{"report_id":"d4178fa4-6e6d-4d50-97ba-af87d59864a7","version":6,"status":"done","tags":[],"date":"2023-11-20T21:18:13Z","url":{"schema":"http","addr":"anamera-cletting.com/6b06c5a0-3113-470a-b469-29fa5c621f3d?campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670","fqdn":"anamera-cletting.com","domain":"anamera-cletting.com","tld":"com"},"ip":{"addr":"35.157.125.133","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670","fqdn":"nowtofun.com","domain":"nowtofun.com","tld":"com"},"title":"Nowtofun"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T12:20:51Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"zeniocloud.com","ip":{"addr":"209.95.52.178","port":0,"asn":32780,"as":"HOSTINGSERVICES-INC","country":"United States","country_code":"US"},"domain_registered":"2022-02-15","domain_rank":0,"first_seen":"2022-02-16 16:44:21","last_seen":"2023-11-20 03:21:39","alert_count":0,"request_count":1,"received_data":565,"sent_data":413,"comment":"","tags":null,"fingerprints":null},{"fqdn":"alexatracker.com","ip":{"addr":"104.21.85.99","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-07-27","domain_rank":0,"first_seen":"2020-10-28 19:44:06","last_seen":"2023-11-20 03:21:39","alert_count":0,"request_count":1,"received_data":1219,"sent_data":452,"comment":"","tags":null,"fingerprints":null},{"fqdn":"static.production.push-sender.com","ip":{"addr":"143.204.55.81","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2023-04-06","domain_rank":0,"first_seen":"2023-06-07 13:46:37","last_seen":"2023-11-20 05:10:37","alert_count":0,"request_count":3,"received_data":55478,"sent_data":1347,"comment":"","tags":null,"fingerprints":null},{"fqdn":"anamera-cletting.com","ip":{"addr":"35.157.125.133","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2021-04-21","domain_rank":0,"first_seen":"2021-05-13 11:29:43","last_seen":"2023-11-20 07:36:06","alert_count":0,"request_count":1,"received_data":1620,"sent_data":573,"comment":"","tags":null,"fingerprints":null},{"fqdn":"nowtofun.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"domain_registered":"2023-08-08","domain_rank":0,"first_seen":"2023-08-08 14:57:30","last_seen":"2023-11-20 08:35:24","alert_count":8,"request_count":8,"received_data":526063,"sent_data":8065,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-20","alert":"Sinkholed","trigger":"nowtofun.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-20","alert":"Sinkholed","trigger":"nowtofun.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-20","alert":"Sinkholed","trigger":"nowtofun.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-20","alert":"Sinkholed","trigger":"nowtofun.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-20","alert":"Sinkholed","trigger":"nowtofun.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-20","alert":"Sinkholed","trigger":"nowtofun.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-20","alert":"Sinkholed","trigger":"nowtofun.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-20","alert":"Sinkholed","trigger":"nowtofun.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670","fqdn":"nowtofun.com","domain":"nowtofun.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-19T09:11:22.023028Z","times_seen":15432103,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nowtofun.com/aff_us/12-344543/js/script.js","fqdn":"nowtofun.com","domain":"nowtofun.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":false,"md5":"205aac8cb0aef56cf426e9d81f4a0b9a","sha1":"a4c5a12cfaf5595cde641d02a42fc2f3068303a8","sha256":"d7db9dc61be756abceba2fb80125dd927daf6532eb85318bdf698dd0dc40390e","sha512":"080c48e73b0a29ea54692902acbd953a66b7a7fc5412ebfc661daffee2d713492bbfab495fc88776a82cbecea3e87a58a222a1bb311475d35ec5b6307410d68c","ssdeep":"","tlshash":"e0f0c90a7054b020813b34f05b5b9c6f3626314811726b423c5fcad8eb6d13e8bc289e","size":405,"data":"","first_seen":"2023-03-07T17:08:25Z","last_seen":"2026-05-02T14:23:44.917065Z","times_seen":131,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"alexatracker.com/jscode/JAIA.js?sub1=nowtofun.com\u0026sub2=\u0026sub3=\u0026sub4=\u0026sub5=\u0026prid=","fqdn":"alexatracker.com","domain":"alexatracker.com","tld":"com"},"ip":{"addr":"104.21.85.99","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-19T09:11:22.023028Z","times_seen":15432103,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.production.push-sender.com/mng/channels/init.min.js?ver=1691555173","fqdn":"static.production.push-sender.com","domain":"push-sender.com","tld":"com"},"ip":{"addr":"143.204.55.81","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4b4fda376012aff7417b10111fa3a5c6","sha1":"dda88eefdb0df10b88d99b83741a719ecb91b852","sha256":"c1ada291136f1effde0f220c390cd332d7202d229f3f64b35f11aaa822c7fdfd","sha512":"69e2a8cdab5fdb99961e1c4445fb186d90d3b1781bc0e89880bc6ace5488945c55431b344bc3b61eebd13afff095caf828c53f016500893ee5c89c8fb68cc946","ssdeep":"768:jkUnpgynprnpKmgEpy6pJm74UWb0pI0urqODt0UD1cO:jjnpVnprnp8Epy6pj0p4D1Z","tlshash":"08c2124a6afb20208627b06dcfafd1083136111f154cdd2c7d9c5690af5627eb6e3be9","size":27119,"data":"","first_seen":"2023-10-09T13:35:19Z","last_seen":"2024-08-21T05:04:07.657689Z","times_seen":369,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.production.push-sender.com/mng/subs_window.js?ver=1691555173","fqdn":"static.production.push-sender.com","domain":"push-sender.com","tld":"com"},"ip":{"addr":"143.204.55.81","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e554bff5d51655316050fcc4cbc318eb","sha1":"fd76cffd35b9dd8efd673f9f9531c4416a2137ca","sha256":"d7bc6f18c4f0da715cbd5fc46ddc1f98d164bce41bbb6ce068b767107367c93e","sha512":"e8dfb2aff28dd6486cf63b9636f5f2656d13108bea94902404ffc78da90dc0c5318bc9ccb57c79be3ecc651d2d29f17aeb21f1c5298c87cfb1bfa057915ad83d","ssdeep":"384:YAXS2vkuBlct2Tsy79yndlQPQhfEI9HvDOSqUy4DGXAB9oDSBEIjam+BvwqdNjK:JXTvjBlWagd60fEI9HvDAnSBEIja1BvM","tlshash":"77928384fbee056501fb20ae594f21dc343c51b3a2185c92bcbcffd41fa496865e6ba4","size":19704,"data":"","first_seen":"2023-08-10T17:34:39Z","last_seen":"2025-08-10T07:51:00.95487Z","times_seen":678,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nowtofun.com/aff_us/12-344543/js/jquery.min.js?1","fqdn":"nowtofun.com","domain":"nowtofun.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":false,"md5":"7ccf55ef7ecb1f9a8b24318d9b825702","sha1":"c0a58f84600e7afa56ef5f86ae7974fd1b8182a0","sha256":"08118dcf553740c290d31bac14e3dfbc4c44aaf0867947c8929a3b45789ac308","sha512":"78314ae76b16b3a124c218cbf56683e6fc52fb987e73d3d3dee332df7c52e087b2599154ef1c3e5095e8accd0478ed2813d8f4d010132060e04576562395603e","ssdeep":"1536:3dhEyijTikEJqRdXXe9J578goJsWXdLVhNLKz4DTAjnWotoZqwsRmKKH7UggYiTN:2Qcd5hNLxTwn3t0iUHiTDU8Cuj","tlshash":"4a83e6d9b2d670629b7730b850bf410bb17a98dab44c8da0f058c5d47eb8a8d407bf2c","size":88183,"data":"","first_seen":"2023-03-07T17:08:25Z","last_seen":"2024-09-20T20:13:24.934814Z","times_seen":30,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nowtofun.com/aff_us/12-344543/js/backoffer.js","fqdn":"nowtofun.com","domain":"nowtofun.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":false,"md5":"6d5aa83d23ce0b9f72d3b87d000d8fae","sha1":"034fb8768eb58ffc0b5849e2c162989741a6cbec","sha256":"89266112a6c823b9c03dd5a32d8f1c5e9f4cbf4cf876b56c825781ea389d0800","sha512":"3eadf42f83351fb61991f11f63a70dfb2e1aa15818d60e713599c48d5f16320df77ae33f6f3e4b05a994b5d204e45b6435520dc5f553867979c55d87e38b8a60","ssdeep":"","tlshash":"dde05ccf77581c7706d360b36b7f622c167b10db084396005aba84401930e8bf50ac85","size":430,"data":"","first_seen":"2023-03-07T01:03:00Z","last_seen":"2026-05-19T08:26:36.104239Z","times_seen":2434,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670","fqdn":"nowtofun.com","domain":"nowtofun.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-19T09:11:22.023028Z","times_seen":15432103,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zeniocloud.com/JAIA.js?sub1=nowtofun.com","fqdn":"zeniocloud.com","domain":"zeniocloud.com","tld":"com"},"ip":{"addr":"209.95.52.178","port":0,"asn":32780,"as":"HOSTINGSERVICES-INC","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"959d648ab6e2ce8f043e794eca775463","sha1":"710d269f9f66ac8f540388ecd7f1e60f20a688e2","sha256":"9dd1651b3abf11bc5c73186e859083e8f107128d4668bcd12233784ee6228e51","sha512":"4d10e423770e3c62865066b29a8d3e42daf2f12e6fe2965a01a070f3de7073ee4568be1814e99b5b3d8cfa6e5717ce2ac1a42bf36ff5928749066b7999a600f9","ssdeep":"","tlshash":"3af04c621d68f035ca18b8a7983ed6647e2339553102e19cfebcdc105b127dddd0dda5","size":597,"data":"","first_seen":"2023-08-27T08:21:13Z","last_seen":"2025-05-07T11:54:44.800574Z","times_seen":249,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"anamera-cletting.com/6b06c5a0-3113-470a-b469-29fa5c621f3d?campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670","fqdn":"anamera-cletting.com","domain":"anamera-cletting.com","tld":"com"},"ip":{"addr":"35.157.125.133","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-20T21:17:57.631Z","timestamp":1700515077631,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"anamera-cletting.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Nov 2023 06:58:38 GMT","end":"Thu, 08 Feb 2024 06:58:37 GMT"},"fingerprint":{"sha1":"96:C1:33:6F:E0:CF:84:E0:18:93:6A:5F:C3:F5:86:46:40:3A:06:D3","sha256":"83:8C:16:F9:8B:4B:FA:64:43:E1:60:5E:44:87:23:30:C4:BA:E3:15:69:F6:A0:13:36:B9:81:2B:8F:4C:0E:C8"}}},"request":{"raw":"GET /6b06c5a0-3113-470a-b469-29fa5c621f3d?campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670 HTTP/1.1\r\nHost: anamera-cletting.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Mon, 20 Nov 2023 21:17:55 GMT\r\ncontent-length: 0\r\ncache-control: no-store, no-cache, pre-check=0, post-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nlocation: https://nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670\r\npragma: no-cache\r\nset-cookie: 6b06c5a0-3113-470a-b469-29fa5c621f3d-v4=4MAKfIx0Mog-i2Bo1NHZB0vE5JeKTwqNk1XddcG4Yqc; Max-Age=86400; Expires=Tue, 21-Nov-2023 21:17:55 GMT; Domain=anamera-cletting.com; Path=/; Secure; HttpOnly;SameSite=None\ncep-v4=0tx0B5p0kS21yXDm-91OOEd9bVZXHFAuA_-m2e60YpjXrcrD19gZtKUT3FE4RKMwdghoQVQMP3UUTTAlsAxv3eM6I_hxcBU2IIOThP25kn839Abweu__szIS48B3fAWPFnsqlfm8fgQCUzZv_mO96KwvJH77jVE0Qd5txZSouFGu_ot4ZH2zucXUMVyWF2cN7lZ4pcAMo3TJGbTWf7zbLlKHXUehEA83DFnU4q9Bd-E684akz2XrFEpJGWTFXzWf24f88341yLyhP1kNzEy5mUj2_l_96eFZgxCm7sot4GjnuTYckMPtZ6NILyQz0_hMNDxERHgOsWJSZ-TbdPmgm7uG9XDS8SoMrqWr7XfG_oYBg7vNQGsKZCXwEXsxPcvHblD7WqWVx7Y2NWEoHIXPitldNWYKt-PUcUmJScdDgPyICodjhphGQm6nXEtlaSQ4; Max-Age=86400; Expires=Tue, 21-Nov-2023 21:17:55 GMT; Domain=anamera-cletting.com; Path=/; Secure; HttpOnly;SameSite=None\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-19T09:11:22.023028Z","times_seen":15432103,"resource_available":true,"data":null}},"time_used":151,"timings":{"blocked":61,"dns":0,"connect":27,"send":0,"wait":28,"receive":1,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nowtofun.com/aff_us/12-344543/images/sf-logo2.png","fqdn":"nowtofun.com","domain":"nowtofun.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670","date":"2023-11-20T21:17:58.976Z","timestamp":1700515078976,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nowtofun.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 14:30:36 GMT","end":"Thu, 04 Jan 2024 14:30:35 GMT"},"fingerprint":{"sha1":"B4:ED:D9:C1:7B:7B:08:79:7F:57:68:89:94:51:11:E1:3E:4B:D6:D8","sha256":"83:45:8B:C0:E4:A8:2A:56:86:FE:66:B9:25:35:14:72:12:A2:05:3D:CE:52:8B:87:00:40:0E:2F:23:D4:CC:4B"}}},"request":{"raw":"GET /aff_us/12-344543/images/sf-logo2.png HTTP/1.1\r\nHost: nowtofun.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Nov 2023 21:17:57 GMT\r\ncontent-type: image/png\r\ncontent-length: 8815\r\nlast-modified: Wed, 30 Jun 2021 12:19:39 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 2009\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=WDocJhr%2B%2B%2BqkImXWaIYDrOEWgPX7U6KOLb1X7xpWTuU3HtTvuYUwh%2BtxVEupEqD703k18AeD%2FvgclZM8AnOF1SSyYRtMaL54jZ98IMiq%2FDfWXHaH4T0lIi%2F76DJuoDs%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8293b9005c1856af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8815,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 345 x 65, 8-bit/color RGB, non-interlaced\\012- data","md5":"44a33b084a76c60c68ac7b70f9df09c3","sha1":"14f57b239769515ff8c2487ec470a8308c1cc48f","sha256":"7329440d8770984e86ea71bcfe2e1dd6451d23dce2f5efd3e298d9f77954335a","sha512":"ab1fb03ebcc12d1ca1cdbb3dadea7996236e47ca73f799be375fee71b622871f7ad70ca38d1a97468e5f13533fa1a07fa0a66f3ca616763ccfe360c1edb7ea6c","ssdeep":"192:wOJ/MN4W1gmjiTGbc3/PbW1xuFTRCsTKQFCy0aMIbe4t9rYkJ:wKM62gmrpuVg5QFCrCe4bX","tlshash":"d402bf8bdd3800d3078ed65bf8609855d3ea4519018e675241ee6f894bfd16083ee7ab","first_seen":"2023-05-09T06:06:08Z","last_seen":"2026-05-02T14:23:44.907217Z","times_seen":131,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-20","alert":"Sinkholed","trigger":"nowtofun.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zeniocloud.com/JAIA.js?sub1=nowtofun.com","fqdn":"zeniocloud.com","domain":"zeniocloud.com","tld":"com"},"ip":{"addr":"209.95.52.178","port":0,"asn":32780,"as":"HOSTINGSERVICES-INC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670","date":"2023-11-20T21:17:58.969Z","timestamp":1700515078969,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zeniocloud.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Nov 2023 06:46:31 GMT","end":"Mon, 05 Feb 2024 06:46:30 GMT"},"fingerprint":{"sha1":"1E:2E:97:0E:01:E6:40:71:15:D2:13:94:12:5D:05:94:76:7B:D6:A0","sha256":"10:0B:52:00:99:78:FA:10:65:B6:33:D6:4F:F6:17:04:54:E6:77:55:8D:8F:CC:DD:88:A4:2B:81:A0:E5:BA:CD"}}},"request":{"raw":"GET /JAIA.js?sub1=nowtofun.com HTTP/1.1\r\nHost: zeniocloud.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nowtofun.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Mon, 20 Nov 2023 21:17:57 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":332,"size_decoded":0,"mime_type":"","magic":"ASCII text","md5":"959d648ab6e2ce8f043e794eca775463","sha1":"710d269f9f66ac8f540388ecd7f1e60f20a688e2","sha256":"9dd1651b3abf11bc5c73186e859083e8f107128d4668bcd12233784ee6228e51","sha512":"4d10e423770e3c62865066b29a8d3e42daf2f12e6fe2965a01a070f3de7073ee4568be1814e99b5b3d8cfa6e5717ce2ac1a42bf36ff5928749066b7999a600f9","ssdeep":"","tlshash":"3af04c621d68f035ca18b8a7983ed6647e2339553102e19cfebcdc105b127dddd0dda5","first_seen":"2023-08-27T08:21:13Z","last_seen":"2025-05-07T11:54:44.800574Z","times_seen":249,"resource_available":true,"data":null}},"time_used":788,"timings":{"blocked":248,"dns":31,"connect":101,"send":0,"wait":285,"receive":0,"ssl":120},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nowtofun.com/aff_us/12-344543/images/3.webm","fqdn":"nowtofun.com","domain":"nowtofun.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670","date":"2023-11-20T21:17:59.772Z","timestamp":1700515079772,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nowtofun.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 14:30:36 GMT","end":"Thu, 04 Jan 2024 14:30:35 GMT"},"fingerprint":{"sha1":"B4:ED:D9:C1:7B:7B:08:79:7F:57:68:89:94:51:11:E1:3E:4B:D6:D8","sha256":"83:45:8B:C0:E4:A8:2A:56:86:FE:66:B9:25:35:14:72:12:A2:05:3D:CE:52:8B:87:00:40:0E:2F:23:D4:CC:4B"}}},"request":{"raw":"GET /aff_us/12-344543/images/3.webm HTTP/1.1\r\nHost: nowtofun.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nReferer: https://nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 Partial Content\r\ndate: Mon, 20 Nov 2023 21:17:57 GMT\r\ncontent-type: video/webm\r\ncontent-length: 374435\r\nlast-modified: Wed, 30 Jun 2021 12:19:38 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 2009\r\ncontent-range: bytes 0-374434/374435\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=AsgFv6VPExYRj65eYD2oV4NtEbv8g%2BU5sxEOOyIvsShSrAfhpS0xvk%2BR7FUnlkjSu3%2F9Y2gZiY0PWInxD0ioBcQ9yuhViT8QxS%2FpJ4BtcN4alQiwQcX2rYUmiAOLZSs%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8293b905593f56af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":374435,"size_decoded":0,"mime_type":"video/webm","magic":"WebM\\012- EBML file, creator webmB\\20\\012- data","md5":"10cf22295db16bc31dc7032d49ae837d","sha1":"1e1df6a2622177b434550b41ab5e3d0bc7cbaa66","sha256":"592006cadbe2dd28b0fa23e187e60555859d1788ff6a7f7d2c0d3b2e69ff9c4e","sha512":"b543dc5972ce89678b739bfd8e172e0927ba57cf1c114736f9319d95d94ce9a838d6457b6f94c4ce20885d750575d8b4759c6de822dbecb6fc01b96078d90a8c","ssdeep":"6144:drO11KW9EMSf/F1Cyfu9wgjpH6GNkr6upGIemy9u4Nt537zivIaadL8xOyPz:drO1wHCbZNRIl+u4N3viAdjgz","tlshash":"288423599c0897c0ea40d77391184c844edd9af9fbcb4ba68939f0e3dc22e7711abd15","first_seen":"2023-05-09T06:06:08Z","last_seen":"2024-09-20T20:13:24.948327Z","times_seen":30,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":64,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-20","alert":"Sinkholed","trigger":"nowtofun.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alexatracker.com/jscode/JAIA.js?sub1=nowtofun.com\u0026sub2=\u0026sub3=\u0026sub4=\u0026sub5=\u0026prid=","fqdn":"alexatracker.com","domain":"alexatracker.com","tld":"com"},"ip":{"addr":"104.21.85.99","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670","date":"2023-11-20T21:17:59.686Z","timestamp":1700515079686,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alexatracker.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 26 Sep 2023 06:49:24 GMT","end":"Mon, 25 Dec 2023 06:49:23 GMT"},"fingerprint":{"sha1":"4A:99:09:41:69:BD:24:82:CB:FB:C5:06:69:E3:4B:A8:DB:8E:C6:52","sha256":"B1:88:EE:5D:FC:86:52:7D:D1:29:22:EB:EB:C7:74:D9:F3:97:86:E1:5A:AE:70:7A:0B:25:C4:DA:AE:69:B6:D2"}}},"request":{"raw":"GET /jscode/JAIA.js?sub1=nowtofun.com\u0026sub2=\u0026sub3=\u0026sub4=\u0026sub5=\u0026prid= HTTP/1.1\r\nHost: alexatracker.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nowtofun.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 20 Nov 2023 21:17:58 GMT\r\ncontent-type: application/json; charset=UTF-8\r\ncontent-length: 0\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\ncf-cache-status: BYPASS\r\naccept-ranges: bytes\r\nset-cookie: trbarid=a6d4886dec657a29c9b44aa2754f7d3b1f90aa618a4022dc538f7bb832bdf96da%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A1975896966036180230%3B%7D; expires=Mon, 24-Nov-2025 21:17:58 GMT; Max-Age=63504000; path=/; secure; HttpOnly; SameSite=None\n__cf_bm=3szL8VuNdy4q_JHrwa3um_iHpt8.l1FemHzTQtplCyk-1700515078-0-AYdYiUpp8ohmOtOaIp7RZ1iiXO+KqqftFnb6D9ZxYTirWMcacRjIWlcKmefM1VEJD7YEUmss/FsTXW+da9Wj6T8=; path=/; expires=Mon, 20-Nov-23 21:47:58 GMT; domain=.alexatracker.com; HttpOnly; Secure; SameSite=None\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=O0C17b%2FZf81fpVMGDBnZjcC3pvSQrqklhwXEWVU1Vf%2F%2BBCF911mKPmfksQl4ZjswseJSBVdQ23gQP7m8ohqK16i6BTX8G4%2BTV7EXB6PyLnfAX0Do%2BKvB6o8Uq4cVH2c7nSgg\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8293b90508cb56a8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-19T09:11:22.023028Z","times_seen":15432103,"resource_available":true,"data":null}},"time_used":225,"timings":{"blocked":32,"dns":5,"connect":1,"send":0,"wait":153,"receive":4,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nowtofun.com/aff_us/12-344543/images/fav.png","fqdn":"nowtofun.com","domain":"nowtofun.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670","date":"2023-11-20T21:17:59.962Z","timestamp":1700515079962,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nowtofun.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 14:30:36 GMT","end":"Thu, 04 Jan 2024 14:30:35 GMT"},"fingerprint":{"sha1":"B4:ED:D9:C1:7B:7B:08:79:7F:57:68:89:94:51:11:E1:3E:4B:D6:D8","sha256":"83:45:8B:C0:E4:A8:2A:56:86:FE:66:B9:25:35:14:72:12:A2:05:3D:CE:52:8B:87:00:40:0E:2F:23:D4:CC:4B"}}},"request":{"raw":"GET /aff_us/12-344543/images/fav.png HTTP/1.1\r\nHost: nowtofun.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Nov 2023 21:17:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 40381\r\nlast-modified: Tue, 15 Aug 2023 12:15:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 2009\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=ohoi4FeNLU10u4%2FieybsbezAStwhPz%2B%2FPvGGSp%2Fgm0C4%2B9pKKDjArbkNDTIaJGKYGJnaikSg3URjauZy3Mi0XyRj9fPY0phGrmXDis%2FkaDtbsgNjnSX%2BqiSIA5wgeB4%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8293b9068a6056af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40381,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 158, 8-bit/color RGBA, non-interlaced\\012- data","md5":"d247464194e7c924f627837b571d7ef0","sha1":"20f5d082cb19e5a55d5d62fb26ca160828af95df","sha256":"c461948d7b5c6dc1988ecee4f4a618595ebc26fa9923f29f680d2772db09a775","sha512":"4a4874cb0b1e6fc30064bcca4f162d4feff1283f1c3625f2b516cc9e8ac3ceabeae749fb65fb9e800393202e3dda28bb72587762bc9ece806f209a220cec68fa","ssdeep":"768:zxUGXfb0QPu+AMhaKuoRO2e/g3MO/0YcWfglpM9VPJ0cloGImuGE+F:dZforYaKuoROqcO8YcWfgAPoGuGE+F","tlshash":"1d03f15835bd36a849e3539cb3faa2acd186208cd0a85f4fe152a60e75cd4618a9cf85","first_seen":"2023-08-27T08:21:13Z","last_seen":"2025-12-05T11:18:11.364243Z","times_seen":310,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-20","alert":"Sinkholed","trigger":"nowtofun.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nowtofun.com/aff_us/12-344543/css/style.css","fqdn":"nowtofun.com","domain":"nowtofun.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670","date":"2023-11-20T21:17:58.965Z","timestamp":1700515078965,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nowtofun.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 14:30:36 GMT","end":"Thu, 04 Jan 2024 14:30:35 GMT"},"fingerprint":{"sha1":"B4:ED:D9:C1:7B:7B:08:79:7F:57:68:89:94:51:11:E1:3E:4B:D6:D8","sha256":"83:45:8B:C0:E4:A8:2A:56:86:FE:66:B9:25:35:14:72:12:A2:05:3D:CE:52:8B:87:00:40:0E:2F:23:D4:CC:4B"}}},"request":{"raw":"GET /aff_us/12-344543/css/style.css HTTP/1.1\r\nHost: nowtofun.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Nov 2023 21:17:57 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 30 Jun 2021 12:19:36 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 2010\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=WH7SktUZASC6ud%2BcEuJ%2FnPXW2JFhDvRG1aE%2F0EF5szLnz02s0wPc3CE3mv8tC2u%2FT1dGCD0BK78vEp%2FedRr9Bva31qJhAeyA7Oene9b2CB86UL8CZpr6e8HY2wEWxjI%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8293b9004c1256af-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2854,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2973), with no line terminators","md5":"3699b9bec7b9ca6c9c389d1c4eead445","sha1":"1a1e6245c7c6c4f86e0d84231a07fb75d30936a1","sha256":"2190565ec924d8ec4eb9e4784249dcde7b79c66356ad80848089ff240efda93d","sha512":"c5bfb5db276f18c1a2ac6d90be2bc41184c37c4e3374e48633cc407241c6b0adb34fc051da883788679be794b86ea977cdb8e9f9cff1aa6bb667d712b31fcaae","ssdeep":"","tlshash":"965112636c881018f6314cea71e6b76934688c069277d7b1f5b6fdb4d6c28bbd362b04","first_seen":"2023-05-09T06:06:08Z","last_seen":"2025-01-15T15:30:58.863959Z","times_seen":23,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-20","alert":"Sinkholed","trigger":"nowtofun.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nowtofun.com/aff_us/12-344543/js/backoffer.js","fqdn":"nowtofun.com","domain":"nowtofun.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670","date":"2023-11-20T21:17:58.984Z","timestamp":1700515078984,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nowtofun.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 14:30:36 GMT","end":"Thu, 04 Jan 2024 14:30:35 GMT"},"fingerprint":{"sha1":"B4:ED:D9:C1:7B:7B:08:79:7F:57:68:89:94:51:11:E1:3E:4B:D6:D8","sha256":"83:45:8B:C0:E4:A8:2A:56:86:FE:66:B9:25:35:14:72:12:A2:05:3D:CE:52:8B:87:00:40:0E:2F:23:D4:CC:4B"}}},"request":{"raw":"GET /aff_us/12-344543/js/backoffer.js HTTP/1.1\r\nHost: nowtofun.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Nov 2023 21:17:57 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 30 Jun 2021 12:19:40 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 2009\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=RJkYk6bJuS%2Bjl2VQtNMuSd2Vkfmn8fsbvT%2FHPYd5bkaL1%2BkelAZuOWjSBNCy4elk28sAF9cv5Yymurb%2Bpdb16zF7NxqhYrNKh3XWcSpbmAnz4Ndz%2F8ytZkWDtVWHNKc%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8293b9005c2456af-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":430,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (430), with no line terminators","md5":"6d5aa83d23ce0b9f72d3b87d000d8fae","sha1":"034fb8768eb58ffc0b5849e2c162989741a6cbec","sha256":"89266112a6c823b9c03dd5a32d8f1c5e9f4cbf4cf876b56c825781ea389d0800","sha512":"3eadf42f83351fb61991f11f63a70dfb2e1aa15818d60e713599c48d5f16320df77ae33f6f3e4b05a994b5d204e45b6435520dc5f553867979c55d87e38b8a60","ssdeep":"","tlshash":"dde05ccf77581c7706d360b36b7f622c167b10db084396005aba84401930e8bf50ac85","first_seen":"2023-03-07T01:03:00Z","last_seen":"2026-05-19T08:26:36.104239Z","times_seen":2434,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-20","alert":"Sinkholed","trigger":"nowtofun.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670","fqdn":"nowtofun.com","domain":"nowtofun.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-20T21:17:57.742Z","timestamp":1700515077742,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nowtofun.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 14:30:36 GMT","end":"Thu, 04 Jan 2024 14:30:35 GMT"},"fingerprint":{"sha1":"B4:ED:D9:C1:7B:7B:08:79:7F:57:68:89:94:51:11:E1:3E:4B:D6:D8","sha256":"83:45:8B:C0:E4:A8:2A:56:86:FE:66:B9:25:35:14:72:12:A2:05:3D:CE:52:8B:87:00:40:0E:2F:23:D4:CC:4B"}}},"request":{"raw":"GET /aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670 HTTP/1.1\r\nHost: nowtofun.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 20 Nov 2023 21:17:56 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=jM%2Faf2l0%2B9HF%2BJVI3s6GkZXvCNo%2F2C8RocWl%2B6ApMMZFOxP5SU6oeFzAYEudagq8sdDpq03voiD6fEyavw83wzzrTdwWKPCi6yN3wRMdhBVZDWftw%2F4jhUzkNg2QjiM%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8293b8f8dfdcb4ff-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5382,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (5755), with no line terminators","md5":"6b80acd32025acbc9dbe62d39adda20f","sha1":"5906be9eeb676e143ae0281b2c447ffbabe53610","sha256":"3c5c6ae29e90258de7ba2c0fdabf89c68d707eb47a1ac54f29c046b03d5e417e","sha512":"ceae9cce2e0ec51007d29b26aa3c28c26f44b1fef067900767127c573cce4c6e968cc2f9c6436b439836b020f67131feb353c38c8277e072b99f3fe22047dc08","ssdeep":"48:YBTv953zcQgPQgwVKgTmueVpH28fQyxbbKyYtn16CsO/sLsUcjkEdsOsivgsZso6:uHHVHJeVp3VxH9YGCsOrjkKJ+Rhp","tlshash":"dcc12f171cf5803b141288c71a73bf3eada5f52c9e98c50872ed426e47daee4cc97564","first_seen":"2023-11-07T00:22:57Z","last_seen":"2023-11-20T22:18:14Z","times_seen":4,"resource_available":false,"data":null}},"time_used":978,"timings":{"blocked":27,"dns":1,"connect":2,"send":0,"wait":923,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-20","alert":"Sinkholed","trigger":"nowtofun.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.production.push-sender.com/mng/subs_window.css?ver=1691555173","fqdn":"static.production.push-sender.com","domain":"push-sender.com","tld":"com"},"ip":{"addr":"143.204.55.81","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670","date":"2023-11-20T21:17:58.972Z","timestamp":1700515078972,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"production.push-sender.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 17 Apr 2023 00:00:00 GMT","end":"Thu, 16 May 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7D:DE:F0:A4:F1:90:8E:A4:04:C1:E0:62:0D:05:EB:54:29:89:C9:C8","sha256":"5B:24:32:92:C3:23:57:59:DF:8A:90:3A:A1:7C:4E:7F:34:D4:DE:00:0F:E2:3B:0E:2A:DB:1E:F9:ED:86:A3:4C"}}},"request":{"raw":"GET /mng/subs_window.css?ver=1691555173 HTTP/1.1\r\nHost: static.production.push-sender.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nowtofun.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nlast-modified: Tue, 10 Oct 2023 14:33:38 GMT\r\nx-amz-server-side-encryption: AES256\r\nserver: AmazonS3\r\ncontent-encoding: br\r\ndate: Sun, 19 Nov 2023 21:31:20 GMT\r\netag: W/\"adb85744f96b502ad68d63ede0adcd4e\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: tBzHxxj8Ax844o00LM6frupykTHJ--IGBZ80D1Ee5cLPoH4uVhYE1g==\r\nage: 85598\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7130,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (7434), with no line terminators","md5":"7edfc18d48d2641549d953ad7b35769d","sha1":"b57f256b8a85278ce3459c2aac1b517b40889f94","sha256":"460354d6acce1e481e3f0a6436a6484f25f9a58e1c8540eaa61047573e72d968","sha512":"1ac7e982cf40511d7c88aacf83fdc3521b7779dcde90b998d14733941deef3e966b1aaa2c408bb55a3b938d9f66d89a6066ae4793676ac1712b7c7391a692b29","ssdeep":"96:USc7n0HvosH74gsyDgJo2TeTMTXTGnT9qFrBzi5MAjlO36ABnvxe0CQORR:k0HvLH7C+gJolRqFrBaxO33JvxgRR","tlshash":"92e1873d2e121234a9278fb4d7e76b24163ef5221972a4dd7348674b839a69c40c2b7f","first_seen":"2023-08-10T17:34:39Z","last_seen":"2025-04-04T11:11:02.112204Z","times_seen":538,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":41,"dns":18,"connect":4,"send":0,"wait":3,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nowtofun.com/aff_us/12-344543/js/script.js","fqdn":"nowtofun.com","domain":"nowtofun.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670","date":"2023-11-20T21:17:58.981Z","timestamp":1700515078981,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nowtofun.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 14:30:36 GMT","end":"Thu, 04 Jan 2024 14:30:35 GMT"},"fingerprint":{"sha1":"B4:ED:D9:C1:7B:7B:08:79:7F:57:68:89:94:51:11:E1:3E:4B:D6:D8","sha256":"83:45:8B:C0:E4:A8:2A:56:86:FE:66:B9:25:35:14:72:12:A2:05:3D:CE:52:8B:87:00:40:0E:2F:23:D4:CC:4B"}}},"request":{"raw":"GET /aff_us/12-344543/js/script.js HTTP/1.1\r\nHost: nowtofun.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Nov 2023 21:17:57 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 30 Jun 2021 12:19:40 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 2009\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=Q37d6ru6JfCXmZVzV3EaSpnV%2BxD6i1EGoN2Bd25BpDM%2FLPjFkW2anL0OM03jEW5SGxeGcscHqcSqClvBdjRCnbbdEhx5%2FiU4ptMbu4vN5UTgfOQmw55iDVXagMueE3A%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8293b9005c2356af-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":405,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (441), with no line terminators","md5":"16def3cf8b5125aff38ae24be9f13351","sha1":"9625f62a090aa993c8aee252fa8111af33198478","sha256":"f57f7c42c739c951f7e010818553aaa1b2e37a681de672246ae43f2805e57839","sha512":"02aa5acfb7a3deb09c4c8250f317b69bd74594e9d5e3bdd67232bbd13cb7c4ebfbea3fc0f194ceb6ed2ca2634bd0761157e5788e21ce5fe5a57ce9f56213b4c5","ssdeep":"","tlshash":"b2f0590a7054b020913b34f05b5b9d6f3626354811726b523c5fcad8eb6d13e8bd699e","first_seen":"2023-05-09T06:06:08Z","last_seen":"2025-01-15T15:30:58.865843Z","times_seen":27,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-20","alert":"Sinkholed","trigger":"nowtofun.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.production.push-sender.com/mng/subs_window.js?ver=1691555173","fqdn":"static.production.push-sender.com","domain":"push-sender.com","tld":"com"},"ip":{"addr":"143.204.55.81","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670","date":"2023-11-20T21:17:58.971Z","timestamp":1700515078971,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"production.push-sender.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 17 Apr 2023 00:00:00 GMT","end":"Thu, 16 May 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7D:DE:F0:A4:F1:90:8E:A4:04:C1:E0:62:0D:05:EB:54:29:89:C9:C8","sha256":"5B:24:32:92:C3:23:57:59:DF:8A:90:3A:A1:7C:4E:7F:34:D4:DE:00:0F:E2:3B:0E:2A:DB:1E:F9:ED:86:A3:4C"}}},"request":{"raw":"GET /mng/subs_window.js?ver=1691555173 HTTP/1.1\r\nHost: static.production.push-sender.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nowtofun.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Oct 2023 14:33:38 GMT\r\nx-amz-server-side-encryption: AES256\r\nserver: AmazonS3\r\ncontent-encoding: gzip\r\ndate: Mon, 20 Nov 2023 01:36:54 GMT\r\netag: W/\"2b3010e6d2440c83b9cfff48def5f0c1\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: UPPh02KllyWh2AcUuK4nAvpFwVTjGrUAC9snsAFE99uPLAM2JzNfwg==\r\nage: 71905\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19706,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-19T09:11:22.023028Z","times_seen":15432103,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":45,"dns":19,"connect":1,"send":0,"wait":2,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.production.push-sender.com/mng/channels/init.min.js?ver=1691555173","fqdn":"static.production.push-sender.com","domain":"push-sender.com","tld":"com"},"ip":{"addr":"143.204.55.81","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670","date":"2023-11-20T21:17:58.974Z","timestamp":1700515078974,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"production.push-sender.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 17 Apr 2023 00:00:00 GMT","end":"Thu, 16 May 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7D:DE:F0:A4:F1:90:8E:A4:04:C1:E0:62:0D:05:EB:54:29:89:C9:C8","sha256":"5B:24:32:92:C3:23:57:59:DF:8A:90:3A:A1:7C:4E:7F:34:D4:DE:00:0F:E2:3B:0E:2A:DB:1E:F9:ED:86:A3:4C"}}},"request":{"raw":"GET /mng/channels/init.min.js?ver=1691555173 HTTP/1.1\r\nHost: static.production.push-sender.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nowtofun.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Oct 2023 14:33:38 GMT\r\nx-amz-server-side-encryption: AES256\r\nserver: AmazonS3\r\ncontent-encoding: gzip\r\ndate: Mon, 20 Nov 2023 10:17:10 GMT\r\netag: W/\"4b4fda376012aff7417b10111fa3a5c6\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: nv3fnxC60uuugMCKsM8oEdk-Eo66s8Lj7RSwi5DiADCNMfMijblyNA==\r\nage: 39675\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27119,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"4b4fda376012aff7417b10111fa3a5c6","sha1":"dda88eefdb0df10b88d99b83741a719ecb91b852","sha256":"c1ada291136f1effde0f220c390cd332d7202d229f3f64b35f11aaa822c7fdfd","sha512":"69e2a8cdab5fdb99961e1c4445fb186d90d3b1781bc0e89880bc6ace5488945c55431b344bc3b61eebd13afff095caf828c53f016500893ee5c89c8fb68cc946","ssdeep":"768:jkUnpgynprnpKmgEpy6pJm74UWb0pI0urqODt0UD1cO:jjnpVnprnp8Epy6pj0p4D1Z","tlshash":"08c2124a6afb20208627b06dcfafd1083136111f154cdd2c7d9c5690af5627eb6e3be9","first_seen":"2023-10-09T13:35:19Z","last_seen":"2024-08-21T05:04:07.657689Z","times_seen":369,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":41,"dns":18,"connect":4,"send":0,"wait":11,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nowtofun.com/aff_us/12-344543/js/jquery.min.js?1","fqdn":"nowtofun.com","domain":"nowtofun.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670","date":"2023-11-20T21:17:58.979Z","timestamp":1700515078979,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nowtofun.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 14:30:36 GMT","end":"Thu, 04 Jan 2024 14:30:35 GMT"},"fingerprint":{"sha1":"B4:ED:D9:C1:7B:7B:08:79:7F:57:68:89:94:51:11:E1:3E:4B:D6:D8","sha256":"83:45:8B:C0:E4:A8:2A:56:86:FE:66:B9:25:35:14:72:12:A2:05:3D:CE:52:8B:87:00:40:0E:2F:23:D4:CC:4B"}}},"request":{"raw":"GET /aff_us/12-344543/js/jquery.min.js?1 HTTP/1.1\r\nHost: nowtofun.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://nowtofun.com/aff_us/12-344543/?cep=1ZqoPhpdbx3SHSGbazGrqPbSDT1iD5I1yFY35Dpc9sfF1xB0p-NzvYP_yP69gFSMKf6tH5tag_uVothAymVNHiHz1Xjip1x2sznpa3VdJBfvB4XMQnw1dSSI_RkWZpHnes8UMFFDrpQf0skDfgZjujgbIdYcgZXC5Vyh67PWreeSNczToWmbjCGjn_NbDk7VGp-djZnOaeS_ladKvBuYxNxJNJy7RmJImqJiOBkdDrHLs7mRAhYAm-SYsry4IIrIrTql3zfSURFBz4VwOloHRRrPkNlheemaNdipU2giEmhP14O5IkxLdxQpH9Ka1Nvq0mE2LiJiVqKGToTa_zmM2g09k_PFC_wuqgCJ8-GfLVcoEB2u1m_qkHhR5FdQvWGc40k9IgvU2m3HUMCaLqoccJFsq91K8CtLLw1JNJBDVQRp1q_EBFMaV5g3CYEwHGaR\u0026lptoken=1721003351d2688875c8\u0026campaign=\u0026clickid=655bccf2e635ef00017b323c\u0026pid=273\u0026var6=670\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 20 Nov 2023 21:17:57 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 17 Mar 2022 12:23:20 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 2009\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=1ta%2B%2BfFJ0%2BXS%2F4dHqCrpNYt1tNs%2BTpTSDgT2L4HPaX5QGgY%2BBuxF8GxKgUN2l%2FRDGaKD%2F9WUSa9MCl0ak5O56Mc85f1aDWv0AJ5gYLsK3M%2FlOQ66VcEykEKqIzdFF%2Fs%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8293b9005c1f56af-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":88183,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (32014)","md5":"7ccf55ef7ecb1f9a8b24318d9b825702","sha1":"c0a58f84600e7afa56ef5f86ae7974fd1b8182a0","sha256":"08118dcf553740c290d31bac14e3dfbc4c44aaf0867947c8929a3b45789ac308","sha512":"78314ae76b16b3a124c218cbf56683e6fc52fb987e73d3d3dee332df7c52e087b2599154ef1c3e5095e8accd0478ed2813d8f4d010132060e04576562395603e","ssdeep":"1536:3dhEyijTikEJqRdXXe9J578goJsWXdLVhNLKz4DTAjnWotoZqwsRmKKH7UggYiTN:2Qcd5hNLxTwn3t0iUHiTDU8Cuj","tlshash":"4a83e6d9b2d670629b7730b850bf410bb17a98dab44c8da0f058c5d47eb8a8d407bf2c","first_seen":"2023-03-07T17:08:25Z","last_seen":"2024-09-20T20:13:24.934814Z","times_seen":30,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-20","alert":"Sinkholed","trigger":"nowtofun.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}