{"report_id":"cd721aa6-8109-4055-98aa-1bb041880d43","version":6,"status":"done","tags":[],"date":"2025-12-06T13:51:39Z","url":{"schema":"http","addr":"leioolei.com/cjatl3k.php?key=4q5gijhgk79c4tiaajst\u0026visitor_id=1021167968324694017\u0026cost=0.001400\u0026zoneid=8565156\u0026campaignid=10181525\u0026device=iphone\u0026browser=chrome\u0026os=ios\u0026osversion=ios26\u0026country=BD\u0026language=bn\u0026isp=rongdhonuonline\u0026user_activity=low","fqdn":"leioolei.com","domain":"leioolei.com","tld":"com"},"ip":{"addr":"104.21.16.96","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131","fqdn":"pitinsk.online","domain":"pitinsk.online","tld":"online"},"title":"LP","dom":{"size":6116,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (848)","md5":"13a074ac39323d2023f4629e30b7da9a","sha1":"2be2025dfe90af43f8c13e9ed7c7705433065711","sha256":"6e7962336d7a7bde2b05914c04b1c9f8a5344905d997ca2e1ea9cd91db38bb19","sha512":"cebf195956946e72c7e6a073dcc6fdb7bee0cb415675ffd8c5f26b9b3b3e06fb4c2926bc9e0c2279fd0a1573fa72e69a31cb13eb69ded31e58bc926a19e93729","ssdeep":"96:6ovQJQ1ib7JKZvzCLiVFSHZOg0Yu5aJP79LaSX7hgMyFKQGw:3w7JKgtZ0ZUDJaqc","tlshash":"b5c1a569a8f84566048741d03ea6ef0b7fdae107ce0a4a8475fc4ae51fc3ec9cd6b025","dom_hash":"domhash81c8fc5a47e43324a7ba08e59937aebe","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"leioolei.com/cjatl3k.php?key=4q5gijhgk79c4tiaajst\u0026visitor_id=1021167968324694017\u0026cost=0.001400\u0026zoneid=8565156\u0026campaignid=10181525\u0026device=iphone\u0026browser=chrome\u0026os=ios\u0026osversion=ios26\u0026country=BD\u0026language=bn\u0026isp=rongdhonuonline\u0026user_activity=low","fqdn":"leioolei.com","domain":"leioolei.com","tld":"com"},"ip":{"addr":"104.21.16.96","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-10T13:51:39Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-06","alert":"Sinkholed","trigger":"m.bolo2vas97.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"pitinsk.online","ip":{"addr":"93.190.137.26","port":443,"asn":49981,"as":"WorldStream B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-02-21","domain_rank":0,"first_seen":"2025-05-15T05:38:49.236104Z","last_seen":"2025-12-01T20:57:06.372603Z","alert_count":0,"request_count":12,"received_data":167196,"sent_data":7547,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"m.bolo2vas97.click","ip":{"addr":"172.67.192.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-31","domain_rank":0,"first_seen":"2025-11-01T08:44:23.955724Z","last_seen":"2025-11-30T13:42:15.239326Z","alert_count":1,"request_count":1,"received_data":6227,"sent_data":523,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"moriantop.lol","ip":{"addr":"185.184.192.190","port":443,"asn":49981,"as":"WorldStream B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-28","domain_rank":0,"first_seen":"2025-11-20T08:47:54.44Z","last_seen":"2025-11-27T17:06:19.870598Z","alert_count":0,"request_count":1,"received_data":6137,"sent_data":560,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"leioolei.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-09","domain_rank":0,"first_seen":"2025-10-26T09:00:34.345828Z","last_seen":"2025-11-26T09:12:01.162749Z","alert_count":0,"request_count":1,"received_data":6332,"sent_data":710,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"pitinsk.online/f/bd_download_blue/src/jquery.js","fqdn":"pitinsk.online","domain":"pitinsk.online","tld":"online"},"ip":{"addr":"93.190.137.26","port":443,"asn":49981,"as":"WorldStream B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-05T14:43:50.675854Z","times_seen":445348,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131","fqdn":"pitinsk.online","domain":"pitinsk.online","tld":"online"},"ip":{"addr":"93.190.137.26","port":443,"asn":49981,"as":"WorldStream B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"0f471d285a042a4e551dac8c20d6afa8","sha1":"80620f6076e937cc9a4332f6ff9821b2e4b9ac57","sha256":"4ce91b2d0a481195141df1792a0ab3542ef12008ce1f3f8cd177d27d99ce4fc3","sha512":"2b6e61fb1cc8473cac54541687fe25d6528040df5e8d70fd19059b3d80b42a9a9116e5462f47ec699c87b321637b5ebbb61e10a6aa54f16e6cc75c364c49cd44","ssdeep":"","tlshash":"89a022c8880002003b8308f0880f3e8a303300f2028cc000b0acc030af3030f0203bcf","size":70,"data":"","first_seen":"2024-12-01T15:10:43.94271Z","last_seen":"2025-12-24T19:13:11.011339Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131","fqdn":"pitinsk.online","domain":"pitinsk.online","tld":"online"},"ip":{"addr":"93.190.137.26","port":443,"asn":49981,"as":"WorldStream B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"38aca1e7b74256791d882c649d5cb851","sha1":"68d14a43a9662b599a296fe3c7846882975bdf2f","sha256":"b834da25a8fa2b8f7796f6395b9fe81d474889933a7623d4a396a5844a2aa72f","sha512":"3e43cdc3e55048549e3e486c9d8061d4bf360299e18f149577c066f26f05f41f4d9f9b137771d8636a9cccec670a49e42d23aa84b0227aea7c39fe66936eeac4","ssdeep":"","tlshash":"342192e96c85260ced9c009429dbfe23b365d0170d03c8e0b88ceb0d6f4e202a1f50e0","size":1278,"data":"","first_seen":"2025-12-06T13:51:41.82524Z","last_seen":"2025-12-06T13:51:41.82524Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pitinsk.online/f/bd_download_blue/src/translate.js","fqdn":"pitinsk.online","domain":"pitinsk.online","tld":"online"},"ip":{"addr":"93.190.137.26","port":443,"asn":49981,"as":"WorldStream B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"f6518567803d6f2b69135079bf006314","sha1":"b773f3999c770f8bfd8142d16f652b9410bdd18a","sha256":"b9ede57621dd297c93e40643cc413887cf3188a384a9d300586c17040a626864","sha512":"820eaa8123edfd522ca8ec263eaf9b400fb141a47dd451fd5dabbcb6e27525623d640bed3c2c5b974d11568e4a91bb1c46baa543c9349276cffe386e900384f1","ssdeep":"","tlshash":"2001d6f4952f70e55042ad9f064c16119000ad035e14fb98fd5750953fcee7d69bacb9","size":811,"data":"","first_seen":"2025-12-06T13:51:41.801317Z","last_seen":"2025-12-06T13:51:41.801317Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pitinsk.online/api/js/landing.js","fqdn":"pitinsk.online","domain":"pitinsk.online","tld":"online"},"ip":{"addr":"93.190.137.26","port":443,"asn":49981,"as":"WorldStream B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0b279936c4fff2be67d84e639a831d5","sha1":"88a8290aae443eee7e378ce107116ccd7767cf6f","sha256":"929ceaeda452aef4cf21c1e186a71dfbd1fdb7375610b09793a46e216f4a1db1","sha512":"62929a306531e63fafb53fc4790b1bf8ee4c0d518b5ac9fd332751409bc0026b45d74722d881fd48ce37a45400b7eb2adf1be6451ceada71e44ae6d8172b60d2","ssdeep":"384:ySkSf8T02c//Lsa/t8xtsaVysnosFbCKGvbC+MJL6Db5:fkSf8U7saqsasCbCvb2Ne9","tlshash":"2872937415bb41949122b2adaf875513f157201f6e92ee6c3bdc13c19fcba382a346b3","size":16912,"data":"","first_seen":"2025-08-18T18:45:42.356454Z","last_seen":"2025-12-06T13:51:41.821417Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pitinsk.online/f/bd_download_blue/src/custom_bd.js?2","fqdn":"pitinsk.online","domain":"pitinsk.online","tld":"online"},"ip":{"addr":"93.190.137.26","port":443,"asn":49981,"as":"WorldStream B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"635a3826a2c02dd310d6b03da104945d","sha1":"b04e78047e1e4078f98ae5dbacfe27378c6a75be","sha256":"f71f182ebf6adbb8c1b8be2654573bad3e6882c4a4833ce648ae133d09894080","sha512":"5e5b7c46ffc183c96f1e6afed25048903f78cebe1853e896702fb591d488e27e5ea41a90f43ed29044fe71f596e723b8f87354f0695a47cd7f079ff34c6b4b99","ssdeep":"192:bo+b9nkkW5C7q7S+tj2lfEAO/e+upwoCAP86+TINUTVwBNi07wovYdtMXs65l2Gx:bo+VZOyO/uaoHW2UBwBX7wMooj","tlshash":"b032722426e321501173a0b90baf950a70340867c508de587e9c57907f9be3db9f2fe9","size":11979,"data":"","first_seen":"2025-12-06T13:51:41.819322Z","last_seen":"2025-12-06T13:51:41.819322Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"pitinsk.online/api/get-clicks.php?pid=115\u0026offer_id=18830\u0026clickid=218e006969410004c247131\u0026our_clickid=218e006969410004c247131\u0026sub_clickid=\u0026source_id=\u0026creative_id=\u0026from2=\u0026sub1=","fqdn":"pitinsk.online","domain":"pitinsk.online","tld":"online"},"ip":{"addr":"93.190.137.26","port":443,"asn":49981,"as":"WorldStream B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131","date":"2025-12-06T13:51:18.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pitinsk.online","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 22:02:44 GMT","end":"Tue, 27 Jan 2026 22:02:43 GMT"},"fingerprint":{"sha1":"20:42:0A:EE:A8:27:AD:23:B3:5D:48:61:EF:B0:20:C3:FC:70:3B:4E","sha256":"19:C6:DB:63:55:CF:4B:E7:C4:94:FF:00:36:94:CB:83:DF:1F:61:12:38:23:A8:46:CA:1E:4C:31:87:CC:C2:06"}}},"request":{"raw":"GET /api/get-clicks.php?pid=115\u0026offer_id=18830\u0026clickid=218e006969410004c247131\u0026our_clickid=218e006969410004c247131\u0026sub_clickid=\u0026source_id=\u0026creative_id=\u0026from2=\u0026sub1= HTTP/1.1\r\nHost: pitinsk.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=610968e1c3109f3b34a21dd9d1b9bc35\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Dec 2025 13:51:18 GMT\r\ncontent-type: application/json\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\npragma: no-cache\r\ncache-control: no-store\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":328,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"2710bf2eb6a39728ef11b18f8ce2d535","sha1":"3215cae060f125f3fb1bf321b12c419919c886c0","sha256":"1630c1f0d486a3f5b14257fe0603c205f0f0fcdfb693b26c0450d0ebd966e499","sha512":"349ac07314a4f3aa1e437ef93efef181221b8e56584cab0d7e4030db210bb96e5264015e67c1c49aa9b92c35607412771e43d1000af06d1460e9d6c0e7647d22","ssdeep":"","tlshash":"f8e0126bb68c550dedad832245c3ff43f9a4a1076fb710c8c5aed708504c91452f2014","first_seen":"2025-12-06T13:51:41.799014Z","last_seen":"2025-12-06T13:51:41.799014Z","times_seen":1,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pitinsk.online/f/bd_download_blue/src/translate.js","fqdn":"pitinsk.online","domain":"pitinsk.online","tld":"online"},"ip":{"addr":"93.190.137.26","port":443,"asn":49981,"as":"WorldStream B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131","date":"2025-12-06T13:51:18.514Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pitinsk.online","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 22:02:44 GMT","end":"Tue, 27 Jan 2026 22:02:43 GMT"},"fingerprint":{"sha1":"20:42:0A:EE:A8:27:AD:23:B3:5D:48:61:EF:B0:20:C3:FC:70:3B:4E","sha256":"19:C6:DB:63:55:CF:4B:E7:C4:94:FF:00:36:94:CB:83:DF:1F:61:12:38:23:A8:46:CA:1E:4C:31:87:CC:C2:06"}}},"request":{"raw":"GET /f/bd_download_blue/src/translate.js HTTP/1.1\r\nHost: pitinsk.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131\r\nCookie: PHPSESSID=610968e1c3109f3b34a21dd9d1b9bc35\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Dec 2025 13:51:18 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nlast-modified: Mon, 01 Dec 2025 12:43:08 GMT\r\netag: W/\"692d8d5c-32b\"\r\nexpires: Sun, 07 Dec 2025 13:51:18 GMT\r\ncache-control: max-age=86400\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":811,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Unicode text, UTF-8 text","md5":"f6518567803d6f2b69135079bf006314","sha1":"b773f3999c770f8bfd8142d16f652b9410bdd18a","sha256":"b9ede57621dd297c93e40643cc413887cf3188a384a9d300586c17040a626864","sha512":"820eaa8123edfd522ca8ec263eaf9b400fb141a47dd451fd5dabbcb6e27525623d640bed3c2c5b974d11568e4a91bb1c46baa543c9349276cffe386e900384f1","ssdeep":"","tlshash":"2001d6f4952f70e55042ad9f064c16119000ad035e14fb98fd5750953fcee7d69bacb9","first_seen":"2025-12-06T13:51:41.801317Z","last_seen":"2025-12-06T13:51:41.801317Z","times_seen":1,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pitinsk.online/api/get-csrf-token.php","fqdn":"pitinsk.online","domain":"pitinsk.online","tld":"online"},"ip":{"addr":"93.190.137.26","port":443,"asn":49981,"as":"WorldStream B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131","date":"2025-12-06T13:51:18.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pitinsk.online","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 22:02:44 GMT","end":"Tue, 27 Jan 2026 22:02:43 GMT"},"fingerprint":{"sha1":"20:42:0A:EE:A8:27:AD:23:B3:5D:48:61:EF:B0:20:C3:FC:70:3B:4E","sha256":"19:C6:DB:63:55:CF:4B:E7:C4:94:FF:00:36:94:CB:83:DF:1F:61:12:38:23:A8:46:CA:1E:4C:31:87:CC:C2:06"}}},"request":{"raw":"GET /api/get-csrf-token.php HTTP/1.1\r\nHost: pitinsk.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=610968e1c3109f3b34a21dd9d1b9bc35\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Dec 2025 13:51:18 GMT\r\ncontent-type: application/json\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\npragma: no-cache\r\ncache-control: no-store\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"46113ab47d7e139507e67f050d288048","sha1":"79fea555693c836569a98178b24d2feb16cf7ed6","sha256":"e539a20e2904f6116e6625c2844d5b707c870b3c593f133825de22cae3845dd9","sha512":"17fc60b27e917c5788ceaaeec1aefabbd3eeaea93c6c695e0403fd29fa460bb28bb980c3971e238bbd480c7f6dd115138344ec0a6f0efb421d376b32eafeed59","ssdeep":"","tlshash":"6a7000c8e000028080a020800202828808808f0820032a800002ac08b00bc80202003c","first_seen":"2025-12-06T13:51:41.80355Z","last_seen":"2025-12-06T13:51:41.80355Z","times_seen":1,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pitinsk.online/api/get-footer.php?pid=115\u0026offer_id=18830\u0026clickid=218e006969410004c247131\u0026our_clickid=218e006969410004c247131\u0026sub_clickid=\u0026source_id=\u0026creative_id=\u0026from2=\u0026sub1=\u0026api_name=serpbd20\u0026method=","fqdn":"pitinsk.online","domain":"pitinsk.online","tld":"online"},"ip":{"addr":"93.190.137.26","port":443,"asn":49981,"as":"WorldStream B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131","date":"2025-12-06T13:51:19.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pitinsk.online","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 22:02:44 GMT","end":"Tue, 27 Jan 2026 22:02:43 GMT"},"fingerprint":{"sha1":"20:42:0A:EE:A8:27:AD:23:B3:5D:48:61:EF:B0:20:C3:FC:70:3B:4E","sha256":"19:C6:DB:63:55:CF:4B:E7:C4:94:FF:00:36:94:CB:83:DF:1F:61:12:38:23:A8:46:CA:1E:4C:31:87:CC:C2:06"}}},"request":{"raw":"GET /api/get-footer.php?pid=115\u0026offer_id=18830\u0026clickid=218e006969410004c247131\u0026our_clickid=218e006969410004c247131\u0026sub_clickid=\u0026source_id=\u0026creative_id=\u0026from2=\u0026sub1=\u0026api_name=serpbd20\u0026method= HTTP/1.1\r\nHost: pitinsk.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=610968e1c3109f3b34a21dd9d1b9bc35\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Dec 2025 13:51:19 GMT\r\ncontent-type: application/json\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\npragma: no-cache\r\ncache-control: no-store\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10375,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"258ea9f376a4a1572d30730f351507a9","sha1":"5d0bc9c7fec1c4bae35572d3798f753265a4bca3","sha256":"aa69a4e8497910373de38536e208919e6aac89861aa2fa4d3bbbcdba06b27e00","sha512":"56c12bbdff44b43bb348e4aa254a6eca62dca08fb6b0178aee840d0df51612f206c731c87b32c62817832fde3de39621f1f37bfaa7b0557863f2fc714200c914","ssdeep":"96:ggLss+QAq2/Teo/BBKvxS4dvTJwJDGcBeGJr1VbBm0kejA+SXLY9w+:tLUQ+/TD/BAd9TJwJHvJhtB16+A0e+","tlshash":"53221b6970e1d6391a04e188ed73a52d799e5818cc35c2b67eed93caaf8d729c90f013","first_seen":"2025-12-06T13:51:41.805544Z","last_seen":"2025-12-06T13:51:41.805544Z","times_seen":1,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.bolo2vas97.click/c/n/286990/6007?cid=f79f1irtlqqwje65","fqdn":"m.bolo2vas97.click","domain":"bolo2vas97.click","tld":"click"},"ip":{"addr":"172.67.192.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-06T13:51:17.514Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bolo2vas97.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 31 Oct 2025 07:26:31 GMT","end":"Thu, 29 Jan 2026 08:16:16 GMT"},"fingerprint":{"sha1":"2A:36:0E:1A:6C:CF:80:A3:85:F9:41:36:5D:6E:1F:BE:49:42:FA:56","sha256":"27:BD:B7:F7:97:CE:F7:99:10:EA:28:15:E2:D2:5F:B1:AE:42:F0:F2:28:68:C8:F7:FC:76:A2:81:6F:28:DC:66"}}},"request":{"raw":"GET /c/n/286990/6007?cid=f79f1irtlqqwje65 HTTP/1.1\r\nHost: m.bolo2vas97.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sat, 06 Dec 2025 13:51:17 GMT\r\ncontent-length: 0\r\nlocation: https://moriantop.lol/o?k=7620dc01301f49ab\u0026click_id=e1e7fb66fb204841822ffee062d688e0\u0026source_id=6007_\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: uk=f3685dd542a84e528eb7b0208b29e5a6; Domain=bolo2vas97.click; Expires=Thu, 24-Dec-2093 17:05:24 GMT; Path=/; HttpOnly\r\ncache-control: no-transform\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HSiM7nT%2F1HODD2RkKJPrgo%2B80gz%2ByGdMZDJV3FvNQASegE7%2BL9HnalrYyyiTMx951Kn4gEoYWYbqHlUFL9nUfBZRTifc%2F2dorEE2Zlss0Uw%3D\"}]}\r\ncf-ray: 9a9c41d6cf3c0b61-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5450,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":511,"timings":{"blocked":52,"dns":25,"connect":1,"send":0,"wait":410,"receive":1,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-06","alert":"Sinkholed","trigger":"m.bolo2vas97.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moriantop.lol/o?k=7620dc01301f49ab\u0026click_id=e1e7fb66fb204841822ffee062d688e0\u0026source_id=6007_","fqdn":"moriantop.lol","domain":"moriantop.lol","tld":"lol"},"ip":{"addr":"185.184.192.190","port":443,"asn":49981,"as":"WorldStream B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-06T13:51:17.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moriantop.lol","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 25 Nov 2025 22:02:57 GMT","end":"Mon, 23 Feb 2026 22:02:56 GMT"},"fingerprint":{"sha1":"32:84:55:90:3B:30:AC:88:D3:8F:16:EC:B8:F5:C4:BD:60:8F:DB:B9","sha256":"44:CC:88:EC:4E:26:67:25:AA:7C:F9:59:13:E7:BD:C7:16:1D:88:82:5A:16:74:CA:39:87:DE:29:92:DE:79:46"}}},"request":{"raw":"GET /o?k=7620dc01301f49ab\u0026click_id=e1e7fb66fb204841822ffee062d688e0\u0026source_id=6007_ HTTP/1.1\r\nHost: moriantop.lol\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Sat, 06 Dec 2025 13:51:18 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nreferrer-policy: no-referrer\r\nlocation: https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131\r\nset-cookie: aff_tds_of_18830=1; expires=Sat, 06 Dec 2025 23:59:59 GMT; Max-Age=36521; path=/\naff_tds_id=c5433aae36fd6478d3d3360da9fdf5d2cf3014817ca8ac9117087a1fd95644c0a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22aff_tds_id%22%3Bi%3A1%3Bs%3A16%3A%22f35162451d44bc82%22%3B%7D; expires=Sat, 06 Dec 2025 23:59:59 GMT; Max-Age=36521; path=/; HttpOnly; SameSite=Lax\r\ncache-control: no-store\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5450,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":243,"timings":{"blocked":108,"dns":62,"connect":17,"send":0,"wait":27,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pitinsk.online/f/bd_download_blue/css/style.css","fqdn":"pitinsk.online","domain":"pitinsk.online","tld":"online"},"ip":{"addr":"93.190.137.26","port":443,"asn":49981,"as":"WorldStream B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131","date":"2025-12-06T13:51:18.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pitinsk.online","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 22:02:44 GMT","end":"Tue, 27 Jan 2026 22:02:43 GMT"},"fingerprint":{"sha1":"20:42:0A:EE:A8:27:AD:23:B3:5D:48:61:EF:B0:20:C3:FC:70:3B:4E","sha256":"19:C6:DB:63:55:CF:4B:E7:C4:94:FF:00:36:94:CB:83:DF:1F:61:12:38:23:A8:46:CA:1E:4C:31:87:CC:C2:06"}}},"request":{"raw":"GET /f/bd_download_blue/css/style.css HTTP/1.1\r\nHost: pitinsk.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131\r\nCookie: PHPSESSID=610968e1c3109f3b34a21dd9d1b9bc35\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Dec 2025 13:51:18 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 01 Dec 2025 12:43:08 GMT\r\netag: W/\"692d8d5c-37c7\"\r\nexpires: Sun, 07 Dec 2025 13:51:18 GMT\r\ncache-control: max-age=86400\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14279,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"d0fbcdfc2bb6c95e3b4d45adcfd16ff2","sha1":"cd5c87895e6d5995147cda857d00f17038e54a01","sha256":"89b885d649155f78983c97ef460edd6a469fde3fa1f166c542ac0983639394a2","sha512":"c70d54b2c763f5a4561acb6e0637d20a5e83948d6fb59df505a5af021dec5dfd0e97afd755b3db86517bb423cc2f9c0e34c5ad868f9a9771d84826a0b927bc6c","ssdeep":"192:KnKFa2C2z43+EKxJvsn/WzgYVXCHjAGuwVh7nzpwZ92y4EK/lYVXC32qlGoMb2rs:XF1CgAqw/7Hd/t32qL6IBe","tlshash":"3d5230c21ab31504b41bc45c5bea5b64b3388443990bcc7dbfde368d8f092ac56a2f9d","first_seen":"2025-12-06T13:51:41.808674Z","last_seen":"2025-12-06T13:51:41.808674Z","times_seen":1,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pitinsk.online/f/bd_download_blue/src/jquery.js","fqdn":"pitinsk.online","domain":"pitinsk.online","tld":"online"},"ip":{"addr":"93.190.137.26","port":443,"asn":49981,"as":"WorldStream B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131","date":"2025-12-06T13:51:18.512Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pitinsk.online","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 22:02:44 GMT","end":"Tue, 27 Jan 2026 22:02:43 GMT"},"fingerprint":{"sha1":"20:42:0A:EE:A8:27:AD:23:B3:5D:48:61:EF:B0:20:C3:FC:70:3B:4E","sha256":"19:C6:DB:63:55:CF:4B:E7:C4:94:FF:00:36:94:CB:83:DF:1F:61:12:38:23:A8:46:CA:1E:4C:31:87:CC:C2:06"}}},"request":{"raw":"GET /f/bd_download_blue/src/jquery.js HTTP/1.1\r\nHost: pitinsk.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131\r\nCookie: PHPSESSID=610968e1c3109f3b34a21dd9d1b9bc35\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Dec 2025 13:51:18 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nlast-modified: Mon, 01 Dec 2025 12:43:08 GMT\r\netag: W/\"692d8d5c-15d9d\"\r\nexpires: Sun, 07 Dec 2025 13:51:18 GMT\r\ncache-control: max-age=86400\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89501,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-05T14:43:50.675854Z","times_seen":445348,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pitinsk.online/favicon.ico","fqdn":"pitinsk.online","domain":"pitinsk.online","tld":"online"},"ip":{"addr":"93.190.137.26","port":443,"asn":49981,"as":"WorldStream B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131","date":"2025-12-06T13:51:18.748Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pitinsk.online","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 22:02:44 GMT","end":"Tue, 27 Jan 2026 22:02:43 GMT"},"fingerprint":{"sha1":"20:42:0A:EE:A8:27:AD:23:B3:5D:48:61:EF:B0:20:C3:FC:70:3B:4E","sha256":"19:C6:DB:63:55:CF:4B:E7:C4:94:FF:00:36:94:CB:83:DF:1F:61:12:38:23:A8:46:CA:1E:4C:31:87:CC:C2:06"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: pitinsk.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131\r\nCookie: PHPSESSID=610968e1c3109f3b34a21dd9d1b9bc35\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Dec 2025 13:51:18 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 4103\r\nlast-modified: Mon, 01 Dec 2025 12:43:08 GMT\r\netag: \"692d8d5c-1007\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4103,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"4cdf3256cd7b8ec3917adb79d6bf457e","sha1":"bc615337e9223183a126c8fb649774866fb53e69","sha256":"fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0","sha512":"2bcd90a667b80393690e244a979e36e9f482b419e52302571a41412aac296aac1d58f81787b38d00a00257dca8bd3dce7cfe6ab8ef12aa3a91e0801ee3c3f21a","ssdeep":"96:LSDZ/I09Da01l+gmkyTt6Hk8nT2JCkun8i01FZZN:LSDS0tKg9E05T23un8h5N","tlshash":"2e818daf99b0d47f7938fa400dce8281e279256c197637ad94e5c5ee00a7b031bb0232","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-04-05T11:30:45.81958Z","times_seen":8553,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leioolei.com/cjatl3k.php?key=4q5gijhgk79c4tiaajst\u0026visitor_id=1021167968324694017\u0026cost=0.001400\u0026zoneid=8565156\u0026campaignid=10181525\u0026device=iphone\u0026browser=chrome\u0026os=ios\u0026osversion=ios26\u0026country=BD\u0026language=bn\u0026isp=rongdhonuonline\u0026user_activity=low","fqdn":"leioolei.com","domain":"leioolei.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-06T13:51:17.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leioolei.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Oct 2025 11:50:43 GMT","end":"Thu, 08 Jan 2026 12:48:22 GMT"},"fingerprint":{"sha1":"24:A8:DD:29:7B:C4:38:89:6A:09:B0:B1:47:75:80:F7:C1:94:36:B7","sha256":"32:28:45:4B:0E:6D:D5:EC:83:75:C6:FF:5B:CE:72:60:AA:F3:26:01:06:9C:DB:C7:DF:3B:63:E5:A0:43:49:E1"}}},"request":{"raw":"GET /cjatl3k.php?key=4q5gijhgk79c4tiaajst\u0026visitor_id=1021167968324694017\u0026cost=0.001400\u0026zoneid=8565156\u0026campaignid=10181525\u0026device=iphone\u0026browser=chrome\u0026os=ios\u0026osversion=ios26\u0026country=BD\u0026language=bn\u0026isp=rongdhonuonline\u0026user_activity=low HTTP/1.1\r\nHost: leioolei.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sat, 06 Dec 2025 13:51:17 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://m.bolo2vas97.click/c/n/286990/6007?cid=f79f1irtlqqwje65\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: uclick=irtlqqwj; expires=Sun, 07 Dec 2025 13:51:17 GMT; Max-Age=86400; path=/; secure; SameSite=none\nuclickhash=irtlqqwj-irtlqqwj-9l-0-9l-2t0-qq-9cb3aa; expires=Sun, 07 Dec 2025 13:51:17 GMT; Max-Age=86400; path=/; secure; SameSite=none\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CyxCcpXrdOjFemvXSKNn9Yulo8Yse%2FWuq060Gh5fRQDPsBqvLjqKutlqPz8kf9WJ3CVdxPxW87CQAhb7CzKkRyap68D6Q%2BPO7b0%3D\"}]}\r\ncf-ray: 9a9c41d5284b56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5450,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":248,"timings":{"blocked":23,"dns":6,"connect":1,"send":0,"wait":200,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131","fqdn":"pitinsk.online","domain":"pitinsk.online","tld":"online"},"ip":{"addr":"93.190.137.26","port":443,"asn":49981,"as":"WorldStream B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-06T13:51:18.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pitinsk.online","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 22:02:44 GMT","end":"Tue, 27 Jan 2026 22:02:43 GMT"},"fingerprint":{"sha1":"20:42:0A:EE:A8:27:AD:23:B3:5D:48:61:EF:B0:20:C3:FC:70:3B:4E","sha256":"19:C6:DB:63:55:CF:4B:E7:C4:94:FF:00:36:94:CB:83:DF:1F:61:12:38:23:A8:46:CA:1E:4C:31:87:CC:C2:06"}}},"request":{"raw":"GET /f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131 HTTP/1.1\r\nHost: pitinsk.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Dec 2025 13:51:18 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: PHPSESSID=610968e1c3109f3b34a21dd9d1b9bc35; path=/\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\npragma: no-cache\r\ncache-control: no-store\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":5450,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (848)","md5":"15e779941938d941bda88d41cd96976c","sha1":"4d34ea5778cdb80efa622cf22a9d893185ad862a","sha256":"1f884008770fccd8cbe2633340092f17b2b71245bbc9ab2092f279e9537a3338","sha512":"8328ceaf4b1e41e3c0023e4774b97a5321a9a50ef1284d714874c7a6587f56e210b5a2d770223a78001193565f2f711fcc805614560ed268e3bda722c58ae6b3","ssdeep":"96:mQJQ1iK7JKZvzCLHVgXAhu5aJP79LaSX7hgMyFKQGPM:U/7JKgCUDJaqrM","tlshash":"51b195a5a8f85666058241d03e95df0b7fdae103ce4b898475fc8ae50fc7ec5cdab064","first_seen":"2025-12-06T13:51:41.812834Z","last_seen":"2025-12-06T13:51:41.812834Z","times_seen":1,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":56,"dns":1,"connect":18,"send":0,"wait":62,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pitinsk.online/f/bd_download_blue/css/font.css","fqdn":"pitinsk.online","domain":"pitinsk.online","tld":"online"},"ip":{"addr":"93.190.137.26","port":443,"asn":49981,"as":"WorldStream B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131","date":"2025-12-06T13:51:18.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pitinsk.online","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 22:02:44 GMT","end":"Tue, 27 Jan 2026 22:02:43 GMT"},"fingerprint":{"sha1":"20:42:0A:EE:A8:27:AD:23:B3:5D:48:61:EF:B0:20:C3:FC:70:3B:4E","sha256":"19:C6:DB:63:55:CF:4B:E7:C4:94:FF:00:36:94:CB:83:DF:1F:61:12:38:23:A8:46:CA:1E:4C:31:87:CC:C2:06"}}},"request":{"raw":"GET /f/bd_download_blue/css/font.css HTTP/1.1\r\nHost: pitinsk.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131\r\nCookie: PHPSESSID=610968e1c3109f3b34a21dd9d1b9bc35\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Dec 2025 13:51:18 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 01 Dec 2025 12:43:08 GMT\r\netag: W/\"692d8d5c-1c0c\"\r\nexpires: Sun, 07 Dec 2025 13:51:18 GMT\r\ncache-control: max-age=86400\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7180,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"5691b3e1688237d13945069f93dfe012","sha1":"aedc61371adc2b17f37549223fb3960e27c0da03","sha256":"869fa398199bdb401c6b8fc7447542d977bb9961e8c22ed657c288d51283b503","sha512":"f43ad1e03a332caee974f3fb6c7fd1307c6f05c8d87691d321831d6832b639d05eb347341208a3c1d4ef54c0129b39e17d9ba159f38e113cf0d08d8f581403df","ssdeep":"96:gIwEFZxjjPBa4Jc+u1GNYINEFZkSjP0L4Jc+u4GNiI7EFZGIjPWd4Jc+uCGNs:HvPzxAPfGmPv3","tlshash":"96e17b81086b1100f2870dda23ce3b262a8d918b7085d6363ffd2a975eefd7553a175e","first_seen":"2025-07-13T10:32:21.077212Z","last_seen":"2025-12-20T04:29:18.090664Z","times_seen":3,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pitinsk.online/f/bd_download_blue/images/mobile.png","fqdn":"pitinsk.online","domain":"pitinsk.online","tld":"online"},"ip":{"addr":"93.190.137.26","port":443,"asn":49981,"as":"WorldStream B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131","date":"2025-12-06T13:51:18.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pitinsk.online","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 22:02:44 GMT","end":"Tue, 27 Jan 2026 22:02:43 GMT"},"fingerprint":{"sha1":"20:42:0A:EE:A8:27:AD:23:B3:5D:48:61:EF:B0:20:C3:FC:70:3B:4E","sha256":"19:C6:DB:63:55:CF:4B:E7:C4:94:FF:00:36:94:CB:83:DF:1F:61:12:38:23:A8:46:CA:1E:4C:31:87:CC:C2:06"}}},"request":{"raw":"GET /f/bd_download_blue/images/mobile.png HTTP/1.1\r\nHost: pitinsk.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131\r\nCookie: PHPSESSID=610968e1c3109f3b34a21dd9d1b9bc35\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Dec 2025 13:51:18 GMT\r\ncontent-type: image/png\r\ncontent-length: 2528\r\nlast-modified: Mon, 01 Dec 2025 12:43:08 GMT\r\netag: \"692d8d5c-9e0\"\r\nexpires: Sun, 07 Dec 2025 13:51:18 GMT\r\ncache-control: max-age=86400\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2528,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 350 x 393, 8-bit colormap, non-interlaced","md5":"40fe08040443b9586e59aa417d150f6c","sha1":"8e5ac4912b6f70f0a75126d02272e507bc760b3d","sha256":"d163dc31274a84561f5a5fd5ed574cc62bde4a6e6d115ceaa008a5fa02b5e3df","sha512":"9ccb51445a47d0c573ebede8531598d1549b138d29c48bc9a517e3f5af657f894bec9ea25d193dd83660619835dc6c3ca525ef08a7c0fc4267fb51ba42625691","ssdeep":"","tlshash":"77514c7f45fc73a9678908794a589cdb4234e83791e60352e1d9b303af4d01e934cb49","first_seen":"2025-03-06T16:04:10.624282Z","last_seen":"2025-12-20T04:29:18.083254Z","times_seen":6,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pitinsk.online/f/bd_download_blue/src/custom_bd.js?2","fqdn":"pitinsk.online","domain":"pitinsk.online","tld":"online"},"ip":{"addr":"93.190.137.26","port":443,"asn":49981,"as":"WorldStream B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131","date":"2025-12-06T13:51:18.518Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pitinsk.online","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 22:02:44 GMT","end":"Tue, 27 Jan 2026 22:02:43 GMT"},"fingerprint":{"sha1":"20:42:0A:EE:A8:27:AD:23:B3:5D:48:61:EF:B0:20:C3:FC:70:3B:4E","sha256":"19:C6:DB:63:55:CF:4B:E7:C4:94:FF:00:36:94:CB:83:DF:1F:61:12:38:23:A8:46:CA:1E:4C:31:87:CC:C2:06"}}},"request":{"raw":"GET /f/bd_download_blue/src/custom_bd.js?2 HTTP/1.1\r\nHost: pitinsk.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131\r\nCookie: PHPSESSID=610968e1c3109f3b34a21dd9d1b9bc35\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Dec 2025 13:51:18 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nlast-modified: Mon, 01 Dec 2025 12:43:08 GMT\r\netag: W/\"692d8d5c-2ed1\"\r\nexpires: Sun, 07 Dec 2025 13:51:18 GMT\r\ncache-control: max-age=86400\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11985,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"635a3826a2c02dd310d6b03da104945d","sha1":"b04e78047e1e4078f98ae5dbacfe27378c6a75be","sha256":"f71f182ebf6adbb8c1b8be2654573bad3e6882c4a4833ce648ae133d09894080","sha512":"5e5b7c46ffc183c96f1e6afed25048903f78cebe1853e896702fb591d488e27e5ea41a90f43ed29044fe71f596e723b8f87354f0695a47cd7f079ff34c6b4b99","ssdeep":"192:bo+b9nkkW5C7q7S+tj2lfEAO/e+upwoCAP86+TINUTVwBNi07wovYdtMXs65l2Gx:bo+VZOyO/uaoHW2UBwBX7wMooj","tlshash":"b032722426e321501173a0b90baf950a70340867c508de587e9c57907f9be3db9f2fe9","first_seen":"2025-12-06T13:51:41.819322Z","last_seen":"2025-12-06T13:51:41.819322Z","times_seen":1,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pitinsk.online/api/js/landing.js","fqdn":"pitinsk.online","domain":"pitinsk.online","tld":"online"},"ip":{"addr":"93.190.137.26","port":443,"asn":49981,"as":"WorldStream B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131","date":"2025-12-06T13:51:18.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pitinsk.online","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 22:02:44 GMT","end":"Tue, 27 Jan 2026 22:02:43 GMT"},"fingerprint":{"sha1":"20:42:0A:EE:A8:27:AD:23:B3:5D:48:61:EF:B0:20:C3:FC:70:3B:4E","sha256":"19:C6:DB:63:55:CF:4B:E7:C4:94:FF:00:36:94:CB:83:DF:1F:61:12:38:23:A8:46:CA:1E:4C:31:87:CC:C2:06"}}},"request":{"raw":"GET /api/js/landing.js HTTP/1.1\r\nHost: pitinsk.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pitinsk.online/f/bd_download_blue/?our_clickid=218e006969410004c247131\u0026pid=115\u0026geo=bd\u0026offer_id=18830\u0026clickid=218e006969410004c247131\r\nCookie: PHPSESSID=610968e1c3109f3b34a21dd9d1b9bc35\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 06 Dec 2025 13:51:18 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nlast-modified: Mon, 01 Dec 2025 12:43:08 GMT\r\netag: W/\"692d8d5c-4253\"\r\nexpires: Sun, 07 Dec 2025 13:51:18 GMT\r\ncache-control: max-age=86400\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16979,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (386)","md5":"f0b279936c4fff2be67d84e639a831d5","sha1":"88a8290aae443eee7e378ce107116ccd7767cf6f","sha256":"929ceaeda452aef4cf21c1e186a71dfbd1fdb7375610b09793a46e216f4a1db1","sha512":"62929a306531e63fafb53fc4790b1bf8ee4c0d518b5ac9fd332751409bc0026b45d74722d881fd48ce37a45400b7eb2adf1be6451ceada71e44ae6d8172b60d2","ssdeep":"384:ySkSf8T02c//Lsa/t8xtsaVysnosFbCKGvbC+MJL6Db5:fkSf8U7saqsasCbCvb2Ne9","tlshash":"2872937415bb41949122b2adaf875513f157201f6e92ee6c3bdc13c19fcba382a346b3","first_seen":"2025-08-18T18:45:42.356454Z","last_seen":"2025-12-06T13:51:41.821417Z","times_seen":7,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}