","sha512":"4ac8fee04388de0edf289bd97c09a8a9100a34a8b2040dd22c83a57de4abc4c6dbd9bbc9f1e19f519b13208514629becd93ffb4a75106af4142ae62e8f791e3c","ssdeep":"","tlshash":"a7e0c6d304b00ae52283a29b8c4f53283d3340382e0be3816824c4ba309fca4e02b6cb","size":357,"data":"","first_seen":"2025-08-13T06:32:39.884965Z","last_seen":"2026-04-04T23:42:55.576962Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abcd-marly.com/","fqdn":"abcd-marly.com","domain":"abcd-marly.com","tld":"com"},"ip":{"addr":"172.67.140.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c5f76924edcdbd77b45374858fe6afb0","sha1":"3e004e4288540cfccf3725369cc14b12aa80d972","sha256":"e74bb5641c57b2e1f905c240aa2ea1c5671b7559c6c3af5ea0dbe00a994bc1c2","sha512":"b1c83e0cb5e79ace3a8298125000bf647fa867fa432a1b4fd76acfbdce6e2844158f8b7b294acb3548d822becebf0bb721af4351ca11de63997f8c95e03f10d8","ssdeep":"","tlshash":"6c31136781fa45640767b0561b8b5b15313010ab3606c7047eaddb682fd6d62c8226ed","size":1580,"data":"","first_seen":"2025-08-13T06:32:39.885985Z","last_seen":"2026-04-04T23:42:55.577826Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abcd-marly.com/","fqdn":"abcd-marly.com","domain":"abcd-marly.com","tld":"com"},"ip":{"addr":"172.67.140.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"283e9de4667805137217797a41b20f52","sha1":"b58c739910eb883619a3d88f0a3092eaf4348379","sha256":"202bae7179709e912826e9b9777f6dcd33b479689fb1b33ad196d155bb9c0a0f","sha512":"e9ab0d3b82f515f6ba76ba47326eadecda8d191dfea0609c155a31a1d3b486ca3342ce83d6e571033bdf649ebb0a69a629c3728d802c47587ed608fec868af29","ssdeep":"","tlshash":"71d0a7dff6fda63445ab66522e05937a2a2621600849c3008ea9c4e1b0a5db1ac6ebc5","size":233,"data":"","first_seen":"2025-08-13T06:32:39.886955Z","last_seen":"2026-04-04T23:42:55.578697Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cdn.plyr.io/3.7.8/plyr.css","fqdn":"cdn.plyr.io","domain":"plyr.io","tld":"io"},"ip":{"addr":"104.26.12.19","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:10.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.plyr.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 15 Jul 2025 18:22:10 GMT","end":"Mon, 13 Oct 2025 19:22:02 GMT"},"fingerprint":{"sha1":"B5:C4:09:A9:74:92:E3:88:D3:EC:E0:BA:08:CC:B2:EB:72:4B:A1:E2","sha256":"6D:3B:10:C6:E5:52:3F:8B:1E:5D:12:A0:50:0D:FE:A7:46:C2:D2:DA:42:B1:6D:C7:52:1E:C5:F7:92:C5:17:03"}}},"request":{"raw":"GET /3.7.8/plyr.css HTTP/1.1\r\nHost: cdn.plyr.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 Aug 2025 06:32:10 GMT\r\ncontent-type: text/css; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m%2FE5oaV9WUIKsd6eNXwGQpe2mLHeM5gPPPuEzvXgnnu8o9fLPcVqNdf4e1pbKMRmSpyl1W3r2yv7Z53HgkWabHTO9hs9Qc99\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\nage: 1616852\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 20 Apr 2023 10:33:44 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"411acf0fd5fe4d42c580db72f82077fd\"\r\ncontent-encoding: br\r\ncf-ray: 96e62c773bf10b61-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32564,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (32562), with no line terminators","md5":"411acf0fd5fe4d42c580db72f82077fd","sha1":"3e9561fb7a2a70b93bb1014f5d958b123fe61764","sha256":"2ee720801746a99015c74144707638048778223b2520c8228b627f7262fb122b","sha512":"c9ec54f61c277b731a2cbd8f1be6090e16b2492f4d59c8facfb32f5034a8321c0d8213e05e072f6205617e3e05318a4f87539fedbb7cfd12b9034ad0f5f3cc3b","ssdeep":"384:fj8gN8LOim80ytg9agvgIgVg0qGAB21RgQ/rp6bVDjg/zy:fnN8LOiyygNbVZ","tlshash":"cde2726179692138f83bd16d37b4c5cd333ca102fdd69aa9f194b76089caaf306b3641","first_seen":"2023-05-28T19:49:37Z","last_seen":"2026-04-05T15:03:08.77424Z","times_seen":1611,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":239,"receive":0,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syimono1488.github.io/scripts/utils.js","fqdn":"syimono1488.github.io","domain":"syimono1488.github.io","tld":"github.io"},"ip":{"addr":"185.199.108.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:10.068Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /scripts/utils.js HTTP/1.1\r\nHost: syimono1488.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: application/javascript; charset=utf-8\r\nx-origin-cache: HIT\r\nlast-modified: Wed, 18 Jun 2025 20:08:18 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: W/\"68531cb2-59dc1\"\r\nexpires: Wed, 13 Aug 2025 05:54:37 GMT\r\ncache-control: max-age=600\r\ncontent-encoding: gzip\r\nx-proxy-cache: HIT\r\nx-github-request-id: 68F2:2B8EDB:1A7FE56:1AAFC57:689C265A\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Wed, 13 Aug 2025 06:32:10 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410030-HEL\r\nx-cache: HIT\r\nx-cache-hits: 0\r\nx-timer: S1755066730.425023,VS0,VE118\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 1169890796bb0d30aef9bea9796fb11abfbb995b\r\ncontent-length: 62742\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":368065,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1408)","md5":"768bc05b8ee5cc6763a004322707fadd","sha1":"c295ac713c68131cdb9cce9e323eb7bc57d08834","sha256":"ea8c4d81cc1d43fc6b2971dbc866976a61e60322542ccda3417d73fc74c0ff63","sha512":"6ecc4dd8189a23cb73463e226ed32f57ea7105f741effd8871bf0bf2bd5e51383952e4543478240c72d804045f99b4221085377049cc39edd6c41b0dd75d4225","ssdeep":"3072:s5LW+aIjva+WOqLa+YOqvu734cBcbDu6ALOZOnZzhQ3I6L93eCk:iFa4FuBMy6gOZOjM3k","tlshash":"6d7443aa96128b1af251f66c51c4bc8d198c8993ccad7d8836ef878d4f2d4bd177c21c","first_seen":"2025-08-13T06:32:39.858704Z","last_seen":"2025-08-13T06:32:39.858704Z","times_seen":1,"resource_available":false,"data":null}},"time_used":863,"timings":{"blocked":349,"dns":4,"connect":28,"send":0,"wait":136,"receive":13,"ssl":306},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wtcprojects.com/denivideo/CAabcd-marly.com/20.ts","fqdn":"wtcprojects.com","domain":"wtcprojects.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:12.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wtcprojects.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 Aug 2025 07:59:40 GMT","end":"Fri, 31 Oct 2025 08:57:02 GMT"},"fingerprint":{"sha1":"C3:29:93:D6:91:BC:46:26:27:B8:15:7F:BD:47:B5:05:E0:AF:92:4C","sha256":"83:4A:C7:12:5F:A6:C0:6B:36:12:B4:65:6E:A1:CB:19:4D:F6:48:4E:CA:CE:04:F5:E1:16:DA:82:F9:B8:36:2E"}}},"request":{"raw":"GET /denivideo/CAabcd-marly.com/20.ts HTTP/1.1\r\nHost: wtcprojects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://abcd-marly.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 Aug 2025 06:32:13 GMT\r\ncontent-type: video/mp2t\r\ncontent-length: 3507892\r\nlast-modified: Fri, 08 Aug 2025 12:43:28 GMT\r\netag: \"3586b4-63bd9ebb18548\"\r\naccept-ranges: bytes\r\nx-powered-by: TinyCP\r\nstrict-transport-security: max-age=600; preload\r\naccess-control-allow-origin: https://abcd-marly.com\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-headers: Range\r\naccess-control-expose-headers: Content-Length, Content-Range\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Kk7nrstjnrUPontzNq8D6%2FdyL19Q2ttGay%2FhQ1az5fiIq6ipMh1COvO13R9VPMqDzLfow73XoITytjHEHiNqLHnMK7JJMF8cAzzDjNE%3D\"}]}\r\ncf-ray: 96e62c891a8b5691-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3507892,"size_decoded":0,"mime_type":"video/mp2t","magic":"data","md5":"fab9c126c3588af6de479274262dce14","sha1":"98ad9b70aad5eb7869b0811350a427b3a6c64f64","sha256":"f385d2db425148fa9fd311b75985df9d6bbf202698d2c7fed3f75fdb465c790c","sha512":"ab1a214a8df2099e50fba7cac164ee2f13548ca2da3df311565b431ed0d2e7daa0322be2a48c87be31303da1e098344f0bd9d60c0f7c781c4385841bdb0ea9a2","ssdeep":"24576:/GkBgsGWtjhNWq5IoJgN4R8O0SQm3vTeCSSoMYOsWWN:lBgyhNx5I+oGQm3xSSoMDzWN","tlshash":"46252368b2d68d23ee026a824181d56f5774fd044b60a76ac86dff8ef5fd3a4c036478","first_seen":"2025-08-13T06:32:39.860143Z","last_seen":"2025-08-13T06:32:39.860143Z","times_seen":1,"resource_available":false,"data":null}},"time_used":492,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":317,"receive":175,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syimono1488.github.io/scripts/intlTelInput.js","fqdn":"syimono1488.github.io","domain":"syimono1488.github.io","tld":"github.io"},"ip":{"addr":"185.199.108.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:10.064Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /scripts/intlTelInput.js HTTP/1.1\r\nHost: syimono1488.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Wed, 18 Jun 2025 20:08:18 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: W/\"68531cb2-f31e\"\r\nexpires: Wed, 13 Aug 2025 05:54:58 GMT\r\ncache-control: max-age=600\r\ncontent-encoding: gzip\r\nx-proxy-cache: MISS\r\nx-github-request-id: 6735:ABBE7:1AD11FB:1B010DF:689C265A\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Wed, 13 Aug 2025 06:32:10 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410030-HEL\r\nx-cache: HIT\r\nx-cache-hits: 0\r\nx-timer: S1755066730.429895,VS0,VE123\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 16cdefce6424a67b3987a625d417de0fc265f65c\r\ncontent-length: 14407\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}],"data":{"size":62238,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"9799de3a8641a998621cf26cc96d8c8b","sha1":"c9a0419d04065a3dba7298dcaf9fffa930d32aa1","sha256":"cfc99ac1ede29eca65d434ad4c1d1b3ef419e920e870c4884f44b529f0b3c162","sha512":"978c8e10b63aecba4c42e83a327debb65f93bd5deee62d855010f278adfa766dff970c72e40fc90e8160d70422c9acdffe97f8451bc9edc68029939b9758befe","ssdeep":"768:I1RlPSdDTYuUN9wWXsvOjFgtPq+sTy4VMyaWgTszm9WzGOUWqfZBN7myQdeoEY:IlwvOhw4VRzG0","tlshash":"c953601ddae64613a873b27a6faf4006756441075c49ec043eac8bc81f8d86e57f6bbc","first_seen":"2025-08-13T06:32:39.862067Z","last_seen":"2026-02-13T19:42:52.584611Z","times_seen":5,"resource_available":true,"data":null}},"time_used":870,"timings":{"blocked":358,"dns":1,"connect":28,"send":0,"wait":145,"receive":1,"ssl":310},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.0/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:10.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 20 Jul 2025 17:08:10 GMT","end":"Sat, 18 Oct 2025 18:08:03 GMT"},"fingerprint":{"sha1":"66:D5:51:E0:8E:D7:2C:D1:E3:98:58:99:22:9B:73:C4:6F:32:FD:EC","sha256":"52:CD:3D:83:E5:5A:57:37:9F:D9:0B:EB:C3:EA:67:B7:4C:F1:74:93:B7:C9:E8:0B:E3:E8:CB:2E:7A:94:A2:78"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.5.0/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 Aug 2025 06:32:10 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 18859\r\ncf-ray: 96e62c77385db4f3-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"656632a7-49ab\"\r\nlast-modified: Tue, 28 Nov 2023 18:34:15 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1131288\r\nexpires: Mon, 03 Aug 2026 06:32:10 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=rpJxtd2FO%2B%2FBR0AqN1vBXCbFX%2Fb3qoVO62puuJ41PIm3hs8zkiS6fWbtJMK0NqZIJ4bVuFdOoe5Uk4KCWwQW74W0f4AAhccS2COd1ne9q7%2FPK2%2Fn7ckwtj3PhHx7Cr%2B7mr2NJbot\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102526,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (52276)","md5":"c43cd173eeeba2f72aa6b431d06b8c07","sha1":"427a692f7f39eabb3d5b8510aee2743025daf813","sha256":"c880eb3d25c765d399840aa204fec22b3230310991089f14781f09a35ed80b8a","sha512":"02f6f6422b83104bc1e1b64961d7edda63635528417ed2dd3c6f0527457b8ab4cb43c528d2a70fc61e0f96aec6e6d1a6d2b53ed523e1568b6d78ba41111c1393","ssdeep":"1536:vwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPG9ZpgmLCq:P709gMGFiyPG9ZimLCq","tlshash":"4fa3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2024-01-04T18:36:36Z","last_seen":"2026-04-05T15:02:15.769667Z","times_seen":7198,"resource_available":false,"data":null}},"time_used":297,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":243,"receive":1,"ssl":51},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abcd-marly.com/index_files/secure2.png","fqdn":"abcd-marly.com","domain":"abcd-marly.com","tld":"com"},"ip":{"addr":"172.67.140.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:10.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"abcd-marly.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 06 Aug 2025 11:19:00 GMT","end":"Tue, 04 Nov 2025 12:17:45 GMT"},"fingerprint":{"sha1":"F6:91:CE:95:80:0A:FB:D7:C0:EC:37:57:84:85:1D:C6:37:C7:01:7C","sha256":"7D:36:0C:D4:38:94:BE:1D:8F:EB:80:E8:1F:7C:4E:84:B6:D8:D4:D5:93:45:86:C1:C0:81:FB:13:71:71:9A:F3"}}},"request":{"raw":"GET /index_files/secure2.png HTTP/1.1\r\nHost: abcd-marly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 Aug 2025 06:32:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 34987\r\nserver: cloudflare\r\nlast-modified: Fri, 08 Aug 2025 13:01:15 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"6895f51b-88ab\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZE27Ucpdq16mNIjrYzOSpJHGVTko%2FCazNDCnMUz4z9TNfsLK8NIVjiwvA2uYKlI%2BjAPY2SJrtjsTMR0pERy%2BaUXzvIJ1DA5IiA1ikw%3D%3D\"}]}\r\ncf-ray: 96e62c76ea775687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":34987,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 645 x 45, 8-bit/color RGBA, non-interlaced","md5":"dacc7036e7cd734d5aaa92bb91e30426","sha1":"85e4dc6650ab21411db431bf4636fe9d512522bd","sha256":"c94427138e28d76b8f88d2292c73a99aedd079ede65f3836936474a80ad09826","sha512":"cf1f7256dc1bdf45bdbd76f0c18f8307cbbfe312a2f5af93181e14f8727ad85f8ee334cfdc8e51d99f872a8b19eb085d115e8c6d804d171a618c21a31b344aa6","ssdeep":"768:3xRoSRS178NI1E5SM1C9pabXEG1O5DVOK4:BpRm78NI1ySY0Q0GqDe","tlshash":"21f2f1aff35a982e90040d6e6e35c680e70f9a5b1589978a4f4dd0ce1b121f482bdfc8","first_seen":"2025-06-16T13:06:07.803349Z","last_seen":"2026-04-04T23:42:55.560289Z","times_seen":22,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wtcprojects.com/denivideo/CAabcd-marly.com/11.ts","fqdn":"wtcprojects.com","domain":"wtcprojects.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:13.575Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wtcprojects.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 Aug 2025 07:59:40 GMT","end":"Fri, 31 Oct 2025 08:57:02 GMT"},"fingerprint":{"sha1":"C3:29:93:D6:91:BC:46:26:27:B8:15:7F:BD:47:B5:05:E0:AF:92:4C","sha256":"83:4A:C7:12:5F:A6:C0:6B:36:12:B4:65:6E:A1:CB:19:4D:F6:48:4E:CA:CE:04:F5:E1:16:DA:82:F9:B8:36:2E"}}},"request":{"raw":"GET /denivideo/CAabcd-marly.com/11.ts HTTP/1.1\r\nHost: wtcprojects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://abcd-marly.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 Aug 2025 06:32:13 GMT\r\ncontent-type: video/mp2t\r\ncontent-length: 3391144\r\nlast-modified: Fri, 08 Aug 2025 12:43:26 GMT\r\netag: \"33bea8-63bd9eb98cd17\"\r\naccept-ranges: bytes\r\nx-powered-by: TinyCP\r\nstrict-transport-security: max-age=600; preload\r\naccess-control-allow-origin: https://abcd-marly.com\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-headers: Range\r\naccess-control-expose-headers: Content-Length, Content-Range\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rDTG6J0%2BPwrRQ4XLsrJPJFZeVyJSNWg1TK7LdZgYME1%2FBIVcux%2FH8zFmTA0AQhzbf1Y9BxOOpuaiwUHNevVdwDymJvPYwgBo89h1GJk%3D\"}]}\r\ncf-ray: 96e62c8cd8025691-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3391144,"size_decoded":0,"mime_type":"video/mp2t","magic":"data","md5":"d498919b515939fdad9a6aa8e2f56412","sha1":"211b8d70bedb944756964afd16fb4232e61806ee","sha256":"9c64c01c81565b49041e305d908c8f75af8bfee4fdb5d5221e3af9213aef1a71","sha512":"94d508cff9fdd74ec7274d1b3e63faf27edd6f3c189c5fd4cf5522f0f5af1233e664ff87b886284bf2ade0f5bc1d0ec95e6b892abbdab280f75923f032801aa9","ssdeep":"24576:5bsyRTZ12VvjO6mWJNehT3Q5+RHdbFz5smGk8V2WXPMWG9YCli:9ZMVg22TyKRTrA24FCU","tlshash":"e525235cb7c05c8b8e84a89322d3d640eab6cda30b458bac4d15f76dd6fd376c1261b2","first_seen":"2025-08-13T06:32:39.864105Z","last_seen":"2025-08-13T06:32:39.864105Z","times_seen":1,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":46,"receive":159,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abcd-marly.com/","fqdn":"abcd-marly.com","domain":"abcd-marly.com","tld":"com"},"ip":{"addr":"172.67.140.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-13T06:32:09.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"abcd-marly.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 06 Aug 2025 11:19:00 GMT","end":"Tue, 04 Nov 2025 12:17:45 GMT"},"fingerprint":{"sha1":"F6:91:CE:95:80:0A:FB:D7:C0:EC:37:57:84:85:1D:C6:37:C7:01:7C","sha256":"7D:36:0C:D4:38:94:BE:1D:8F:EB:80:E8:1F:7C:4E:84:B6:D8:D4:D5:93:45:86:C1:C0:81:FB:13:71:71:9A:F3"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: abcd-marly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 Aug 2025 06:32:09 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DG%2FdlYBJjTae3%2BXOSb82VLlK2S7Rvparf2P06YPiHiqBx3Zmq4UiILOZw08izJ62z5gHFcq%2BYsFa1WxYhskERk%2FW0HAZK9oYZLl%2FWA%3D%3D\"}]}\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 96e62c749ff85687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery:3.6.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Plyr:3.7.8","description":"Plyr is a simple, lightweight, accessible and customizable HTML5, YouTube and Vimeo media player that supports modern browsers.","website":"https://plyr.io","common_platform_enumeration":"","icon":"Plyr.png","categories":["Video players"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}],"data":{"size":34542,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (468)","md5":"5681f9cde4fefa064f0d7189ecdd873c","sha1":"9727e39c4fb780d0e9e56bddd2e6db6816740637","sha256":"7606d81de80790fdc3f90aa7db0f914697688584f29e88769b2d8af229b1b892","sha512":"84c82e4c0721e6c874509e4e4cc9092c4aff768c8af91b6140677844bce8a734257ae70a34860efc73f3398840ef040ece9a8d50fceafc12d1bfe13672ca0c49","ssdeep":"384:GX8mUsrRX6i7iuiQi3hvFSkOe36CIIIIIIIIP2+uv2FSHOPpu9pQapu+VCF0Ma1L:GX8FcXje/txvFJOaGv6kO2TjEWwHs","tlshash":"92f2fc66e2b50537018362f27b67a71f3621805bb706cb017abc96e82fc3d25dc37699","first_seen":"2025-08-13T06:32:39.865218Z","last_seen":"2025-08-13T06:32:39.865218Z","times_seen":1,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":23,"dns":1,"connect":1,"send":0,"wait":184,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Raleway:wght@400;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:10.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"DF:A1:DB:1F:BC:5E:31:D7:F8:FE:26:E3:B9:B3:02:98:B1:C8:50:EC","sha256":"A2:57:20:B6:AE:46:89:B9:39:C7:57:9B:1E:43:96:E3:5A:BC:7E:3F:1D:18:10:34:CC:53:3D:DB:78:4E:5C:21"}}},"request":{"raw":"GET /css2?family=Raleway:wght@400;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 13 Aug 2025 06:32:10 GMT\r\ndate: Wed, 13 Aug 2025 06:32:10 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5511,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"fd4d45c11885aa533572dc2abf53644e","sha1":"3f2d90d152848c98caf27ed713039ab7c2709af7","sha256":"f36de96a3f890acf96fb330bceb6d195f88da21fe259f19f0b4aa99a87e206ef","sha512":"647169cc69c8eafb832adfc93ffce3610e61f783173e5c12a6fe8037004c5eed6354844ca3f7bc95c172fbd99c881bfd52f32efc25a5196d7865dfcaf7bf9a00","ssdeep":"96:vOEa1fOEa7FZOGOEa2xOEaMJc+uKOEafNaOxMa1fOxMa7FZOGOxMa2xOxMaMJc+G:41oyR2+4Ol1Sy/204EG1By42b4rW","tlshash":"b7b17ba009179400db4badc563cf7f32ee5e62153046957e9bfd58e8acaad321394b0d","first_seen":"2025-06-19T01:39:45.804074Z","last_seen":"2025-09-10T08:21:29.214587Z","times_seen":29,"resource_available":false,"data":null}},"time_used":748,"timings":{"blocked":-1,"dns":0,"connect":27,"send":0,"wait":46,"receive":0,"ssl":658},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wtcprojects.com/denivideo/CAabcd-marly.com/1.m3u8","fqdn":"wtcprojects.com","domain":"wtcprojects.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:10.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wtcprojects.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 Aug 2025 07:59:40 GMT","end":"Fri, 31 Oct 2025 08:57:02 GMT"},"fingerprint":{"sha1":"C3:29:93:D6:91:BC:46:26:27:B8:15:7F:BD:47:B5:05:E0:AF:92:4C","sha256":"83:4A:C7:12:5F:A6:C0:6B:36:12:B4:65:6E:A1:CB:19:4D:F6:48:4E:CA:CE:04:F5:E1:16:DA:82:F9:B8:36:2E"}}},"request":{"raw":"GET /denivideo/CAabcd-marly.com/1.m3u8 HTTP/1.1\r\nHost: wtcprojects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://abcd-marly.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 Aug 2025 06:32:12 GMT\r\ncontent-type: application/vnd.apple.mpegurl\r\ncontent-length: 3812\r\nlast-modified: Fri, 08 Aug 2025 12:43:28 GMT\r\netag: \"ee4-63bd9ebaf9146\"\r\naccept-ranges: bytes\r\nx-powered-by: TinyCP\r\nstrict-transport-security: max-age=600; preload\r\naccess-control-allow-origin: https://abcd-marly.com\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-headers: Range\r\naccess-control-expose-headers: Content-Length, Content-Range\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F2o8z4GCb1oDxHdJZccHsCjLZfMIlDEUwZwcgBe6eO4q6ZSQMA6Ob%2FoTX4ewzEOOZMIp1rG7rwHBG02Ewmv7lawfvKc9V3ghPJ6lZFI%3D\"}]}\r\ncf-ray: 96e62c87c8d25691-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3812,"size_decoded":0,"mime_type":"application/vnd.apple.mpegurl","magic":"M3U playlist, ASCII text","md5":"8091c87f49ae56ee92ac3b0c40bf75a4","sha1":"a2f3cb9a0d4ed8cd854f2cfeb2a50c3a9f5010d3","sha256":"a0db8da33d4c01537cc187983e8160136c599cefc12ba60c0de0d8b425808675","sha512":"d6e23b9213db8fb8f6303ad5e9a8f2133987355ed18bb6fc2181f8af8dd3c72856eb274e699b8969e4473f3224c3f7e9ff7deb3436d9d2f328fbafe42c6d7123","ssdeep":"","tlshash":"8e7191ccf498f614cc189eaac783f0e2902a7d2f6dc2bd9283a037811d3478675c47a5","first_seen":"2025-08-13T06:32:39.866965Z","last_seen":"2025-08-13T06:32:39.866965Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2855,"timings":{"blocked":1780,"dns":12,"connect":1,"send":0,"wait":126,"receive":1,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wtcprojects.com/denivideo/CAabcd-marly.com/2.m3u8","fqdn":"wtcprojects.com","domain":"wtcprojects.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:12.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wtcprojects.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 Aug 2025 07:59:40 GMT","end":"Fri, 31 Oct 2025 08:57:02 GMT"},"fingerprint":{"sha1":"C3:29:93:D6:91:BC:46:26:27:B8:15:7F:BD:47:B5:05:E0:AF:92:4C","sha256":"83:4A:C7:12:5F:A6:C0:6B:36:12:B4:65:6E:A1:CB:19:4D:F6:48:4E:CA:CE:04:F5:E1:16:DA:82:F9:B8:36:2E"}}},"request":{"raw":"GET /denivideo/CAabcd-marly.com/2.m3u8 HTTP/1.1\r\nHost: wtcprojects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://abcd-marly.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 Aug 2025 06:32:12 GMT\r\ncontent-type: application/vnd.apple.mpegurl\r\ncontent-length: 560\r\nlast-modified: Fri, 08 Aug 2025 12:43:28 GMT\r\netag: \"230-63bd9ebb4a22a\"\r\naccept-ranges: bytes\r\nx-powered-by: TinyCP\r\nstrict-transport-security: max-age=600; preload\r\naccess-control-allow-origin: https://abcd-marly.com\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-headers: Range\r\naccess-control-expose-headers: Content-Length, Content-Range\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TlNej8uhB6ESAN9Ys79KZYU24FX8pMoOIXJffKD6gSA%2FGTKXCzY%2Bfi3cdAykHjgk1IV0paPWMtgtrbQSlXCxghGalSoX7gsS1R8RTvs%3D\"}]}\r\ncf-ray: 96e62c88ba0e5691-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":560,"size_decoded":0,"mime_type":"application/vnd.apple.mpegurl","magic":"M3U playlist, ASCII text","md5":"87f397856301a807ba6fcf882cafc188","sha1":"f3f2b19c4ad0ca7f93a3cef00d1e2ae31b10103e","sha256":"2c28b9945e233375c7bde9974c38e0397c63fe8dbcdf6b98a86a28a8f1784f73","sha512":"624b9385e9188953fae4fc25f3710fc75008b8eaa471c502f90a518cac344db6142fb7a0a3ecafb2ec77f7d068e07e0c810863175015761062d651a38dd3f36b","ssdeep":"","tlshash":"e7f0eaf9a6c67280c4ac4eb6c24371e1b065bcba5cc26cc2e24237c14db27c6a5c4720","first_seen":"2025-08-13T06:32:39.867888Z","last_seen":"2025-08-13T06:32:39.867888Z","times_seen":1,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abcd-marly.com/favicon.ico","fqdn":"abcd-marly.com","domain":"abcd-marly.com","tld":"com"},"ip":{"addr":"172.67.140.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:13.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"abcd-marly.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 06 Aug 2025 11:19:00 GMT","end":"Tue, 04 Nov 2025 12:17:45 GMT"},"fingerprint":{"sha1":"F6:91:CE:95:80:0A:FB:D7:C0:EC:37:57:84:85:1D:C6:37:C7:01:7C","sha256":"7D:36:0C:D4:38:94:BE:1D:8F:EB:80:E8:1F:7C:4E:84:B6:D8:D4:D5:93:45:86:C1:C0:81:FB:13:71:71:9A:F3"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: abcd-marly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Wed, 13 Aug 2025 06:32:13 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zPE6SpjOcvZ8KkrxEbgfoPc9vfLxiM2iM4myexq3vInPlDfBfk4uqkUmPplMC79PGO6AJ7t7EO9RPvwASq0YmTu6Mcevo16oaGqlgQ%3D%3D\"}]}\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 96e62c8cdae85687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":564,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"5da4c1420f84ec727d1b6bdd0d46e62e","sha1":"280d08d142f7386283f420444ec48e1cdbfd61bb","sha256":"3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f","sha512":"7c51a628831d0236e8d314c71732b8a62e06334431d10f7c293c49b23665b2a6a1ddbc4772009010955b5228ea4a5cd97fb93581ce391ee1792e8a198b76111a","ssdeep":"","tlshash":"f4f0cd9f1f12387f2e238171f0c36068cf680a56fb9925e28748001f3aca04549f6fad","first_seen":"2023-05-01T23:14:01Z","last_seen":"2026-04-03T22:29:36.161637Z","times_seen":1343,"resource_available":true,"data":null}},"time_used":1965,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1965,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abcd-marly.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"abcd-marly.com","domain":"abcd-marly.com","tld":"com"},"ip":{"addr":"172.67.140.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:10.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"abcd-marly.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 06 Aug 2025 11:19:00 GMT","end":"Tue, 04 Nov 2025 12:17:45 GMT"},"fingerprint":{"sha1":"F6:91:CE:95:80:0A:FB:D7:C0:EC:37:57:84:85:1D:C6:37:C7:01:7C","sha256":"7D:36:0C:D4:38:94:BE:1D:8F:EB:80:E8:1F:7C:4E:84:B6:D8:D4:D5:93:45:86:C1:C0:81:FB:13:71:71:9A:F3"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: abcd-marly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-05T15:43:18.503379Z","times_seen":293093,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/hls.js@latest","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:10.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/hls.js@latest HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 Aug 2025 06:32:11 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 160008\r\ncf-ray: 96e62c81ea690b02-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 1.6.9\r\nx-jsd-version-type: version\r\netag: W/\"824e9-wykw6gv2eqZw1BOpEEEiR7w1QyM\"\r\ncontent-encoding: br\r\nx-served-by: cache-fra-eddf8230136-FRA, cache-lga21935-LGA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 42342\r\naccept-ranges: bytes\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=%2B2yVl9N0RqH4F9NCbSfkGQQlnoZ%2FTbmCUWCHlzuZR553efcB4E7Dv8m%2Bx1lmvga5%2Bie1SkeT%2Br%2FFlN9UU36q1YBxNsa%2BlRtgz9UpgqnN89fiFDh5wfwUpWk4xcIWWkFwNQE%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":533737,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"142f125746bd328f84b0df007b766f61","sha1":"c32930ea0bf67aa670d413a910412247bc354323","sha256":"18e6dc38fbb0c71320d163ad97905a85283d03776cd487023fe0cf199f1cdbb2","sha512":"0966d803f01994e6fc765558f68e8ae7edce03cbf809d088a5f3cccd309c412e69cefb21893d213a35deea79f367346328ab7c6d6b6b016bb77e01171a6a9167","ssdeep":"6144:tx52dSp2y+rLpmFuMRzY6Gjwv59UUDl6VWSqKxgcL0TB6TOXmTQEGk26nUa0l/AC:tz23LY7RzVGjXoSqKx1nNGD9D","tlshash":"2eb42aed36a5a01683c2b169903f5517633a7d0a280cc12cfa2be9d72d7994db13bf74","first_seen":"2025-08-08T00:44:20.389624Z","last_seen":"2026-03-23T09:01:20.414374Z","times_seen":91,"resource_available":true,"data":null}},"time_used":1814,"timings":{"blocked":841,"dns":0,"connect":0,"send":0,"wait":939,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.plyr.io/3.7.8/plyr.svg","fqdn":"cdn.plyr.io","domain":"plyr.io","tld":"io"},"ip":{"addr":"104.26.12.19","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:12.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.plyr.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 15 Jul 2025 18:22:10 GMT","end":"Mon, 13 Oct 2025 19:22:02 GMT"},"fingerprint":{"sha1":"B5:C4:09:A9:74:92:E3:88:D3:EC:E0:BA:08:CC:B2:EB:72:4B:A1:E2","sha256":"6D:3B:10:C6:E5:52:3F:8B:1E:5D:12:A0:50:0D:FE:A7:46:C2:D2:DA:42:B1:6D:C7:52:1E:C5:F7:92:C5:17:03"}}},"request":{"raw":"GET /3.7.8/plyr.svg HTTP/1.1\r\nHost: cdn.plyr.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://abcd-marly.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 Aug 2025 06:32:13 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xyw5aRUmC8q3913zt87Ap0CioLaaGEQl9QgWzez6vrKXxUfcjNB92ayNueDwfqVUX8FyNxZBSEhaOiQLKnZFqKwIZKRkslmf\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\nvary: Origin, Accept-Encoding\r\nlast-modified: Thu, 20 Apr 2023 10:33:44 GMT\r\netag: W/\"3a727a9b7eef825081d78cc6e48aaadf\"\r\ncontent-encoding: br\r\ncf-ray: 96e62c88deb80b61-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5785,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3a727a9b7eef825081d78cc6e48aaadf","sha1":"bc98e4a347921594352fbae53aaad185c0c7f6b5","sha256":"4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7","sha512":"a685f2c1a709994fbbf25582ccb4996562973e33b859d58225a3388de22410b5a2e2a52a87bda13d5473c3348f1ab7fb8c01010e6778d52276eb649ba03ba308","ssdeep":"96:ym9IR6RryIR6R2syGo0R1J5a6A3jalbI0NSJVUqSnxKfi5aR:yFR6RrRR6RHf1raYlM00JqAyaR","tlshash":"c7c197ffc72483b95c87993ddf33a090318fa1fab4e541b8a1558bb48b975c5e906e10","first_seen":"2023-05-09T20:31:23Z","last_seen":"2026-04-05T13:44:01.421917Z","times_seen":2949,"resource_available":true,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syimono1488.github.io/scripts/adict.js","fqdn":"syimono1488.github.io","domain":"syimono1488.github.io","tld":"github.io"},"ip":{"addr":"185.199.108.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:10.066Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /scripts/adict.js HTTP/1.1\r\nHost: syimono1488.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Wed, 18 Jun 2025 20:08:18 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: W/\"68531cb2-c30d\"\r\nexpires: Wed, 13 Aug 2025 05:54:58 GMT\r\ncache-control: max-age=600\r\ncontent-encoding: gzip\r\nx-proxy-cache: MISS\r\nx-github-request-id: 9871:15D756:1A6A482:1A9A1AA:689C265A\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Wed, 13 Aug 2025 06:32:10 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410030-HEL\r\nx-cache: HIT\r\nx-cache-hits: 0\r\nx-timer: S1755066730.424154,VS0,VE132\r\nvary: Accept-Encoding\r\nx-fastly-request-id: c18d280a69df8334fd0739ea208108a1b3ffcee3\r\ncontent-length: 17291\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":49933,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3640)","md5":"4bfd3eaa879a4ae5e6a654ab285f78c4","sha1":"884099ab29954115c6ab40ed25f0133b84c31440","sha256":"ea1ad31a482ff946e27d8b85896c3fb70e21808417c2f9b4cbf474bfcd61fb6a","sha512":"426e0d7205599a95f73026c9238dc7d7471faf4451937835de94f44c24d317d85b55ee1e77c22d93e7aa46d24fdffb62f2a9c075de23a1cc5983ca1901807399","ssdeep":"768:EPxqPJPgTRWUdNwuZsPG8ZDjy9YY6MNg9T2sVV4xgnumPcG0ojd7dX7Ejor9R2u9:Eg1PRy6QUT23xgnoX87dXQjbuEa/","tlshash":"d323c518d8f208930077a156669a19017c14412b7e0afd20bfac6d9c5fcd92f6bb67bf","first_seen":"2025-08-13T06:32:39.870992Z","last_seen":"2025-08-13T06:32:39.870992Z","times_seen":1,"resource_available":false,"data":null}},"time_used":871,"timings":{"blocked":350,"dns":2,"connect":28,"send":0,"wait":152,"receive":7,"ssl":308},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abcd-marly.com/2.gif","fqdn":"abcd-marly.com","domain":"abcd-marly.com","tld":"com"},"ip":{"addr":"172.67.140.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:10.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"abcd-marly.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 06 Aug 2025 11:19:00 GMT","end":"Tue, 04 Nov 2025 12:17:45 GMT"},"fingerprint":{"sha1":"F6:91:CE:95:80:0A:FB:D7:C0:EC:37:57:84:85:1D:C6:37:C7:01:7C","sha256":"7D:36:0C:D4:38:94:BE:1D:8F:EB:80:E8:1F:7C:4E:84:B6:D8:D4:D5:93:45:86:C1:C0:81:FB:13:71:71:9A:F3"}}},"request":{"raw":"GET /2.gif HTTP/1.1\r\nHost: abcd-marly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 Aug 2025 06:32:10 GMT\r\ncontent-type: image/gif\r\ncontent-length: 23588844\r\nserver: cloudflare\r\nlast-modified: Fri, 08 Aug 2025 13:01:12 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"6895f518-167efec\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oIPROlBE3OHYEx8auYVUX47LqbF9pfwCCSrpM68chCPgpIOhv54fheUsGZRbKPzreKEH66M2oq6%2FQdfXtlvZl5udHSQ3tSz6fvkx3A%3D%3D\"}]}\r\ncf-ray: 96e62c76ea795687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23588844,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 500 x 282","md5":"c021ba2b76b13998e9dd6177ea29847a","sha1":"229eeb92d5d3d9e87b63b8b168878eafdee12610","sha256":"b8a58fa1a628f80ac9511845372b7a3cccee2da4a90b7338b4c2d021d249f13f","sha512":"e730d8f107874fe6f501da698ad0dc34725fbd172ce027b4c550d6d1cb07496f4254caacb669e34f01764d1b918a12217765e52e90df2d8a5505d542db9ed19a","ssdeep":"24576:gN5GuIHZu7eQUJfK8hBsCvdG3uFrNZhIj20RMj:aA7fbBsCM+F5uRa","tlshash":"e625238bcac497472e9097bdac285768b9bde1bd3879a202f741985f7f1410824e07f7","first_seen":"2025-08-13T06:32:39.872Z","last_seen":"2025-08-13T06:32:39.872Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2692,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":2615,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2025-08-13","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"abcd-marly.com/2.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"wtcprojects.com/denivideo/CAabcd-marly.com/21.ts","fqdn":"wtcprojects.com","domain":"wtcprojects.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:13.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wtcprojects.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 Aug 2025 07:59:40 GMT","end":"Fri, 31 Oct 2025 08:57:02 GMT"},"fingerprint":{"sha1":"C3:29:93:D6:91:BC:46:26:27:B8:15:7F:BD:47:B5:05:E0:AF:92:4C","sha256":"83:4A:C7:12:5F:A6:C0:6B:36:12:B4:65:6E:A1:CB:19:4D:F6:48:4E:CA:CE:04:F5:E1:16:DA:82:F9:B8:36:2E"}}},"request":{"raw":"GET /denivideo/CAabcd-marly.com/21.ts HTTP/1.1\r\nHost: wtcprojects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://abcd-marly.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nlast-modified: Fri, 08 Aug 2025 12:43:28 GMT\r\netag: \"347f10-63bd9ebb1a488\"\r\naccept-ranges: bytes\r\ncontent-length: 3440400\r\nx-powered-by: TinyCP\r\nstrict-transport-security: max-age=600; preload\r\naccess-control-allow-origin: https://abcd-marly.com\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-headers: Range\r\naccess-control-expose-headers: Content-Length, Content-Range\r\ncontent-type: video/mp2t\r\ndate: Wed, 13 Aug 2025 06:32:13 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0%2FPabaIo%2BDJn7lid6Uulta1dptiGHHQZdJuFQkrg2yj%2BOFfHrxFZ8TfeO8WeUceQgH7%2Bw%2Bni4KJw4g1WosAVOWhRcOY5Ob1BVh6XtNQ%3D\"}]}\r\ncf-ray: 96e62c8d78fa56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3440400,"size_decoded":0,"mime_type":"video/mp2t","magic":"data","md5":"94539087008cacb8e351e0e476a2049f","sha1":"472168e259396801bb56c49253a3eca02b3c256f","sha256":"fcb28138169d00c52a76cf669e9127a9c14fc35af3ff6471f16f9ed0b8bd2b4b","sha512":"7c045fb7ec3e30c06d3e6eb03bc9e8ac3170b8e784c334ea26bdf6329745700a4aee9f41d2873957a213cc197fd5f7f77485d04f8343fe3d97e1e8f607342a88","ssdeep":"24576:60iuMp7hG69q/oWTp+0fdR/J3yDyZwey7DwS8n/S:6fa69UoR0fdWDy+d7cE","tlshash":"e32523adf3905e2b2cda94d40145c7ce92161c762b1227232ea8ff56f4f84f4d278a79","first_seen":"2025-08-13T06:32:39.872874Z","last_seen":"2025-08-13T06:32:39.872874Z","times_seen":1,"resource_available":false,"data":null}},"time_used":512,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":337,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abcd-marly.com/1.gif","fqdn":"abcd-marly.com","domain":"abcd-marly.com","tld":"com"},"ip":{"addr":"172.67.140.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:10.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"abcd-marly.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 06 Aug 2025 11:19:00 GMT","end":"Tue, 04 Nov 2025 12:17:45 GMT"},"fingerprint":{"sha1":"F6:91:CE:95:80:0A:FB:D7:C0:EC:37:57:84:85:1D:C6:37:C7:01:7C","sha256":"7D:36:0C:D4:38:94:BE:1D:8F:EB:80:E8:1F:7C:4E:84:B6:D8:D4:D5:93:45:86:C1:C0:81:FB:13:71:71:9A:F3"}}},"request":{"raw":"GET /1.gif HTTP/1.1\r\nHost: abcd-marly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 Aug 2025 06:32:10 GMT\r\ncontent-type: image/gif\r\ncontent-length: 22581160\r\nserver: cloudflare\r\nlast-modified: Fri, 08 Aug 2025 13:01:14 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"6895f51a-1588fa8\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yuRrKBfn4k08mmajsEeOms%2BEIWupX8NDIDuJWc6p5txd4ll%2FmdEXAWfTxnhSHeNKxwnWuyyZsk%2BA5cR%2BxLLmxFR0Wa0K7BwhIO40iA%3D%3D\"}]}\r\ncf-ray: 96e62c76ea735687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22581160,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 500 x 282","md5":"ec4de573df5a40e9e4ca59b782747777","sha1":"6cf87c3e9c94093c9818b2bd4f4053c0dbdc5ca6","sha256":"fc321fcbc7b2143a5380c245950b77471f7f3a5ee870d9ec8ea66bc0d3dc0e31","sha512":"0eaf5f3fda8e5192629b70b1f23aca40abe4a7cf2ed3d9c11bc076b7889a04379549ee6b55fb9072bca26aae67566aebe79c6f17163b812a40cca84521ee3133","ssdeep":"24576:1/mcy1wcNiIKkAGDNJywMbqnLCQnE7cUtpq4BuS2YO+oiDvu7q5A:JAgrGDewVOQnt8D2xiDGaA","tlshash":"0c2533c2836f857ad04284d1fec5acf37315ae80f8846329d6641e91af9b7954ce34af","first_seen":"2025-08-13T06:32:39.873875Z","last_seen":"2025-08-13T06:32:39.873875Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1748,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":1693,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2025-08-13","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"abcd-marly.com/1.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/hls.js@latest","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:10.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/hls.js@latest HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 Aug 2025 06:32:10 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 160008\r\ncf-ray: 96e62c78bdd8569d-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 1.6.9\r\nx-jsd-version-type: version\r\netag: W/\"824e9-wykw6gv2eqZw1BOpEEEiR7w1QyM\"\r\ncontent-encoding: br\r\nx-served-by: cache-fra-eddf8230136-FRA, cache-lga21935-LGA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 42341\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=iXbLYqnHqaOoE28JxjcMWeNi0XuVOUr%2FOxjTkbBTlV1ouSmRQz39xyXWtJp0PReztSQozxJvqABFyTzAq4pJBApUK0M0ySm0sJyaDkP6b%2BYBVelfOB94J5yLQvpyJkhJenc%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":533737,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"142f125746bd328f84b0df007b766f61","sha1":"c32930ea0bf67aa670d413a910412247bc354323","sha256":"18e6dc38fbb0c71320d163ad97905a85283d03776cd487023fe0cf199f1cdbb2","sha512":"0966d803f01994e6fc765558f68e8ae7edce03cbf809d088a5f3cccd309c412e69cefb21893d213a35deea79f367346328ab7c6d6b6b016bb77e01171a6a9167","ssdeep":"6144:tx52dSp2y+rLpmFuMRzY6Gjwv59UUDl6VWSqKxgcL0TB6TOXmTQEGk26nUa0l/AC:tz23LY7RzVGjXoSqKx1nNGD9D","tlshash":"2eb42aed36a5a01683c2b169903f5517633a7d0a280cc12cfa2be9d72d7994db13bf74","first_seen":"2025-08-08T00:44:20.389624Z","last_seen":"2026-03-23T09:01:20.414374Z","times_seen":91,"resource_available":true,"data":null}},"time_used":327,"timings":{"blocked":-1,"dns":3,"connect":3,"send":0,"wait":30,"receive":20,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.plyr.io/3.7.8/plyr.svg","fqdn":"cdn.plyr.io","domain":"plyr.io","tld":"io"},"ip":{"addr":"104.26.12.19","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:12.940Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.plyr.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 15 Jul 2025 18:22:10 GMT","end":"Mon, 13 Oct 2025 19:22:02 GMT"},"fingerprint":{"sha1":"B5:C4:09:A9:74:92:E3:88:D3:EC:E0:BA:08:CC:B2:EB:72:4B:A1:E2","sha256":"6D:3B:10:C6:E5:52:3F:8B:1E:5D:12:A0:50:0D:FE:A7:46:C2:D2:DA:42:B1:6D:C7:52:1E:C5:F7:92:C5:17:03"}}},"request":{"raw":"GET /3.7.8/plyr.svg HTTP/1.1\r\nHost: cdn.plyr.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://abcd-marly.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 Aug 2025 06:32:13 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0E1fiYjWkgkXcZXL4jdMWddwiCuSrN%2FmdbDlgZOQc3uch%2BRDnSmg5WJNQJ317tUkhsDxgHRMZNaAuoo9vGGdFxE%2FRWl2x3Qw\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\nage: 0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 20 Apr 2023 10:33:44 GMT\r\nvary: Origin, Accept-Encoding\r\netag: W/\"3a727a9b7eef825081d78cc6e48aaadf\"\r\ncontent-encoding: br\r\ncf-ray: 96e62c88eeca0b61-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5785,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3a727a9b7eef825081d78cc6e48aaadf","sha1":"bc98e4a347921594352fbae53aaad185c0c7f6b5","sha256":"4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7","sha512":"a685f2c1a709994fbbf25582ccb4996562973e33b859d58225a3388de22410b5a2e2a52a87bda13d5473c3348f1ab7fb8c01010e6778d52276eb649ba03ba308","ssdeep":"96:ym9IR6RryIR6R2syGo0R1J5a6A3jalbI0NSJVUqSnxKfi5aR:yFR6RrRR6RHf1raYlM00JqAyaR","tlshash":"c7c197ffc72483b95c87993ddf33a090318fa1fab4e541b8a1558bb48b975c5e906e10","first_seen":"2023-05-09T20:31:23Z","last_seen":"2026-04-05T13:44:01.421917Z","times_seen":2949,"resource_available":true,"data":null}},"time_used":185,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wtcprojects.com/denivideo/CAabcd-marly.com/10.ts","fqdn":"wtcprojects.com","domain":"wtcprojects.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:12.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wtcprojects.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 Aug 2025 07:59:40 GMT","end":"Fri, 31 Oct 2025 08:57:02 GMT"},"fingerprint":{"sha1":"C3:29:93:D6:91:BC:46:26:27:B8:15:7F:BD:47:B5:05:E0:AF:92:4C","sha256":"83:4A:C7:12:5F:A6:C0:6B:36:12:B4:65:6E:A1:CB:19:4D:F6:48:4E:CA:CE:04:F5:E1:16:DA:82:F9:B8:36:2E"}}},"request":{"raw":"GET /denivideo/CAabcd-marly.com/10.ts HTTP/1.1\r\nHost: wtcprojects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://abcd-marly.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 Aug 2025 06:32:12 GMT\r\ncontent-type: video/mp2t\r\ncontent-length: 3766016\r\nlast-modified: Fri, 08 Aug 2025 12:43:26 GMT\r\netag: \"397700-63bd9eb989e37\"\r\naccept-ranges: bytes\r\nx-powered-by: TinyCP\r\nstrict-transport-security: max-age=600; preload\r\naccess-control-allow-origin: https://abcd-marly.com\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-headers: Range\r\naccess-control-expose-headers: Content-Length, Content-Range\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kVjaNlQ2swCG4lSrWPYGhjszFH9MLjNoIQz12J4NgtbwX4Wuj2MeIDlfK4a9sx8A6PldNRssvhhB4Kbd1FqUJdfD0AfXDk074Blwp%2BI%3D\"}]}\r\ncf-ray: 96e62c88fa545691-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3766016,"size_decoded":0,"mime_type":"video/mp2t","magic":"data","md5":"d076b2509b986b643e7471039176135d","sha1":"1fd5bba5277011d603e622f5e3554fac1427285f","sha256":"e2076d6060fb5d1e19173f4b4bc42438b04179eecc5fc7db1ee29b49f9645436","sha512":"167b52581a974aff475f3a07e50a3bfd3600d3eb8639e92c58bc873dae07cadb450337b025ed54788809190c32dd45e296799ef3ebe03c57cd7d1d1a9945c5b4","ssdeep":"24576:7g1SlkWLGKGE3P3AsW6afC1889V+5DxNuTeyqhhx:E1SiKH39W6sF89oDxNuayqN","tlshash":"27253379fa488f16bd2a9217199cc1cbc4f44d21bb4ca35b0821f55cf4bf6e4d069175","first_seen":"2025-08-13T06:32:39.874713Z","last_seen":"2025-08-13T06:32:39.874713Z","times_seen":1,"resource_available":false,"data":null}},"time_used":409,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":43,"receive":366,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.4.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.194.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:10.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.6.4.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://abcd-marly.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-15ec3\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Wed, 13 Aug 2025 06:32:10 GMT\r\nage: 679739\r\nx-served-by: cache-lga21953-LGA, cache-hel1410026-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 104614, 8483\r\nx-timer: S1755066730.386243,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 31011\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":89795,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"641dd14370106e992d352166f5a07e99","sha1":"eda46747c71d38a880bee44f9a439c3858bb8f99","sha256":"a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af","sha512":"a6e981b23351186aa43f32879dd64c6801be6e2af7ef8b0e472cccdeeba52d5d7894de4bcb292a364f1e11e525524077534338140a72687ada4fae62849843a5","ssdeep":"1536:IjjxXUHunxDjoXEZxkMV4PYDt0zxxf6gP3f8cApoEGOzZTBqUsuy8WnKdXwhLQvg:IeeIygP3fulzhsz8jlvaDioQ47GKH","tlshash":"d193f8ddb2c6702247a770ba007f510bf236199d684d8450f269d8e9bc78a4e827bf7d","first_seen":"2023-03-26T04:59:07Z","last_seen":"2026-04-05T15:06:35.423796Z","times_seen":20960,"resource_available":true,"data":null}},"time_used":667,"timings":{"blocked":317,"dns":1,"connect":14,"send":0,"wait":15,"receive":8,"ssl":283},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"syimono1488.github.io/scripts/intlTelInput.css","fqdn":"syimono1488.github.io","domain":"syimono1488.github.io","tld":"github.io"},"ip":{"addr":"185.199.108.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:10.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /scripts/intlTelInput.css HTTP/1.1\r\nHost: syimono1488.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: text/css; charset=utf-8\r\nlast-modified: Wed, 18 Jun 2025 20:08:18 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: W/\"68531cb2-4afb\"\r\nexpires: Wed, 13 Aug 2025 05:27:08 GMT\r\ncache-control: max-age=600\r\ncontent-encoding: gzip\r\nx-proxy-cache: MISS\r\nx-github-request-id: 1C20:D2B88:19656FD:1993FF7:689C1FD3\r\naccept-ranges: bytes\r\nage: 271\r\ndate: Wed, 13 Aug 2025 06:32:10 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410030-HEL\r\nx-cache: HIT\r\nx-cache-hits: 0\r\nx-timer: S1755066730.359924,VS0,VE1\r\nvary: Accept-Encoding\r\nx-fastly-request-id: d01a2c67612be0046280fee0ac7961b8e98bd9c8\r\ncontent-length: 2936\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":19195,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (19194)","md5":"92095f7974318063419ec49e5de2fa1c","sha1":"d1b985137ee55b06187cf0743aebe94f41ae2aaa","sha256":"a4040772ef94fa725597977a0487b87bf25c267d48e41dd11b1550c073e8c26f","sha512":"f099ef2e90a335fcf6e2c45662fe924978b8d780499185963f7b9dd5cd8d2495808cb37086ed481e491df7063f6a84c805dd02f25d4afa009efc7089bb114c5e","ssdeep":"96:NUIf0JFMu0/3lGhMETVexACZw0+U+4vyke09ojt4vv9mbgPnx1L+zPjXDIlSYp5:PoMNEh/TVc6jU+4v7fix43obCfCfIlSs","tlshash":"4d821f1709a32429f627d5a261708eb637278c0bf4264fba49153e7ca3825d41df3fe2","first_seen":"2023-11-07T14:11:46Z","last_seen":"2026-01-10T00:08:10.429529Z","times_seen":5,"resource_available":false,"data":null}},"time_used":607,"timings":{"blocked":282,"dns":3,"connect":15,"send":0,"wait":27,"receive":0,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.plyr.io/3.7.8/plyr.polyfilled.js","fqdn":"cdn.plyr.io","domain":"plyr.io","tld":"io"},"ip":{"addr":"104.26.12.19","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:10.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.plyr.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 15 Jul 2025 18:22:10 GMT","end":"Mon, 13 Oct 2025 19:22:02 GMT"},"fingerprint":{"sha1":"B5:C4:09:A9:74:92:E3:88:D3:EC:E0:BA:08:CC:B2:EB:72:4B:A1:E2","sha256":"6D:3B:10:C6:E5:52:3F:8B:1E:5D:12:A0:50:0D:FE:A7:46:C2:D2:DA:42:B1:6D:C7:52:1E:C5:F7:92:C5:17:03"}}},"request":{"raw":"GET /3.7.8/plyr.polyfilled.js HTTP/1.1\r\nHost: cdn.plyr.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 Aug 2025 06:32:10 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wEsesrRu4bqK2zid7PstMkuZNaG0Vzk4aGpOtobGRjxUASU1SYOlxCC0gg2SWyDZWzHfC5Q5s0R6KONnzQZ3Jq%2Fq1h2Ak%2BLA\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\nage: 1596470\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 20 Apr 2023 10:33:44 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"253ee1a5a9cd9c396c1cc6700b1c4a3b\"\r\ncontent-encoding: br\r\ncf-ray: 96e62c78bd480b61-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":119965,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"253ee1a5a9cd9c396c1cc6700b1c4a3b","sha1":"61f806525c05479befcd5c5d9c46e07afbb6f2f5","sha256":"c85b8725c14a895352666c902d48f011cc9be03f25a97fbd54d1111d87d17074","sha512":"29a75c0293ae7febc1be10084e0c3c8e117191c1a1268aa4ce15ab18b079521784edd3c14fe87070d4e4b4ab75e5fd6d4567fffea9232911b11624d989ad775e","ssdeep":"1536:hhaP8CysBHnjvlzs265In0KSVjq1FrJRD4r/lhmn7GGq78NUQJkAwwlepmDZBS3y:hG88j91D1/itRajAUccxnC8v","tlshash":"b9c319c3325af63181a659dea036021572398b9a7005c26cfd3cedde6838d4276bbf75","first_seen":"2024-12-13T21:52:52.464036Z","last_seen":"2026-04-05T15:03:08.821273Z","times_seen":422,"resource_available":true,"data":null}},"time_used":319,"timings":{"blocked":-1,"dns":0,"connect":6,"send":0,"wait":26,"receive":0,"ssl":282},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abcd-marly.com/2.gif","fqdn":"abcd-marly.com","domain":"abcd-marly.com","tld":"com"},"ip":{"addr":"172.67.140.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:13.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"abcd-marly.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 06 Aug 2025 11:19:00 GMT","end":"Tue, 04 Nov 2025 12:17:45 GMT"},"fingerprint":{"sha1":"F6:91:CE:95:80:0A:FB:D7:C0:EC:37:57:84:85:1D:C6:37:C7:01:7C","sha256":"7D:36:0C:D4:38:94:BE:1D:8F:EB:80:E8:1F:7C:4E:84:B6:D8:D4:D5:93:45:86:C1:C0:81:FB:13:71:71:9A:F3"}}},"request":{"raw":"GET /2.gif HTTP/1.1\r\nHost: abcd-marly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abcd-marly.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 13 Aug 2025 06:32:13 GMT\r\ncontent-type: image/gif\r\ncontent-length: 23588844\r\nlast-modified: Fri, 08 Aug 2025 13:01:12 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"6895f518-167efec\"\r\naccept-ranges: bytes\r\nage: 2\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HxFKJ11llaLC48glR2E9CbhgPhY6gFbLGeJL4FeMSth7sWnvULwBbyS1yaojqNP1KCrpxDg4qZo4bt5yXo5hRJABqHue4CODeHU5BQ%3D%3D\"}]}\r\nvary: accept-encoding\r\ncf-ray: 96e62c899ac05687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23588844,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 500 x 282","md5":"c021ba2b76b13998e9dd6177ea29847a","sha1":"229eeb92d5d3d9e87b63b8b168878eafdee12610","sha256":"b8a58fa1a628f80ac9511845372b7a3cccee2da4a90b7338b4c2d021d249f13f","sha512":"e730d8f107874fe6f501da698ad0dc34725fbd172ce027b4c550d6d1cb07496f4254caacb669e34f01764d1b918a12217765e52e90df2d8a5505d542db9ed19a","ssdeep":"24576:gN5GuIHZu7eQUJfK8hBsCvdG3uFrNZhIj20RMj:aA7fbBsCM+F5uRa","tlshash":"e625238bcac497472e9097bdac285768b9bde1bd3879a202f741985f7f1410824e07f7","first_seen":"2025-08-13T06:32:39.872Z","last_seen":"2025-08-13T06:32:39.872Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2477,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":2463,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2025-08-13","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"abcd-marly.com/2.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"syimono1488.github.io/scripts/flags.png","fqdn":"syimono1488.github.io","domain":"syimono1488.github.io","tld":"github.io"},"ip":{"addr":"185.199.108.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abcd-marly.com/","date":"2025-08-13T06:32:13.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /scripts/flags.png HTTP/1.1\r\nHost: syimono1488.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://syimono1488.github.io/scripts/intlTelInput.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nlast-modified: Wed, 18 Jun 2025 20:08:18 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"68531cb2-114c9\"\r\nexpires: Wed, 13 Aug 2025 05:54:59 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: C318:5E659:577BF7:58110F:689C265B\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Wed, 13 Aug 2025 06:32:13 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410030-HEL\r\nx-cache: HIT\r\nx-cache-hits: 0\r\nx-timer: S1755066733.069656,VS0,VE121\r\nvary: Accept-Encoding\r\nx-fastly-request-id: ce50fdc27fa01e933d50a839ea5341d99ca9c9d8\r\ncontent-length: 70857\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":70857,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced","md5":"416250f60d785a2e02f17e054d2e4e44","sha1":"21572c9751e5a3dc20395befa0fcb349c32c4811","sha256":"0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55","sha512":"cf1e7acf47464f00d206e9149475e22b8ea5a31727fa16344cd151384d850b83ece5e9abe4ac62861dba0dc3d3410955611d94665b60e2faa0c3d7a3d7c88404","ssdeep":"1536:cBBfgWxg7McnRdaRx9krb5LhxHG1gmvlpWUZA1eog3e7xr:Lg+3n3ax9kHV3Wgmdg2A1Y3elr","tlshash":"9763019797adf1d82a92274bef801109ae6c2b3d5d7c1da372cf1d532ae12c306c8586","first_seen":"2023-04-05T15:31:12Z","last_seen":"2026-04-05T14:34:08.044137Z","times_seen":22586,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":134,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}