{"report_id":"cd492f89-682d-4968-99d9-6adac904777b","version":6,"status":"done","tags":[],"date":"2025-10-26T17:23:19Z","url":{"schema":"http","addr":"taviron.click/","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"taviron.click/","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"title":"Web","dom":{"size":1649,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"512c6c2243bac26732f993bda2f6f591","sha1":"dfece9ec685744c8e54d0460d9cda870d788a2da","sha256":"aff4599c30fe4416c65e91978af900e6e8401cf7a87f201050d461a34e89bde7","sha512":"441ed1e0e4d8674584653fa875499f48c8037ced7cd7885936ffa2adbd6a662471cbe134a9f6b890af72d2450ffda134c1654bca4479393bdbddf13e493de359","ssdeep":"","tlshash":"57315163dc5a441d3222831ae8f9f1495669d91b6a5da8c0b1ed535bcfc8f98a083cec","dom_hash":"domhashf404a5e4f8629d737830a8d78d61f5fe","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":"PGh0bWwgdHJhbnNsYXRlPSJubyIgY2xhc3M9Im5vdHJhbnNsYXRlIiBzdHlsZT0iLS1zY3JvbGxiYXItd2lkdGg6IDBweDsgLS12aDogMTAuMjRweDsiIGxhbmc9ImVuIj48aGVhZD4KICA8bWV0YSBjaGFyc2V0PSJVVEYtOCI+CiAgPHRpdGxlPldlYjwvdGl0bGU+CiAgPG1ldGEgbmFtZT0idmlld3BvcnQiIGNvbnRlbnQ9IndpZHRoPWRldmljZS13aWR0aCxpbml0aWFsLXNjYWxlPTEsbWF4aW11bS1zY2FsZT0xLHVzZXItc2NhbGFibGU9bm8sc2hyaW5rLXRvLWZpdD1ubyx2aWV3cG9ydC1maXQ9Y292ZXIiPgoKICA8IS0tIOemgeatouaQnOe0ouW8leaTjue0ouW8leWSjOeIrOWPliAtLT4KICA8bWV0YSBuYW1lPSJyb2JvdHMiIGNvbnRlbnQ9Im5vaW5kZXgsIG5vZm9sbG93LCBub2FyY2hpdmUsIG5vc25pcHBldCwgbm9vZHAsIG5veWRpciI+CiAgPG1ldGEgbmFtZT0iZ29vZ2xlYm90IiBjb250ZW50PSJub2luZGV4LCBub2ZvbGxvdywgbm9hcmNoaXZlLCBub3NuaXBwZXQiPgogIDxtZXRhIG5hbWU9ImJpbmdib3QiIGNvbnRlbnQ9Im5vaW5kZXgsIG5vZm9sbG93LCBub2FyY2hpdmUsIG5vc25pcHBldCI+CiAgPG1ldGEgbmFtZT0iZ29vZ2xlIiBjb250ZW50PSJub3NpdGVsaW5rc3NlYXJjaGJveCI+CiAgPG1ldGEgbmFtZT0iZ29vZ2xlLXNpdGUtdmVyaWZpY2F0aW9uIiBjb250ZW50PSIiPgoKICA8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVNlY3VyaXR5LVBvbGljeSIgY29udGVudD0iCiAgICAgIGRlZmF1bHQtc3JjICdzZWxmJzsKICAgICAgY29ubmVjdC1zcmMgJ3NlbGYnIGh0dHBzOiBodHRwOiB3c3M6IGJsb2I6OwogICAgICBzY3JpcHQtc3JjICdzZWxmJyAnd2FzbS11bnNhZmUtZXZhbCcgaHR0cHM6Ly90Lm1lL193ZWJzeW5jXyBodHRwczovL3RlbGVncmFtLm1lL193ZWJzeW5jXzsKICAgICAgc3R5bGUtc3JjICdzZWxmJyAndW5zYWZlLWlubGluZSc7CiAgICAgIGltZy1zcmMgJ3NlbGYnIGRhdGE6IGJsb2I6IGh0dHBzOjsKICAgICAgbWVkaWEtc3JjICdzZWxmJyBibG9iOiBkYXRhOjsKICAgICAgb2JqZWN0LXNyYyAnbm9uZSc7CiAgICAgIGZyYW1lLXNyYyBodHRwczogaHR0cDo7CiAgICAgIGJhc2UtdXJpICdub25lJzsKICAgICAgZm9ybS1hY3Rpb24gJ25vbmUnOwogICI+CgoKICA8c2NyaXB0IHNyYz0iLi9yZWRpcmVjdC5qcyI+PC9zY3JpcHQ+CiAgPHNjcmlwdCBkZWZlcj0iZGVmZXIiIHNyYz0ibWFpbi5hZDdkYWNlYjIwNjM5MDQ3ZmFjOC5qcz90PTIiPjwvc2NyaXB0PgogIDxsaW5rIGhyZWY9Im1haW4uYzI1MjdhYzE2YzMzZjBlMWVkYzUuY3NzIiByZWw9InN0eWxlc2hlZXQiPgo8c3R5bGU+PC9zdHlsZT48L2hlYWQ+Cgo8Ym9keSBpZD0icm9vdCI+CiAgPG5vc2NyaXB0PgogICAgPHZpZGVvIHNyYz0iLi9ub2pzLm1wNCIgY2xhc3M9Im5vanMtdmlkZW8iIG11dGVkIGxvb3AgYXV0b3BsYXkgcGxheXNpbmxpbmUgZGlzYWJsZXBpY3R1cmVpbnBpY3R1cmU+PC92aWRlbz4KICAgIDxoMT5XZWI8L2gxPgogICAgPHA+UGxlYXNlLCBlbmFibGUgSmF2YVNjcmlwdCB0byBvcGVuIHRoZSBhcHAuPC9wPgogIDwvbm9zY3JpcHQ+CiAgPGRpdiBpZD0icG9ydGFscyI+PC9kaXY+CiAgPHNjcmlwdCBzcmM9Ii4vY29tcGF0VGVzdC5qcyI+PC9zY3JpcHQ+CgoKPC9ib2R5PjwvaHRtbD4="}},"submit":{"url":{"schema":"http","addr":"taviron.click/","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-30T17:23:19Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"taviron.click","ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-19","domain_rank":0,"first_seen":"2025-10-26T17:23:19.790567Z","last_seen":"2025-10-26T17:23:19.790567Z","alert_count":87,"request_count":29,"received_data":2134636,"sent_data":13166,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"taviron.click/compatTest.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e56b7aaea93e41fa5608aab3653ec69e","sha1":"262982aa7dfdb539070d68e220e0673214d86c47","sha256":"996ed63151d0fbc6f0b7fec827e9ad696a16647bd154c38be4b869c22bf1d9f0","sha512":"a87cd35e857d29ca2058647a66ff46e1eabb130c5549d9d63687dc0753bca17ac3ee4ccee491fde966e00fd87f9669a31ff6384b91e480e82c3b93f49a978992","ssdeep":"","tlshash":"4c51162a4cb5327150796167eb0fb14376298577060ce76ca120cf387eb185b825fee9","size":2914,"data":"","first_seen":"2025-04-25T09:53:23.698524Z","last_seen":"2026-05-13T06:53:17.70176Z","times_seen":306,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/main.ad7daceb20639047fac8.js?t=2","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"74781a4d96821b3df36957bb03e52830","sha1":"e69c2de8f2ea09459a053ea0f08ba5be952a3462","sha256":"1549fa4f6faf945f46afe4893ff7eeb1ed82aa8f84b2e53044789201f72ed978","sha512":"d747cfc1d8e572c8200293b6f486eb621a1393c5f3e92370c7266b08ec96e2074a2462697356182fbb3f86dc90b51d9e3cb5d97bccb000aaa1899d383c33cece","ssdeep":"6144:EwMdkD/FR2BKG8U+fpB/mcjEr7SjIpRFjcXyIcAmhTCZGfnjrDPIPXvNijY0:tF0lyKLSI2U9","tlshash":"ec15634672f231394207f0795a5fcd1972356a0b2a88ec593a4ca2511f8a57cebf6fcc","size":933837,"data":"","first_seen":"2025-10-12T15:17:32.26127Z","last_seen":"2025-12-02T00:16:31.879794Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/6708.3f91e6e80ce12129988d.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2cb3499e04194c102a58ed4edfe17402","sha1":"a8f4fdbde9e3519ba5b6cb861bbecef064a7784a","sha256":"69d0fcea5d2dfea7462f348ce2fdb7556deb739890017b3a9d8c61e74ae50aa9","sha512":"147f233a3a236da4cb8bc7740eecf108e14d4316c01f22850a50e2ba9150395c9bab533c28bed7908d9f50c10f2d8686edd280904c37c230ad50ea43843a00bc","ssdeep":"192:KIC6cWQ5hVT1/pammBj+hpYUTaI+ndqK+/GtsV17t1IYZ1W:KIzcWKVTPSZ+TYU27nYK+3fR1IYZ1W","tlshash":"8312da56a131747e62a694d6e2140b027a36d0587c09a2bdf73c7cfb2c9680a35bcf78","size":9237,"data":"","first_seen":"2025-08-09T12:19:04.058547Z","last_seen":"2026-05-14T23:27:20.493703Z","times_seen":146,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/redirect.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"17773b57b87a678c98e26a7cac72df6c","sha1":"7422857aa75ee81cabcec2eed6c4a6168f363ee1","sha256":"375141f2d3f04c733276dbff5d9208ff36b2db6a64abcee723179ac24797974f","sha512":"28d9e1c2af08154e653e2291db46f4110edbf9f5591192f8d695c8852f9c3c755d69dfb5a032a45f51e0a3fc9417f16c20d0772b1225ca9b85e5531e12fa8bfc","ssdeep":"","tlshash":"e8e07dda0279030417e013f36d82b4709137c2fb604c5d028d984321a1b9b4f5b7b84f","size":325,"data":"","first_seen":"2023-07-27T09:32:34Z","last_seen":"2026-05-26T06:27:48.381415Z","times_seen":11450,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"taviron.click/main.c2527ac16c33f0e1edc5.css","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://taviron.click/","date":"2025-10-26T17:22:57.119Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /main.c2527ac16c33f0e1edc5.css HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:22:57 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P%2Fvi4%2BWOiAssgHzlB0UYJFYaR01%2FyYkY0%2BMSJ4TdzX3uTJt%2Baf8Y8eKM2eZ9szbH3aqdqHU894Fxfq5uGuDj7XgiQADMHS%2ByfmUXB6c%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997ac-1c066\"\r\nexpires: Mon, 27 Oct 2025 05:22:57 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba382fd278be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":114790,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (11610)","md5":"0caeaf459d1ed0b33c615cb5f14dca86","sha1":"40c6cd3e41d49b6b46a56acf4b241b6bec99ab52","sha256":"32851da5b1124845db6cfc9b9fddfbc554cb4568d0b86b22c4ecd46b127c6927","sha512":"d72790a9068072d03a4436f188a42a334b976fc9dff29b04762830ad889915a9e9279341ea55229d9fa8a910fdbf46975a3e488f3bd2a7e025053c1d3a77254d","ssdeep":"768:w10Q9RiIfAm3lPrChnv3XrscbqasUgkndLoo9+b6UbdWAkcI5/ydO8QtfEEV+p2z:IPRiSArscbxsUgknK7WF5oYfNT","tlshash":"fbb3d8a4e98411f9ab23c23e97c4d76c9d38e481dd210fafb617615c07ca3eb12d2b59","first_seen":"2025-10-04T18:18:13.142524Z","last_seen":"2026-05-04T08:35:36.639933Z","times_seen":120,"resource_available":false,"data":null}},"time_used":830,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":556,"receive":274,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/9443.9a77810d7ca6ba92249a.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/","date":"2025-10-26T17:23:02.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /9443.9a77810d7ca6ba92249a.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:23:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U%2BAk0cPKzT18Dh%2FB%2Fh%2FxU0FLNXpmbMwmdm%2BknZOAjwY97%2Bz%2FMNVwGkrWYYGQES8dvSRrXzePZnXNDrewRb9RavQFdwXkpbiioyZ6jRY%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997ac-2cf8\"\r\nexpires: Mon, 27 Oct 2025 05:23:02 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba3a4fad18be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11512,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (11458)","md5":"9c29f3f04c16101bfa13d5a5d3e3a997","sha1":"90bda938fea9303f9c4cbefc18302e614dd42af8","sha256":"76a752f6af267f22dc567f726903203fd05150564d26395e0ae019b5946b1a57","sha512":"de0ccea43468c328299e8edc1445a8e58178c943835a83a911503641055ccd8fcc7025d9535dd9bf6faa4d1984430a39aff34b03b4a10b60c923dfe25561c2f5","ssdeep":"192:s5MdJOqU8g35HilXzTI5dW1RdjgUEqd9qoEhyKNRERAOCEmYGeaIgtcHu6EjBEST:oivU8g35HilXzTRd0UxwoEhZzAXCEm4Q","tlshash":"333207c12351653ee38b98d9d87a04036130da5c781985687b2e6edb3c2bdc5f1b1f71","first_seen":"2025-10-04T18:18:13.146653Z","last_seen":"2026-05-14T23:27:20.506446Z","times_seen":134,"resource_available":false,"data":null}},"time_used":557,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":555,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/7784.2a486dcaaaf47415a095.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/9443.9a77810d7ca6ba92249a.js","date":"2025-10-26T17:23:03.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /7784.2a486dcaaaf47415a095.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/9443.9a77810d7ca6ba92249a.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:23:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=35C31Ou5F9K3zfVHxC6lYW4Adk%2Bb45BVo6akpE%2Fwfwu59KevX6tF2uHRAgDa86iNPqJTQI2aj776XVdPJ59nLq98gDcI6bqeI9pfKOM%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997ac-5268\"\r\nexpires: Mon, 27 Oct 2025 05:23:03 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba3a88ba38be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21096,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20959)","md5":"7dc8152b66709fb680cef0db2612ed8c","sha1":"e74591cf18b30dc6246228a0ee5cbd4895ab40dc","sha256":"83d4b9cca15b21490235040ecd1c9bf691569ec51e5b9757f0799eec8b9765b5","sha512":"ee30fff33646fa2480e06a2f2e9a9c74ba1df396749124839392e5145194fe4b6da4ad936066c2438a65b2f82dbf6e8b5b7e4faa8d4b5d9dd5f849c24c6e9734","ssdeep":"384:FAfpRdH3KLSWInGDrQ+YW5LhoASLv5S8VwktQ0CSRU6f/k5MC6LEmYwt/9RXC6ia:FAfpRdX+DrQ2LhoASLFtQUU63k5MC6Lh","tlshash":"5a92187a56ad05c252ec48e908cb1c9951b8e0233c871d7e9174fdd630f28e7e2ead79","first_seen":"2025-06-07T09:51:34.136663Z","last_seen":"2026-05-14T23:27:20.494423Z","times_seen":217,"resource_available":false,"data":null}},"time_used":576,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":568,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/5905.04b286b6eff2126d05dc.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/9443.9a77810d7ca6ba92249a.js","date":"2025-10-26T17:23:03.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /5905.04b286b6eff2126d05dc.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/9443.9a77810d7ca6ba92249a.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:23:04 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sZ%2FozZR57sJZWGA2tKg5t3ANzE%2FINnlvCPrf2rEqkiWL2Ff5vg%2F7W%2FxXDF5%2FpIm3L42tHBb1g5d78i1z%2BL5Hew8omqIOQzmX9Pa30xQ%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997ac-25e25\"\r\nexpires: Mon, 27 Oct 2025 05:23:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba3ac3c0d8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":155173,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"353bd230c8bed14cd25d2d5c930f4f82","sha1":"bd3987c8fba61d3d5ae0dace22d099553d205db0","sha256":"4db4cb681f199d995ea8613c37d9b1f17238bf9c0f41386a183df6783d468cf9","sha512":"7a0f674bdcabf84df189a21d146c108044ff5e7a56571f1b99de4e8f7ef2142e52c6d463a29d0de1d8374f2aa540c5969ddbd547e455d126eb1cffa1bf2ad3be","ssdeep":"1536:ouG3B/McaUFrnb3wHkgJ4K9pKMwHI/CglGQnAnkY0tfXuYEU3:YlrbBgXGsQkyK","tlshash":"0ce3b682f86424161392a1e654b60749b739f41ca8c540acfb7cfed52dbcd8e36ab734","first_seen":"2025-06-07T09:51:34.132674Z","last_seen":"2026-05-14T23:27:20.505779Z","times_seen":217,"resource_available":false,"data":null}},"time_used":816,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":542,"receive":274,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/9357.bcd54ffd1e0423615e1f.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/9443.9a77810d7ca6ba92249a.js","date":"2025-10-26T17:23:04.554Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /9357.bcd54ffd1e0423615e1f.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/9443.9a77810d7ca6ba92249a.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:23:05 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fOodH5l%2BBAFhew2qQxLGiypXdZlCxLLy29Z%2FE%2FoUw7%2BPE2oPGQpwgVBnx%2F9dN2r2PZFYtyDZynnBFbyQ86SUmf6dlRzcu7G42nLCm1s%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997ac-a7b\"\r\nexpires: Mon, 27 Oct 2025 05:23:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba3b17ce58be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2683,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2629)","md5":"746dc7489995aa53513e584f8991b97d","sha1":"d39086a8a5558a6ccc48109a721e2e4235bf0c8e","sha256":"6ada3e8fc5ac04dc859300cc676e1e325f1ad0118ab36d77e5f2f95a44c51957","sha512":"15781549f71c72ec72044be6abcd4a79a204cf27d138ce5eac213cdf8ae15ea6814a8836a9c6da27765e100d16af63af0341d9531d7428f5219858627de0ed9b","ssdeep":"","tlshash":"5b51ba445a7238795cf386abb09b3b120c6513713819e5421619deaf46b728f5f13f49","first_seen":"2025-10-04T18:18:13.128991Z","last_seen":"2026-05-14T23:27:20.495364Z","times_seen":130,"resource_available":false,"data":null}},"time_used":541,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":541,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/compatTest.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/","date":"2025-10-26T17:22:57.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /compatTest.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:22:57 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Sep 2025 20:16:56 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UjvwhOgtOwwU%2BxijPNH%2BDeeSnMkTF52RFhDnawD62VkIOwIpFYId7n9tmP2jySMxOt5Ypn3vXgchL33SpYPlqYfwiW3yoEpXc7oZIFU%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997b8-b62\"\r\nexpires: Mon, 27 Oct 2025 05:22:57 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba382fd288be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2914,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (413)","md5":"e56b7aaea93e41fa5608aab3653ec69e","sha1":"262982aa7dfdb539070d68e220e0673214d86c47","sha256":"996ed63151d0fbc6f0b7fec827e9ad696a16647bd154c38be4b869c22bf1d9f0","sha512":"a87cd35e857d29ca2058647a66ff46e1eabb130c5549d9d63687dc0753bca17ac3ee4ccee491fde966e00fd87f9669a31ff6384b91e480e82c3b93f49a978992","ssdeep":"","tlshash":"4c51162a4cb5327150796167eb0fb14376298577060ce76ca120cf387eb185b825fee9","first_seen":"2025-04-25T09:53:23.698524Z","last_seen":"2026-05-13T06:53:17.70176Z","times_seen":306,"resource_available":true,"data":null}},"time_used":565,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":565,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/9443.9a77810d7ca6ba92249a.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/","date":"2025-10-26T17:23:02.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /9443.9a77810d7ca6ba92249a.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:23:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FNnxnzfS3cUMTbRbe2lbBntp83FGWd17H%2FAegRz%2FTy3PO117%2Bq7Of2q07LbOJ3VwhFTKnWXUIYEJn1Gcohvi%2FoAjVJ9LB7KjTN0zpGQ%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997ac-2cf8\"\r\nexpires: Mon, 27 Oct 2025 05:23:02 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba3a4fad48be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11512,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (11458)","md5":"9c29f3f04c16101bfa13d5a5d3e3a997","sha1":"90bda938fea9303f9c4cbefc18302e614dd42af8","sha256":"76a752f6af267f22dc567f726903203fd05150564d26395e0ae019b5946b1a57","sha512":"de0ccea43468c328299e8edc1445a8e58178c943835a83a911503641055ccd8fcc7025d9535dd9bf6faa4d1984430a39aff34b03b4a10b60c923dfe25561c2f5","ssdeep":"192:s5MdJOqU8g35HilXzTI5dW1RdjgUEqd9qoEhyKNRERAOCEmYGeaIgtcHu6EjBEST:oivU8g35HilXzTRd0UxwoEhZzAXCEm4Q","tlshash":"333207c12351653ee38b98d9d87a04036130da5c781985687b2e6edb3c2bdc5f1b1f71","first_seen":"2025-10-04T18:18:13.146653Z","last_seen":"2026-05-14T23:27:20.506446Z","times_seen":134,"resource_available":false,"data":null}},"time_used":547,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":545,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/5905.04b286b6eff2126d05dc.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/9443.9a77810d7ca6ba92249a.js","date":"2025-10-26T17:23:03.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /5905.04b286b6eff2126d05dc.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/9443.9a77810d7ca6ba92249a.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:23:04 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DLFj067XqjrCi2nph4xV0vHnv2U7cOjpgoVsboe4929omUphGBE%2BMCmu79dy1W7hsmsZ6GMlajwRkKUJv8JsIGJJnM3qQ3LNIjlU2KE%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997ac-25e25\"\r\nexpires: Mon, 27 Oct 2025 05:23:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba3ac3c078be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":155173,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"353bd230c8bed14cd25d2d5c930f4f82","sha1":"bd3987c8fba61d3d5ae0dace22d099553d205db0","sha256":"4db4cb681f199d995ea8613c37d9b1f17238bf9c0f41386a183df6783d468cf9","sha512":"7a0f674bdcabf84df189a21d146c108044ff5e7a56571f1b99de4e8f7ef2142e52c6d463a29d0de1d8374f2aa540c5969ddbd547e455d126eb1cffa1bf2ad3be","ssdeep":"1536:ouG3B/McaUFrnb3wHkgJ4K9pKMwHI/CglGQnAnkY0tfXuYEU3:YlrbBgXGsQkyK","tlshash":"0ce3b682f86424161392a1e654b60749b739f41ca8c540acfb7cfed52dbcd8e36ab734","first_seen":"2025-06-07T09:51:34.132674Z","last_seen":"2026-05-14T23:27:20.505779Z","times_seen":217,"resource_available":false,"data":null}},"time_used":822,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":547,"receive":275,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/5905.04b286b6eff2126d05dc.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/9443.9a77810d7ca6ba92249a.js","date":"2025-10-26T17:23:03.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /5905.04b286b6eff2126d05dc.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/9443.9a77810d7ca6ba92249a.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:23:04 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TGzXDj7hf3cCUfc0sibWWjB2TSmqx9U0hb8n9opfwi91dTP9GLZsVgEWifujes7fXym1gCmCB5ahIFurXqPnFIzmyD%2FXjQi6IFvpe0s%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997ac-25e25\"\r\nexpires: Mon, 27 Oct 2025 05:23:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba3ac3c098be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":155173,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"353bd230c8bed14cd25d2d5c930f4f82","sha1":"bd3987c8fba61d3d5ae0dace22d099553d205db0","sha256":"4db4cb681f199d995ea8613c37d9b1f17238bf9c0f41386a183df6783d468cf9","sha512":"7a0f674bdcabf84df189a21d146c108044ff5e7a56571f1b99de4e8f7ef2142e52c6d463a29d0de1d8374f2aa540c5969ddbd547e455d126eb1cffa1bf2ad3be","ssdeep":"1536:ouG3B/McaUFrnb3wHkgJ4K9pKMwHI/CglGQnAnkY0tfXuYEU3:YlrbBgXGsQkyK","tlshash":"0ce3b682f86424161392a1e654b60749b739f41ca8c540acfb7cfed52dbcd8e36ab734","first_seen":"2025-06-07T09:51:34.132674Z","last_seen":"2026-05-14T23:27:20.505779Z","times_seen":217,"resource_available":false,"data":null}},"time_used":821,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":547,"receive":274,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://taviron.click/","date":"2025-10-26T17:22:58.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2 HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/main.c2527ac16c33f0e1edc5.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:22:59 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 11016\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l7z958ybqik0TwtAA%2BdHTSgJAIiRyFBQ8Z1pw9GbxpsZCTuveoG0BoTZDJUSzxIL3AJbrfJYcGr8MHqjurUjf4Q4A4ynxG%2BPsoTQDac%3D\"}]}\r\netag: \"68d997ac-2b08\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\ncf-ray: 994ba38e8f248be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11016,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11016, version 1.0","md5":"15fa3062f8929bd3b05fdca5259db412","sha1":"6ff06a34f68ad0324ddec1bbe4d453c959178b36","sha256":"5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479","sha512":"07e96d7520b4ede158e77bef10a01a33cd8be7d263fe6900f89c023e65e4a63570e8a442dec2e96030fb563b25610005a748d48f9330fd31eb91b37d1003d376","ssdeep":"192:Tysuo7z1NVoTUYAKVOO7YVxRwHQUXFI5xoBwH9f4d9QFmOfiS:TvdvVoTSjOYR4QUVIgBwpFLaS","tlshash":"6e32af8071ff1c50ff85c2f69be68efa2c2b1895c619016f5240b476397525e9c294bb","first_seen":"2023-04-05T09:25:54Z","last_seen":"2026-05-26T14:25:38.488474Z","times_seen":33733,"resource_available":false,"data":null}},"time_used":564,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":561,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/notification.mp3","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://taviron.click/","date":"2025-10-26T17:22:58.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /notification.mp3 HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 Partial Content\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:22:59 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 10880\r\nlast-modified: Sun, 28 Sep 2025 20:16:56 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u34QB8%2FgUchPK9K5Ud5q44lQTicyE5P%2BBSslzdskCjRLJCteDUB5nWujKAK0RZxMOKM5Bk5gy6UbZP7HTS8mPb8CDLhuBDVHUl1R%2Bwk%3D\"}]}\r\netag: \"68d997b8-2a80\"\r\naccept-ranges: bytes\r\ncontent-range: bytes 0-10879/10880\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\ncf-ray: 994ba38eaf278be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10880,"size_decoded":0,"mime_type":"audio/mpeg","magic":"Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo","md5":"eba09b6a457792c52fc610b5f9f974b3","sha1":"95e6e0f7648e28ea21bc434054ea59aba3a35aea","sha256":"86093551f5a7f68c7dcac947bd8dc54c6a79dd9a5d83f7e40116d640eb28c7d6","sha512":"9dfc5ff830c9ed75c9923528c31e1361fa36500d76a209cd475984e5585a644c8aff1600bf02a658ef363436a51988ff1e63aa7606e541dc4a7b3449c5be4852","ssdeep":"192:RuQQeX7rYX/WUUIk8DLh+2BHpZqlXCYP69tuORf6tVQRa/nwNQBv5JC:RRYeUUEDLk2VClyaV0aZ5g","tlshash":"37226b18af11056ef4866bf0b3939b8dc42d26c37a26d4cdd3a5d7e369430e2a7d500d","first_seen":"2023-05-16T22:57:55Z","last_seen":"2026-05-26T06:27:48.37927Z","times_seen":16673,"resource_available":false,"data":null}},"time_used":561,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":559,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/rlottie-wasm.f013598f1b2ba719f25e.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/9443.9a77810d7ca6ba92249a.js","date":"2025-10-26T17:23:05.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /rlottie-wasm.f013598f1b2ba719f25e.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/9443.9a77810d7ca6ba92249a.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:23:05 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vlb351nQ%2FGSuXi8vododHtXso4%2BPu1lvNsk50DBZIkE7ct5yPzXwvcuw7fJnrU8r%2F6j33%2B8Xduvzj%2FIRlIC1hj2j2Q7uTbCzlNFuNe8%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997ac-10037\"\r\nexpires: Mon, 27 Oct 2025 05:23:05 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba3b4ed878be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65591,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4441938ee433d3657c20d454d352a336","sha1":"dd67121d7fda7c17be196f60c72dfa06bcb5bc6f","sha256":"659bf63501a8054ef0eedda3dec466dbc1e9a1b2c4d5d59a285b005215e16679","sha512":"f90da6f2003442e547813d62f44e22e688f637616dd7f7f33c81e73d05a3a3de39947c0a8f580002cc96a716caecc4bcd988644ad78b01ae2e9a9792c726604e","ssdeep":"768:O6T4cK2yQ6eO1P2WgcdxazvszXIgBB1ARna76Ae/FqsSwYxRrqhlr3NqR:m1Q6eO4+IUzXXsjvi1alrcR","tlshash":"6153e88535d9b0ab42837878946f310bf2ab6d52641c8410db1dd4dabcb4e49e63ffe8","first_seen":"2024-05-16T20:37:02Z","last_seen":"2026-05-26T00:02:54.910524Z","times_seen":15070,"resource_available":true,"data":null}},"time_used":833,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":559,"receive":274,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-26T17:22:56.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 26 Oct 2025 17:22:56 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Sat, 11 Oct 2025 06:05:01 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nSjSAEs5V%2FXKIe8Ltnd5V8g8OE9mOt7uK0ojveh0RmlaF4iuW7dkHfJjFrfgknxT9uuNybqxurdSLcwV5Wkfpsi%2B3Peq1daASETW\"}]}\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=15552000; preload\r\ncontent-encoding: br\r\ncf-ray: 994ba37e68d90b61-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1604,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"a1aefdf0c55016bc3946b8be7badcf78","sha1":"6a39f33fccb0254c1c3764913e1bcd79ae839e61","sha256":"196c097a9a869b37f709498e7f0903acf1134108e10b3cc49add96a7da834470","sha512":"46ea9cb0364760aa731c58806bb97710b34cbe8fa4f3cd936f8f19cb84d66ad9da5a0d6a063052abff6b7704a11dd123773b879bceec4ebf6a61b9d0e6ca767f","ssdeep":"","tlshash":"24319563dc59440d2221831ae9f9f149566aed1b699ca480b1dd934b8fc4fd850c3cec","first_seen":"2025-10-11T16:04:50.293836Z","last_seen":"2025-12-02T00:16:31.889946Z","times_seen":28,"resource_available":false,"data":null}},"time_used":643,"timings":{"blocked":37,"dns":14,"connect":1,"send":0,"wait":570,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/7784.2a486dcaaaf47415a095.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/9443.9a77810d7ca6ba92249a.js","date":"2025-10-26T17:23:03.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /7784.2a486dcaaaf47415a095.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/9443.9a77810d7ca6ba92249a.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:23:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WzXkNK5%2BN4xjo8e7Fk8PSBozIzUgZyQMg3jwZrp%2BkfDjXT79K%2Fi9DYbeIhFKH5bT4HU6CXNCT1eVgTaZLM1IUK7FQa7NTBvKtV3A380%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997ac-5268\"\r\nexpires: Mon, 27 Oct 2025 05:23:03 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba3a89ba68be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21096,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20959)","md5":"7dc8152b66709fb680cef0db2612ed8c","sha1":"e74591cf18b30dc6246228a0ee5cbd4895ab40dc","sha256":"83d4b9cca15b21490235040ecd1c9bf691569ec51e5b9757f0799eec8b9765b5","sha512":"ee30fff33646fa2480e06a2f2e9a9c74ba1df396749124839392e5145194fe4b6da4ad936066c2438a65b2f82dbf6e8b5b7e4faa8d4b5d9dd5f849c24c6e9734","ssdeep":"384:FAfpRdH3KLSWInGDrQ+YW5LhoASLv5S8VwktQ0CSRU6f/k5MC6LEmYwt/9RXC6ia:FAfpRdX+DrQ2LhoASLFtQUU63k5MC6Lh","tlshash":"5a92187a56ad05c252ec48e908cb1c9951b8e0233c871d7e9174fdd630f28e7e2ead79","first_seen":"2025-06-07T09:51:34.136663Z","last_seen":"2026-05-14T23:27:20.494423Z","times_seen":217,"resource_available":false,"data":null}},"time_used":569,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":562,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/main.ad7daceb20639047fac8.js?t=2","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/","date":"2025-10-26T17:22:57.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /main.ad7daceb20639047fac8.js?t=2 HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:22:57 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 12 Oct 2025 08:26:52 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QaghN5oyzd50Qu%2FFPuGEdHEH3qvHGPXWqAH1xBHwXy0L%2FOD5rFrElosQqH0P7u68rtPVS2ymQmyuRp0T0jpv9LDJ28Sg%2F%2B9RB9JRrtQ%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68eb664c-e3fd4\"\r\nexpires: Mon, 27 Oct 2025 05:22:57 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba382fd268be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":933844,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (679)","md5":"74781a4d96821b3df36957bb03e52830","sha1":"e69c2de8f2ea09459a053ea0f08ba5be952a3462","sha256":"1549fa4f6faf945f46afe4893ff7eeb1ed82aa8f84b2e53044789201f72ed978","sha512":"d747cfc1d8e572c8200293b6f486eb621a1393c5f3e92370c7266b08ec96e2074a2462697356182fbb3f86dc90b51d9e3cb5d97bccb000aaa1899d383c33cece","ssdeep":"6144:EwMdkD/FR2BKG8U+fpB/mcjEr7SjIpRFjcXyIcAmhTCZGfnjrDPIPXvNijY0:tF0lyKLSI2U9","tlshash":"ec15634672f231394207f0795a5fcd1972356a0b2a88ec593a4ca2511f8a57cebf6fcc","first_seen":"2025-10-12T15:17:32.26127Z","last_seen":"2025-12-02T00:16:31.879794Z","times_seen":29,"resource_available":true,"data":null}},"time_used":1692,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":567,"receive":1125,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/9357.bcd54ffd1e0423615e1f.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/9443.9a77810d7ca6ba92249a.js","date":"2025-10-26T17:23:04.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /9357.bcd54ffd1e0423615e1f.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/9443.9a77810d7ca6ba92249a.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:23:05 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DH5oOhLSQkMZpR8WBqqKERUWQNUnvNUy9eGguUwyeiEKGDLcWNgEqBt2xtVug9twuaela3TiyALkQ0BVAUVzRQIry1ezEncgclARIZ4%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997ac-a7b\"\r\nexpires: Mon, 27 Oct 2025 05:23:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba3b16cdf8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2683,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2629)","md5":"746dc7489995aa53513e584f8991b97d","sha1":"d39086a8a5558a6ccc48109a721e2e4235bf0c8e","sha256":"6ada3e8fc5ac04dc859300cc676e1e325f1ad0118ab36d77e5f2f95a44c51957","sha512":"15781549f71c72ec72044be6abcd4a79a204cf27d138ce5eac213cdf8ae15ea6814a8836a9c6da27765e100d16af63af0341d9531d7428f5219858627de0ed9b","ssdeep":"","tlshash":"5b51ba445a7238795cf386abb09b3b120c6513713819e5421619deaf46b728f5f13f49","first_seen":"2025-10-04T18:18:13.128991Z","last_seen":"2026-05-14T23:27:20.495364Z","times_seen":130,"resource_available":false,"data":null}},"time_used":547,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":547,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/rlottie-wasm.f013598f1b2ba719f25e.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/9443.9a77810d7ca6ba92249a.js","date":"2025-10-26T17:23:05.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /rlottie-wasm.f013598f1b2ba719f25e.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/9443.9a77810d7ca6ba92249a.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:23:05 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xxa9ca33mW2NurYdZSA0RDIN6EP%2FfBV1aF3fZhomlfGtTFj4Sa85g1LNIObZQyLUrpnUXE6FSRHzgrImGQQK3G6L8B%2Bgykjs4H4mQlw%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997ac-10037\"\r\nexpires: Mon, 27 Oct 2025 05:23:05 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba3b4ed888be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65591,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4441938ee433d3657c20d454d352a336","sha1":"dd67121d7fda7c17be196f60c72dfa06bcb5bc6f","sha256":"659bf63501a8054ef0eedda3dec466dbc1e9a1b2c4d5d59a285b005215e16679","sha512":"f90da6f2003442e547813d62f44e22e688f637616dd7f7f33c81e73d05a3a3de39947c0a8f580002cc96a716caecc4bcd988644ad78b01ae2e9a9792c726604e","ssdeep":"768:O6T4cK2yQ6eO1P2WgcdxazvszXIgBB1ARna76Ae/FqsSwYxRrqhlr3NqR:m1Q6eO4+IUzXXsjvi1alrcR","tlshash":"6153e88535d9b0ab42837878946f310bf2ab6d52641c8410db1dd4dabcb4e49e63ffe8","first_seen":"2024-05-16T20:37:02Z","last_seen":"2026-05-26T00:02:54.910524Z","times_seen":15070,"resource_available":true,"data":null}},"time_used":832,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":559,"receive":273,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/9443.9a77810d7ca6ba92249a.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/","date":"2025-10-26T17:23:02.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /9443.9a77810d7ca6ba92249a.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:23:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sOOmNaAifk%2F4fevfN3ga7XM5W60WYFcoifv7RvMPA3xn4HYuFjJ8eSM79GFjL%2BgWSa%2Bs8Iil7bvFPP%2B6E0tUVWDNx9%2BWxMFSwxfjETE%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997ac-2cf8\"\r\nexpires: Mon, 27 Oct 2025 05:23:02 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba3a4ead08be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11512,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (11458)","md5":"9c29f3f04c16101bfa13d5a5d3e3a997","sha1":"90bda938fea9303f9c4cbefc18302e614dd42af8","sha256":"76a752f6af267f22dc567f726903203fd05150564d26395e0ae019b5946b1a57","sha512":"de0ccea43468c328299e8edc1445a8e58178c943835a83a911503641055ccd8fcc7025d9535dd9bf6faa4d1984430a39aff34b03b4a10b60c923dfe25561c2f5","ssdeep":"192:s5MdJOqU8g35HilXzTI5dW1RdjgUEqd9qoEhyKNRERAOCEmYGeaIgtcHu6EjBEST:oivU8g35HilXzTRd0UxwoEhZzAXCEm4Q","tlshash":"333207c12351653ee38b98d9d87a04036130da5c781985687b2e6edb3c2bdc5f1b1f71","first_seen":"2025-10-04T18:18:13.146653Z","last_seen":"2026-05-14T23:27:20.506446Z","times_seen":134,"resource_available":false,"data":null}},"time_used":562,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":560,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/9357.bcd54ffd1e0423615e1f.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/9443.9a77810d7ca6ba92249a.js","date":"2025-10-26T17:23:04.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /9357.bcd54ffd1e0423615e1f.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/9443.9a77810d7ca6ba92249a.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:23:05 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PINfVzTjMZbFrU%2F8iXgvnbA5awI%2FnP7c1%2FpmDKsPz5ErcM9dnQFcTnAXZoK31JveLJE6JMNF9FXoRmuPwEUYQFmOsfh95nJAUhGGSFQ%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997ac-a7b\"\r\nexpires: Mon, 27 Oct 2025 05:23:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba3b17ce38be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2683,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2629)","md5":"746dc7489995aa53513e584f8991b97d","sha1":"d39086a8a5558a6ccc48109a721e2e4235bf0c8e","sha256":"6ada3e8fc5ac04dc859300cc676e1e325f1ad0118ab36d77e5f2f95a44c51957","sha512":"15781549f71c72ec72044be6abcd4a79a204cf27d138ce5eac213cdf8ae15ea6814a8836a9c6da27765e100d16af63af0341d9531d7428f5219858627de0ed9b","ssdeep":"","tlshash":"5b51ba445a7238795cf386abb09b3b120c6513713819e5421619deaf46b728f5f13f49","first_seen":"2025-10-04T18:18:13.128991Z","last_seen":"2026-05-14T23:27:20.495364Z","times_seen":130,"resource_available":false,"data":null}},"time_used":542,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":542,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/rlottie-wasm.f013598f1b2ba719f25e.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/9443.9a77810d7ca6ba92249a.js","date":"2025-10-26T17:23:05.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /rlottie-wasm.f013598f1b2ba719f25e.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/9443.9a77810d7ca6ba92249a.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:23:05 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Wj5vZEooZ0IGZSM4nR2kjo40Tm8Lt%2B5%2Fsa855s3hvwmCeeQSnVKwnOonN9lP4o0GZhZMGUxElZX5Om83A68aML3dqwSjanunNXuLMzI%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997ac-10037\"\r\nexpires: Mon, 27 Oct 2025 05:23:05 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba3b4fd8b8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65591,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4441938ee433d3657c20d454d352a336","sha1":"dd67121d7fda7c17be196f60c72dfa06bcb5bc6f","sha256":"659bf63501a8054ef0eedda3dec466dbc1e9a1b2c4d5d59a285b005215e16679","sha512":"f90da6f2003442e547813d62f44e22e688f637616dd7f7f33c81e73d05a3a3de39947c0a8f580002cc96a716caecc4bcd988644ad78b01ae2e9a9792c726604e","ssdeep":"768:O6T4cK2yQ6eO1P2WgcdxazvszXIgBB1ARna76Ae/FqsSwYxRrqhlr3NqR:m1Q6eO4+IUzXXsjvi1alrcR","tlshash":"6153e88535d9b0ab42837878946f310bf2ab6d52641c8410db1dd4dabcb4e49e63ffe8","first_seen":"2024-05-16T20:37:02Z","last_seen":"2026-05-26T00:02:54.910524Z","times_seen":15070,"resource_available":true,"data":null}},"time_used":827,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":553,"receive":274,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/redirect.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/","date":"2025-10-26T17:22:57.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /redirect.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:22:57 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Sun, 28 Sep 2025 20:16:56 GMT\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 27 Oct 2025 05:22:57 GMT\r\ncache-control: max-age=43200\r\netag: W/\"68d997b8-145\"\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bFVDxO8byjY1wlA%2BqyE1KZpobtlqaB%2B%2FoKlXNMbOIzdr49J3dp6ZQ38AbqbINhFlNbYpansHgpXQN0KC9ctu%2FI7rmSbG0%2BrFUWysa%2BI%3D\"}]}\r\nstrict-transport-security: max-age=15552000; preload\r\nx-content-type-options: nosniff\r\ncf-ray: 994ba382fd258be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":325,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"17773b57b87a678c98e26a7cac72df6c","sha1":"7422857aa75ee81cabcec2eed6c4a6168f363ee1","sha256":"375141f2d3f04c733276dbff5d9208ff36b2db6a64abcee723179ac24797974f","sha512":"28d9e1c2af08154e653e2291db46f4110edbf9f5591192f8d695c8852f9c3c755d69dfb5a032a45f51e0a3fc9417f16c20d0772b1225ca9b85e5531e12fa8bfc","ssdeep":"","tlshash":"e8e07dda0279030417e013f36d82b4709137c2fb604c5d028d984321a1b9b4f5b7b84f","first_seen":"2023-07-27T09:32:34Z","last_seen":"2026-05-26T06:27:48.381415Z","times_seen":11450,"resource_available":true,"data":null}},"time_used":567,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":567,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/6708.3f91e6e80ce12129988d.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/","date":"2025-10-26T17:23:01.967Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /6708.3f91e6e80ce12129988d.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:23:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cXxBE94S0AOYCpRBJZyvg8Vr9YBlkjhByj49i0Huvx1Hc9eOg%2FrWrpDcMXAwoxHC1nd4s9edlOJZvKfzRL%2BAKJxtr7o%2Fwd7a%2FNN4nRA%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997ac-2415\"\r\nexpires: Mon, 27 Oct 2025 05:23:02 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba3a14a428be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9237,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9183)","md5":"2cb3499e04194c102a58ed4edfe17402","sha1":"a8f4fdbde9e3519ba5b6cb861bbecef064a7784a","sha256":"69d0fcea5d2dfea7462f348ce2fdb7556deb739890017b3a9d8c61e74ae50aa9","sha512":"147f233a3a236da4cb8bc7740eecf108e14d4316c01f22850a50e2ba9150395c9bab533c28bed7908d9f50c10f2d8686edd280904c37c230ad50ea43843a00bc","ssdeep":"192:KIC6cWQ5hVT1/pammBj+hpYUTaI+ndqK+/GtsV17t1IYZ1W:KIzcWKVTPSZ+TYU27nYK+3fR1IYZ1W","tlshash":"8312da56a131747e62a694d6e2140b027a36d0587c09a2bdf73c7cfb2c9680a35bcf78","first_seen":"2025-08-09T12:19:04.058547Z","last_seen":"2026-05-14T23:27:20.493703Z","times_seen":146,"resource_available":true,"data":null}},"time_used":561,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":561,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/9443.9a77810d7ca6ba92249a.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/","date":"2025-10-26T17:23:02.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /9443.9a77810d7ca6ba92249a.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:23:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fLoTlhF6fBnwpsjrvWAcKhAUf9Vi%2FI7%2BXwUN3dVBMZmeWSKwEj9LdfQEJYbDjsBkEXGRrDO5o291VxV1wvrF2TXqmtflpgH4D3fpUeo%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997ac-2cf8\"\r\nexpires: Mon, 27 Oct 2025 05:23:02 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba3a4fad38be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11512,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (11458)","md5":"9c29f3f04c16101bfa13d5a5d3e3a997","sha1":"90bda938fea9303f9c4cbefc18302e614dd42af8","sha256":"76a752f6af267f22dc567f726903203fd05150564d26395e0ae019b5946b1a57","sha512":"de0ccea43468c328299e8edc1445a8e58178c943835a83a911503641055ccd8fcc7025d9535dd9bf6faa4d1984430a39aff34b03b4a10b60c923dfe25561c2f5","ssdeep":"192:s5MdJOqU8g35HilXzTI5dW1RdjgUEqd9qoEhyKNRERAOCEmYGeaIgtcHu6EjBEST:oivU8g35HilXzTRd0UxwoEhZzAXCEm4Q","tlshash":"333207c12351653ee38b98d9d87a04036130da5c781985687b2e6edb3c2bdc5f1b1f71","first_seen":"2025-10-04T18:18:13.146653Z","last_seen":"2026-05-14T23:27:20.506446Z","times_seen":134,"resource_available":false,"data":null}},"time_used":549,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":548,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/7784.2a486dcaaaf47415a095.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/9443.9a77810d7ca6ba92249a.js","date":"2025-10-26T17:23:03.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /7784.2a486dcaaaf47415a095.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/9443.9a77810d7ca6ba92249a.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:23:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XKGo%2BT4HMSoI7u484x7f0EgnWqG25xZ6yS3sg9L%2F78%2BeVarbX8%2F6OkCa2KukIkEYAUz7o7di6G5dVwGj7RyG1cVJwkpOjoZs6Y615dw%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997ac-5268\"\r\nexpires: Mon, 27 Oct 2025 05:23:03 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba3a88ba48be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21096,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20959)","md5":"7dc8152b66709fb680cef0db2612ed8c","sha1":"e74591cf18b30dc6246228a0ee5cbd4895ab40dc","sha256":"83d4b9cca15b21490235040ecd1c9bf691569ec51e5b9757f0799eec8b9765b5","sha512":"ee30fff33646fa2480e06a2f2e9a9c74ba1df396749124839392e5145194fe4b6da4ad936066c2438a65b2f82dbf6e8b5b7e4faa8d4b5d9dd5f849c24c6e9734","ssdeep":"384:FAfpRdH3KLSWInGDrQ+YW5LhoASLv5S8VwktQ0CSRU6f/k5MC6LEmYwt/9RXC6ia:FAfpRdX+DrQ2LhoASLFtQUU63k5MC6Lh","tlshash":"5a92187a56ad05c252ec48e908cb1c9951b8e0233c871d7e9174fdd630f28e7e2ead79","first_seen":"2025-06-07T09:51:34.136663Z","last_seen":"2026-05-14T23:27:20.494423Z","times_seen":217,"resource_available":false,"data":null}},"time_used":575,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":567,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/5905.04b286b6eff2126d05dc.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/9443.9a77810d7ca6ba92249a.js","date":"2025-10-26T17:23:03.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /5905.04b286b6eff2126d05dc.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/9443.9a77810d7ca6ba92249a.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:23:04 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=If06yJSEj5%2BKHbJ12eyeI%2F6Oud6YhgU%2FU%2B3P63T5aObXgWVIOPDIju5dIVKbi%2Fm8L93WkE71l9Gh7uW1h90pNQoWgpWj3zW0QaH%2FL%2Bo%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997ac-25e25\"\r\nexpires: Mon, 27 Oct 2025 05:23:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba3ac3c0b8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":155173,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"353bd230c8bed14cd25d2d5c930f4f82","sha1":"bd3987c8fba61d3d5ae0dace22d099553d205db0","sha256":"4db4cb681f199d995ea8613c37d9b1f17238bf9c0f41386a183df6783d468cf9","sha512":"7a0f674bdcabf84df189a21d146c108044ff5e7a56571f1b99de4e8f7ef2142e52c6d463a29d0de1d8374f2aa540c5969ddbd547e455d126eb1cffa1bf2ad3be","ssdeep":"1536:ouG3B/McaUFrnb3wHkgJ4K9pKMwHI/CglGQnAnkY0tfXuYEU3:YlrbBgXGsQkyK","tlshash":"0ce3b682f86424161392a1e654b60749b739f41ca8c540acfb7cfed52dbcd8e36ab734","first_seen":"2025-06-07T09:51:34.132674Z","last_seen":"2026-05-14T23:27:20.505779Z","times_seen":217,"resource_available":false,"data":null}},"time_used":820,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":545,"receive":275,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/favicon.ico","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://taviron.click/","date":"2025-10-26T17:22:59.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:22:59 GMT\r\ncontent-type: image/x-icon\r\nvary: accept-encoding\r\nlast-modified: Sun, 28 Sep 2025 20:16:56 GMT\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"68d997b8-969\"\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0Jo%2FxXgUeHT02ZhUfqb0ygmsPe2zbGrKgXhm8WHIaPexpd9a6OB5%2BLrNlFVsjH7PimG55az9Sfw5S%2BL4ky66NK9BTJzCoREuPn6IQpA%3D\"}]}\r\nstrict-transport-security: max-age=15552000; preload\r\nx-content-type-options: nosniff\r\ncf-ray: 994ba38fef538be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2409,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 32x32 with PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 48x48 with \n- PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced, 32 bits/pixel","md5":"1635ed0e8715c40d4bed875b7494a93a","sha1":"ca2c72821b30194b9b6daf9c8c0ce1723fe54614","sha256":"504b4621e486970f8c1721d5297561c9f33296f516c83fbb33a0ff3f4f7c1357","sha512":"f710268687fcd3da9bd9ffee9cbf166d21598cab5ff1172c510fd478f57300af7112f35132ba345a2242b65ff53cde9de6ebf0f1ea8cf7f5fce17c832a5a85d8","ssdeep":"","tlshash":"9c413ae3663eb676c5f6a6660c4f01002c1f80d4759aab3c364ae0f68c4316a0ae4a23","first_seen":"2023-06-20T23:38:38Z","last_seen":"2026-05-26T03:57:25.816892Z","times_seen":2238,"resource_available":false,"data":null}},"time_used":556,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":556,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/7784.2a486dcaaaf47415a095.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/9443.9a77810d7ca6ba92249a.js","date":"2025-10-26T17:23:03.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /7784.2a486dcaaaf47415a095.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/9443.9a77810d7ca6ba92249a.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:23:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E1n4oz4g2Ls2ted3ZPFJmX8liAcyxYAEsEJ3ED4qznnCwFSQKHbCCENPhIUAQhcCJX3NEf5sBOCqVkPpPK6aamq0DG7X%2FPAESdC2%2Btg%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997ac-5268\"\r\nexpires: Mon, 27 Oct 2025 05:23:03 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba3a88ba58be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21096,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20959)","md5":"7dc8152b66709fb680cef0db2612ed8c","sha1":"e74591cf18b30dc6246228a0ee5cbd4895ab40dc","sha256":"83d4b9cca15b21490235040ecd1c9bf691569ec51e5b9757f0799eec8b9765b5","sha512":"ee30fff33646fa2480e06a2f2e9a9c74ba1df396749124839392e5145194fe4b6da4ad936066c2438a65b2f82dbf6e8b5b7e4faa8d4b5d9dd5f849c24c6e9734","ssdeep":"384:FAfpRdH3KLSWInGDrQ+YW5LhoASLv5S8VwktQ0CSRU6f/k5MC6LEmYwt/9RXC6ia:FAfpRdX+DrQ2LhoASLFtQUU63k5MC6Lh","tlshash":"5a92187a56ad05c252ec48e908cb1c9951b8e0233c871d7e9174fdd630f28e7e2ead79","first_seen":"2025-06-07T09:51:34.136663Z","last_seen":"2026-05-14T23:27:20.494423Z","times_seen":217,"resource_available":false,"data":null}},"time_used":574,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":567,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/9357.bcd54ffd1e0423615e1f.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/9443.9a77810d7ca6ba92249a.js","date":"2025-10-26T17:23:04.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /9357.bcd54ffd1e0423615e1f.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/9443.9a77810d7ca6ba92249a.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:23:05 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Uq6Ck2WP3kKskexrpR32rBihRCNoHCR5hD%2BsNbaVjtnKhteU4xBXGbcC4%2FX5AyVgJ7HdEl7Fm5TPniUFgPn5jdqHhH5rimrbFtF6KLo%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997ac-a7b\"\r\nexpires: Mon, 27 Oct 2025 05:23:04 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba3b16ce28be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2683,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2629)","md5":"746dc7489995aa53513e584f8991b97d","sha1":"d39086a8a5558a6ccc48109a721e2e4235bf0c8e","sha256":"6ada3e8fc5ac04dc859300cc676e1e325f1ad0118ab36d77e5f2f95a44c51957","sha512":"15781549f71c72ec72044be6abcd4a79a204cf27d138ce5eac213cdf8ae15ea6814a8836a9c6da27765e100d16af63af0341d9531d7428f5219858627de0ed9b","ssdeep":"","tlshash":"5b51ba445a7238795cf386abb09b3b120c6513713819e5421619deaf46b728f5f13f49","first_seen":"2025-10-04T18:18:13.128991Z","last_seen":"2026-05-14T23:27:20.495364Z","times_seen":130,"resource_available":false,"data":null}},"time_used":545,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":545,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"taviron.click/rlottie-wasm.f013598f1b2ba719f25e.js","fqdn":"taviron.click","domain":"taviron.click","tld":"click"},"ip":{"addr":"172.67.136.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://taviron.click/9443.9a77810d7ca6ba92249a.js","date":"2025-10-26T17:23:05.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taviron.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Oct 2025 15:35:37 GMT","end":"Sat, 17 Jan 2026 16:34:10 GMT"},"fingerprint":{"sha1":"84:E5:0C:A5:44:3F:56:2E:B5:EB:7B:8F:E1:F1:7C:8F:63:A5:E9:98","sha256":"43:01:DF:48:EA:0C:24:8E:8D:4A:D4:54:69:30:DA:08:DF:C4:B6:95:11:17:47:AF:C2:9D:6F:1D:BB:1B:5F:03"}}},"request":{"raw":"GET /rlottie-wasm.f013598f1b2ba719f25e.js HTTP/1.1\r\nHost: taviron.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://taviron.click/9443.9a77810d7ca6ba92249a.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 26 Oct 2025 17:23:05 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Sep 2025 20:16:44 GMT\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wSsRkLqyz36psiaO4bMcBcpdB2pGZ0eGBidYK2P8G%2B1ZBEcKXBPcbTI%2BGalZjUr%2FjMeuyIwUSlpSLilm6BJX8UhabbaMrJiOBuUBgms%3D\"}]}\r\nvary: Accept-Encoding\r\netag: W/\"68d997ac-10037\"\r\nexpires: Mon, 27 Oct 2025 05:23:05 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\ncf-ray: 994ba3b4fd8a8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65591,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4441938ee433d3657c20d454d352a336","sha1":"dd67121d7fda7c17be196f60c72dfa06bcb5bc6f","sha256":"659bf63501a8054ef0eedda3dec466dbc1e9a1b2c4d5d59a285b005215e16679","sha512":"f90da6f2003442e547813d62f44e22e688f637616dd7f7f33c81e73d05a3a3de39947c0a8f580002cc96a716caecc4bcd988644ad78b01ae2e9a9792c726604e","ssdeep":"768:O6T4cK2yQ6eO1P2WgcdxazvszXIgBB1ARna76Ae/FqsSwYxRrqhlr3NqR:m1Q6eO4+IUzXXsjvi1alrcR","tlshash":"6153e88535d9b0ab42837878946f310bf2ab6d52641c8410db1dd4dabcb4e49e63ffe8","first_seen":"2024-05-16T20:37:02Z","last_seen":"2026-05-26T00:02:54.910524Z","times_seen":15070,"resource_available":true,"data":null}},"time_used":827,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":553,"receive":274,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-26","alert":"Phishing Block","trigger":"taviron.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"taviron.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}