{"report_id":"d24e6e74-dac5-485d-9afd-1d3823f50c01","version":6,"status":"done","tags":[],"date":"2025-11-25T00:14:19Z","url":{"schema":"http","addr":"lefados.xyz","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":0,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"best.aliexpress.com/?dp=w7kxdcv08zlzx67i6v0y\u0026aff_fcid=4e4b0425d91845998a8b3f98192172d3-1764029655198-00761-_c3qInPzh\u0026tt=CPS_NORMAL\u0026aff_fsk=_c3qInPzh\u0026aff_platform=portals-tool\u0026sk=_c3qInPzh\u0026aff_trace_key=4e4b0425d91845998a8b3f98192172d3-1764029655198-00761-_c3qInPzh\u0026terminal_id=6b589a16b2294524abe5ba4f008513a1\u0026browser_redirect=true","fqdn":"best.aliexpress.com","domain":"aliexpress.com","tld":"com"},"title":"AliExpress - Online Shopping for Popular Electronics, Fashion, Home \u0026 Garden, Toys \u0026 Sports, Automobiles and More.","dom":{"size":25551,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"2c2a92a5445e40d1cf8aeb9ce9036776","sha1":"ee56f137997b73eb6140bc8566d422649b5eaef1","sha256":"9fa57a40dd240bdb6e220b91f2737b74eec66fb90fb6a372042e593c75d64625","sha512":"e3a37b10a9b84e5575061bf1f491feaf6b7b44847d532ce06dc104d8887719e0d4dec2f6c8f0e714fb049ca78ee94f87a921665a700aea83a888e29e6f1bf5dc","ssdeep":"768:3jFjFJXFVMF4FqnC/pH0LNA6E+0CKmSK1euCMHtRdMbqpTJv2W:TxnXoekCAaX6rRP","tlshash":"8eb2044395f304155197f2c4ba31177bbd56ae43e027893cb9ac5bd8cfb3e864883a89","dom_hash":"domhash55f00644cc18a3826d48a4b206cc1b0f","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"lefados.xyz","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":0,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98","country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-30T00:14:19Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"lefados.xyz","ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"domain_registered":"2024-09-20","domain_rank":2043398,"first_seen":"2025-05-19T18:39:16.069206Z","last_seen":"2025-11-23T03:35:03.119263Z","alert_count":0,"request_count":5,"received_data":196653,"sent_data":2214,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn5-thumbs.motherlessmedia.com","ip":{"addr":"185.107.92.224","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2008-10-11","domain_rank":905009,"first_seen":"2018-12-23T05:30:23Z","last_seen":"2025-11-17T06:19:02.052615Z","alert_count":0,"request_count":1,"received_data":7155,"sent_data":455,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.21.4.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"lefados.xyz/rums.js","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8152432c915271c18e13c9c8e421348f","sha1":"0d602ed659308bca7c3b70867848dc8a2bc097f9","sha256":"91639b0366a8e73ce52bf08854906bff55ee58a6855257fa6bce393ad58f09b3","sha512":"f0940f9af4b15564f638079358d81e1114e6a897cf15308a255b98d8e59223b902e014989f355f6dfe5f95fcffd2c0576fe596c8a004adf6ff032670b6eb525e","ssdeep":"","tlshash":"ba51522564a5502f6237135aaf7ecb9db6327c01714bac39c22d52f13490c53db4ecba","size":2674,"data":"","first_seen":"2025-10-25T19:34:56.329143Z","last_seen":"2026-01-03T12:00:08.420639Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lefados.xyz/","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"2ce24ce48f61e237406717f8a8d9661b","sha1":"a76680588cadf12d14ac5cb26c7ae11587b89c78","sha256":"18154334477eff3c75dbbd6c6ea131dd70aa6c48ccc7c8ee442c69e838d55388","sha512":"b8096181d786a26b880fd5cca563a9f037b652a34fa9da44a6c623f4bd1076ecb89c6bb4ef9c183cfb01f778f2be73dcd5d8864a85adbfdb3258ae09ddb01d2c","ssdeep":"","tlshash":"81d01214b870447451141161aee75dd4a5a0a0ea21ef10cc934a20d059854df7f4db76","size":199,"data":"","first_seen":"2025-11-25T00:14:21.525465Z","last_seen":"2025-11-25T00:14:21.525465Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lefados.xyz/rect.js","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"75f131d906149ad52a7ba63da65fe61c","sha1":"8e838214e3b5952c8835d650862d7fb2752f6146","sha256":"680959566a91074eb94fc721d3c906ed6fd5c97c4412c7e3533d89c1d50cd4de","sha512":"8830bc69543828de6b7ce870c44930a7b91c8895c9fcdbb8407127b9af30a110c606827238448ecb61a39e137a032b47aaefb5e3b398d9054137856a3a97bb18","ssdeep":"","tlshash":"b001909d64d56c744da331bc9fff713890362683545b4e12b61d4e812f7131ec589c88","size":781,"data":"","first_seen":"2025-11-23T03:35:04.358058Z","last_seen":"2025-11-25T00:14:21.499895Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"574a8ca5d918c7f38918f23044be4e06","sha1":"66a2de13ba1fb60e8ba3c2c5b54e550c0346e66a","sha256":"ee85a6e9d94a3fde790e70649f73455c07b49fc1584a08df7d33ded18865e3bd","sha512":"ec13f52726237d61c63b2c9d27e3301994ee0482b9f90de8616ba26a33cc00ef08f3eec2d34336770db6f5012f29478eb4226e65754ce7c090f1e94f91347db6","ssdeep":"","tlshash":"25c0c08a2ec0cd81c084336f41237208d313720a3900c04c20da02001211b8f8c4a100","size":168,"data":"","first_seen":"2024-11-04T09:50:49.510721Z","last_seen":"2026-04-03T21:51:40.747038Z","times_seen":11214,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"lefados.xyz/favicon.ico","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lefados.xyz/","date":"2025-11-25T00:13:59.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lefados.xyz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 05:02:31 GMT","end":"Sat, 10 Jan 2026 05:02:30 GMT"},"fingerprint":{"sha1":"B2:AE:C6:4F:2E:AD:D4:E9:60:7A:FA:3F:17:7B:B2:12:61:1B:E0:E1","sha256":"86:FF:95:DE:DB:D2:24:7A:A3:B3:88:DF:95:32:59:F1:18:23:5B:02:98:57:5C:BB:DD:A7:9B:BB:AF:24:50:AA"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: lefados.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://lefados.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: d8051=bm9yZWZ8fHwxfDB8MHxub25lfDA6; d8051b=1764029638\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 25 Nov 2025 00:13:59 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 22 Jul 2025 04:31:22 GMT\r\netag: W/\"b52-63a7d1083953d\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2898,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (634)","md5":"f01ba522c3539135df33250082846848","sha1":"af31de06cf3d07cf83f104af8755b0cc5222ffc6","sha256":"2e8deb28946a6b41ccb927eaa43bbaa78ea82cef39a40638f2e5afa8e90e73ca","sha512":"5ca1b1d3c6f8e1948574a743bd6f58d9f430f9a576c9e656958dda81546a6b0baf0c02ff1b084640351a2bc44ba644e0f671aef0e2ff30981feec2af47764ee6","ssdeep":"","tlshash":"08515194c71c649fd35e24e6293e22c0282f8cb669a3ce7bbc77b174d6c800c87395a5","first_seen":"2025-04-07T04:58:47.339843Z","last_seen":"2026-04-03T21:41:47.62147Z","times_seen":5575,"resource_available":true,"data":null}},"time_used":221,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":221,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lefados.xyz/","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-25T00:13:58.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lefados.xyz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 05:02:31 GMT","end":"Sat, 10 Jan 2026 05:02:30 GMT"},"fingerprint":{"sha1":"B2:AE:C6:4F:2E:AD:D4:E9:60:7A:FA:3F:17:7B:B2:12:61:1B:E0:E1","sha256":"86:FF:95:DE:DB:D2:24:7A:A3:B3:88:DF:95:32:59:F1:18:23:5B:02:98:57:5C:BB:DD:A7:9B:BB:AF:24:50:AA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: lefados.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 25 Nov 2025 00:13:58 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 4069\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25559,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"6cbdac99d7d8aa6956ab1390b9d89a31","sha1":"8fddd496757db1ce301bb54440fb6b008f3f14df","sha256":"924807631ae08f2d10a87d152a4a010afdc9f75777dabdcd125a7ebf38002f79","sha512":"3ebc45074c72e72301d38308b4fa3835269c9ff78289a4526873315931721c71823c15fd349b799080948a7db3d1dfcacc3af8647f0a0a793a24344de071a43f","ssdeep":"768:djFjFJXFVMF4Fq+C/pH0LNA6E+0CKmSK1euCMHtRdMbqpTJv2g:lxnXoekhAaX6rR5","tlshash":"d6b2044395f304155197f2c4ba31177bbd56ae43e027893cb9ac1bd8cfb3e864883a89","first_seen":"2025-11-25T00:14:21.497515Z","last_seen":"2025-11-25T00:14:21.497515Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1090,"timings":{"blocked":468,"dns":166,"connect":145,"send":0,"wait":153,"receive":1,"ssl":154},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lefados.xyz/rect.js","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lefados.xyz/","date":"2025-11-25T00:13:58.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lefados.xyz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 05:02:31 GMT","end":"Sat, 10 Jan 2026 05:02:30 GMT"},"fingerprint":{"sha1":"B2:AE:C6:4F:2E:AD:D4:E9:60:7A:FA:3F:17:7B:B2:12:61:1B:E0:E1","sha256":"86:FF:95:DE:DB:D2:24:7A:A3:B3:88:DF:95:32:59:F1:18:23:5B:02:98:57:5C:BB:DD:A7:9B:BB:AF:24:50:AA"}}},"request":{"raw":"GET /rect.js HTTP/1.1\r\nHost: lefados.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://lefados.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 25 Nov 2025 00:13:59 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 781\r\nlast-modified: Thu, 16 Oct 2025 04:14:19 GMT\r\netag: \"68f0711b-30d\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":781,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (370)","md5":"75f131d906149ad52a7ba63da65fe61c","sha1":"8e838214e3b5952c8835d650862d7fb2752f6146","sha256":"680959566a91074eb94fc721d3c906ed6fd5c97c4412c7e3533d89c1d50cd4de","sha512":"8830bc69543828de6b7ce870c44930a7b91c8895c9fcdbb8407127b9af30a110c606827238448ecb61a39e137a032b47aaefb5e3b398d9054137856a3a97bb18","ssdeep":"","tlshash":"b001909d64d56c744da331bc9fff713890362683545b4e12b61d4e812f7131ec589c88","first_seen":"2025-11-23T03:35:04.358058Z","last_seen":"2025-11-25T00:14:21.499895Z","times_seen":2,"resource_available":true,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lefados.xyz/rums.js","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lefados.xyz/","date":"2025-11-25T00:13:58.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lefados.xyz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 05:02:31 GMT","end":"Sat, 10 Jan 2026 05:02:30 GMT"},"fingerprint":{"sha1":"B2:AE:C6:4F:2E:AD:D4:E9:60:7A:FA:3F:17:7B:B2:12:61:1B:E0:E1","sha256":"86:FF:95:DE:DB:D2:24:7A:A3:B3:88:DF:95:32:59:F1:18:23:5B:02:98:57:5C:BB:DD:A7:9B:BB:AF:24:50:AA"}}},"request":{"raw":"GET /rums.js HTTP/1.1\r\nHost: lefados.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://lefados.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 25 Nov 2025 00:13:59 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 2674\r\nlast-modified: Tue, 21 Oct 2025 09:54:48 GMT\r\netag: \"68f75868-a72\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2674,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (559)","md5":"8152432c915271c18e13c9c8e421348f","sha1":"0d602ed659308bca7c3b70867848dc8a2bc097f9","sha256":"91639b0366a8e73ce52bf08854906bff55ee58a6855257fa6bce393ad58f09b3","sha512":"f0940f9af4b15564f638079358d81e1114e6a897cf15308a255b98d8e59223b902e014989f355f6dfe5f95fcffd2c0576fe596c8a004adf6ff032670b6eb525e","ssdeep":"","tlshash":"ba51522564a5502f6237135aaf7ecb9db6327c01714bac39c22d52f13490c53db4ecba","first_seen":"2025-10-25T19:34:56.329143Z","last_seen":"2026-01-03T12:00:08.420639Z","times_seen":9,"resource_available":true,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lefados.xyz/images/xxx11.png","fqdn":"lefados.xyz","domain":"lefados.xyz","tld":"xyz"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lefados.xyz/","date":"2025-11-25T00:13:58.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lefados.xyz","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 05:02:31 GMT","end":"Sat, 10 Jan 2026 05:02:30 GMT"},"fingerprint":{"sha1":"B2:AE:C6:4F:2E:AD:D4:E9:60:7A:FA:3F:17:7B:B2:12:61:1B:E0:E1","sha256":"86:FF:95:DE:DB:D2:24:7A:A3:B3:88:DF:95:32:59:F1:18:23:5B:02:98:57:5C:BB:DD:A7:9B:BB:AF:24:50:AA"}}},"request":{"raw":"GET /images/xxx11.png HTTP/1.1\r\nHost: lefados.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://lefados.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 25 Nov 2025 00:13:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 163326\r\nlast-modified: Thu, 13 Nov 2025 04:57:13 GMT\r\netag: \"69156529-27dfe\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":163326,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 371 x 235, 8-bit/color RGBA, non-interlaced","md5":"a5acab3e62f8f3fb2dd23863ca201bc1","sha1":"dfff93dc0f3201404eab22d4fa6a09a3a488eb55","sha256":"f57959dc42aa54997602893effb63e6d7f85ead116c756027dd8956dced7a9ff","sha512":"41299093478509c94e027b3eb237e163e1ca51e04a3798cbad80e66c98d7a614d5e6f5bfb202ea23c8362188334c94819f3be66e477731cd7b29ac46dd72c29a","ssdeep":"3072:OfC4RPXAUg2IUy0H2Q1kfzdsZ50uAqI/Vt5t94l50XJgCxlNDDsWUl14k:2C4RwUR1qsZauAFVt5t9Ck1fk","tlshash":"ebf3129836c891b272328ab0aaac024d4b839324f57e4d44f9ede92357c57b47c95fdc","first_seen":"2025-11-23T03:35:04.344297Z","last_seen":"2025-11-25T00:14:21.514621Z","times_seen":2,"resource_available":false,"data":null}},"time_used":441,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":296,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn5-thumbs.motherlessmedia.com/thumbs/FE71227.jpg","fqdn":"cdn5-thumbs.motherlessmedia.com","domain":"motherlessmedia.com","tld":"com"},"ip":{"addr":"185.107.92.224","port":443,"asn":43350,"as":"NForce Entertainment B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lefados.xyz/","date":"2025-11-25T00:13:58.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.motherlessmedia.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Tue, 22 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1C:9C:A7:64:1D:50:C4:66:FC:B5:AE:9C:CB:DF:AC:1E:1F:4B:A0:83","sha256":"FD:6F:CF:79:47:AA:EF:54:72:2A:60:E2:1B:57:6B:D6:33:60:E2:67:DA:83:68:95:02:34:5B:66:53:45:A1:0E"}}},"request":{"raw":"GET /thumbs/FE71227.jpg HTTP/1.1\r\nHost: cdn5-thumbs.motherlessmedia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lefados.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: openresty/1.21.4.1\r\ndate: Tue, 25 Nov 2025 00:13:59 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 6881\r\nvary: x-s-token\r\nlast-modified: Thu, 01 Jul 2021 11:03:43 GMT\r\netag: \"1ae1-5c60dcad0c0d2\"\r\nx-cache: HIT\r\nx-whom: cdn07\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty:1.21.4.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":6881,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 180x240, components 3","md5":"5d105eab9cc59f338d4719fb244d0118","sha1":"5fc3b03f216f36418bcd5834452a41b3effdf5d2","sha256":"761ad0bcaf9dd32d7ffca05fbe189fecfbaf0cceaa92bfdb4048355bc8579abf","sha512":"527ceb0b1d1886cd1566b3540aeb89c2b7055a0b6d41083f6c93cdc563123a4268794e25ba248b8eb566b83626f3adced717a85da6d20c0d3cb18d4adf2fc682","ssdeep":"192:1JnCcRJZZWaE6+knxqhXe0zabSLz7zcyOm:1JNZlx+knE40zv7Wm","tlshash":"a4e1afa3b9d85f9dcd22cabb803a263073446d2cdcb1773eaf87d70705681d5b449a00","first_seen":"2024-10-06T09:19:28.178685Z","last_seen":"2026-01-28T02:11:33.388412Z","times_seen":8,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":106,"dns":53,"connect":17,"send":0,"wait":18,"receive":1,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}