{"report_id":"da7b11c8-3e3f-40e7-b65b-89ab32b1e551","version":6,"status":"done","tags":[],"date":"2025-10-08T10:27:31Z","url":{"schema":"http","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"172.67.148.193","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"title":"(1) New Message!"},"submit":{"url":{"schema":"http","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"172.67.148.193","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-12T10:27:31Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":23}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"vmuid.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"amt3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"origunix.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"matomo.hellohi.me","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-07-03","domain_rank":0,"first_seen":"2019-07-03T20:13:04Z","last_seen":"2025-10-06T06:02:25.443767Z","alert_count":0,"request_count":1,"received_data":607,"sent_data":425,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"secure.gravatar.com","ip":{"addr":"192.0.73.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"domain_registered":"2004-07-15","domain_rank":16323,"first_seen":"2012-05-22T05:36:38Z","last_seen":"2025-10-05T22:42:13.487833Z","alert_count":0,"request_count":4,"received_data":4417,"sent_data":2032,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"msdoj.com","ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2025-07-01","domain_rank":211684,"first_seen":"2025-07-02T02:58:17.140394Z","last_seen":"2025-10-06T04:48:09.512585Z","alert_count":0,"request_count":2,"received_data":64929,"sent_data":990,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.storageimagedisplay.com","ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2024-09-13","domain_rank":170153,"first_seen":"2024-09-13T12:56:32Z","last_seen":"2025-10-05T22:31:22.777678Z","alert_count":0,"request_count":3,"received_data":84482,"sent_data":1425,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"amt3.com","ip":{"addr":"139.45.195.9","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2004-03-18","domain_rank":8122,"first_seen":"2025-04-23T17:00:21.322227Z","last_seen":"2025-10-08T08:00:52.631212Z","alert_count":1,"request_count":1,"received_data":840,"sent_data":614,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-10-05T22:12:06.373682Z","alert_count":0,"request_count":4,"received_data":38334,"sent_data":1827,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2025-10-06T00:34:29.689436Z","alert_count":0,"request_count":1,"received_data":848,"sent_data":457,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.seaofads.com","ip":{"addr":"172.67.140.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-05-22","domain_rank":0,"first_seen":"2019-05-23T23:46:16Z","last_seen":"2025-10-07T13:13:45.347743Z","alert_count":0,"request_count":1,"received_data":155958,"sent_data":481,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"wayfarerorthodox.com","ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-08-08T11:06:50.216151Z","last_seen":"2025-10-06T02:42:08.575259Z","alert_count":24,"request_count":12,"received_data":25983,"sent_data":6553,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"professionaltrafficmonitor.com","ip":{"addr":"52.57.8.161","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-01-23","domain_rank":16376,"first_seen":"2025-01-25T08:56:07.448138Z","last_seen":"2025-10-05T22:31:22.752325Z","alert_count":0,"request_count":4,"received_data":1736,"sent_data":1892,"comment":"","tags":null,"fingerprints":null},{"fqdn":"s0.wp.com","ip":{"addr":"192.0.77.32","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"domain_registered":"1997-03-28","domain_rank":56327,"first_seen":"2017-01-30T05:08:18Z","last_seen":"2025-10-05T23:16:49.149719Z","alert_count":0,"request_count":1,"received_data":8361,"sent_data":452,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"i.ibb.co","ip":{"addr":"45.43.142.6","port":443,"asn":215751,"as":"Mikhail Fedorov","country":"Israel","country_code":"IL"},"domain_registered":"2010-07-20","domain_rank":21643,"first_seen":"2018-11-25T10:13:48Z","last_seen":"2025-10-06T03:33:36.947933Z","alert_count":0,"request_count":1,"received_data":5916,"sent_data":449,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2025-10-01T11:21:03.813992Z","alert_count":1,"request_count":1,"received_data":377,"sent_data":428,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.gravatar.com","ip":{"addr":"192.0.73.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"domain_registered":"2004-07-15","domain_rank":32157,"first_seen":"2012-05-21T12:14:24Z","last_seen":"2025-10-01T20:51:06.976257Z","alert_count":0,"request_count":1,"received_data":2617,"sent_data":498,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-10-05T22:12:07.524768Z","alert_count":0,"request_count":8,"received_data":238812,"sent_data":4541,"comment":"","tags":null,"fingerprints":null},{"fqdn":"heartilyscales.com","ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2022-12-16","domain_rank":2862533,"first_seen":"2022-12-16T08:32:11Z","last_seen":"2025-10-06T06:02:25.385158Z","alert_count":27,"request_count":9,"received_data":173919,"sent_data":10315,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"creative-sb1.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-01","domain_rank":22211,"first_seen":"2025-08-08T09:32:32.509707Z","last_seen":"2025-10-06T03:04:51.602393Z","alert_count":26,"request_count":13,"received_data":346878,"sent_data":6202,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.show-sb.com","ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-20","domain_rank":187612,"first_seen":"2024-08-31T03:46:04Z","last_seen":"2025-10-06T03:54:26.655571Z","alert_count":3,"request_count":3,"received_data":5703,"sent_data":1548,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.friendlyduck.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2008-06-23","domain_rank":0,"first_seen":"2012-06-01T08:33:17Z","last_seen":"2025-10-07T13:13:45.407909Z","alert_count":0,"request_count":4,"received_data":2682,"sent_data":1952,"comment":"","tags":null,"fingerprints":[{"name":"PHP:8.4.3","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"pixel.wp.com","ip":{"addr":"192.0.76.3","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"domain_registered":"1997-03-28","domain_rank":22824,"first_seen":"2017-01-30T05:31:40Z","last_seen":"2025-10-05T22:20:16.505527Z","alert_count":0,"request_count":1,"received_data":251,"sent_data":583,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"bvtpk.com","ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-03-16","domain_rank":37068,"first_seen":"2025-05-21T11:34:02.786268Z","last_seen":"2025-10-07T14:59:13.045889Z","alert_count":0,"request_count":1,"received_data":111120,"sent_data":418,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"streamdreams.dirproxy.dev","ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-04-10","domain_rank":0,"first_seen":"2025-10-08T10:27:33.414175Z","last_seen":"2025-10-08T10:27:33.414175Z","alert_count":270,"request_count":135,"received_data":2479648,"sent_data":71328,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Glyphicons","description":"Glyphicons are icon fonts which you can use in your web projects.","website":"https://glyphicons.com","common_platform_enumeration":"","icon":"Glyphicons.png","categories":["Font scripts"]},{"name":"BuddyPress:4.3.0","description":"BuddyPress is designed to allow schools, companies, sports teams, or any other niche community to start their own social network or communication tool.","website":"https://buddypress.org","common_platform_enumeration":"","icon":"BuddyPress.svg","categories":["WordPress plugins"]},{"name":"Bootstrap:3.3.5","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Contact Form 7:5.1.3","description":"Contact Form 7 is an WordPress plugin which can manage multiple contact forms. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering.","website":"https://contactform7.com","common_platform_enumeration":"","icon":"Contact Form 7.png","categories":["WordPress plugins","Form builders"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Chosen:2.4.6","description":"Chosen is a jQuery plugin that makes long, unwieldy select boxes much more user-friendly.","website":"https://harvesthq.github.io/chosen/","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks"]},{"name":"Gravatar","description":"Gravatar is a service for providing globally unique avatars.","website":"https://gravatar.com","common_platform_enumeration":"","icon":"Gravatar.png","categories":["Miscellaneous"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]}]},{"fqdn":"rashcolonizeexpand.com","ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-09-01","domain_rank":31106,"first_seen":"2025-06-27T17:12:36.133274Z","last_seen":"2025-10-06T02:36:00.202778Z","alert_count":6,"request_count":2,"received_data":7627,"sent_data":979,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"vmuid.com","ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2018-10-22","domain_rank":182910,"first_seen":"2019-07-09T14:53:12Z","last_seen":"2025-10-07T06:39:08.001009Z","alert_count":2,"request_count":2,"received_data":11213,"sent_data":1050,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"directlycascade.com","ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2025-09-10","domain_rank":0,"first_seen":"2025-09-10T21:14:18.585097Z","last_seen":"2025-10-06T06:02:25.524581Z","alert_count":18,"request_count":6,"received_data":186240,"sent_data":5540,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-10-08T05:41:48.061731Z","alert_count":12,"request_count":4,"received_data":343852,"sent_data":1692,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"stats.wp.com","ip":{"addr":"192.0.76.3","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"domain_registered":"1997-03-28","domain_rank":22660,"first_seen":"2017-01-30T05:06:59Z","last_seen":"2025-10-05T22:20:16.781334Z","alert_count":0,"request_count":1,"received_data":7801,"sent_data":422,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"origunix.com","ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2021-11-30","domain_rank":343993,"first_seen":"2021-11-30T12:40:27Z","last_seen":"2025-10-07T06:39:07.099643Z","alert_count":1,"request_count":1,"received_data":64541,"sent_data":458,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4a9dbed0cd84b49654e82c1723773129","sha1":"4a001699afceef4da55f1957eb0035dd5ce12979","sha256":"a76daff23b5ccefdf46458f72b2f86d6dce52c1de64563ca4e2963055bb45f1f","sha512":"b1c721d3e3e4c40041856ab26dff1b11f46fce9cfb3caa1d0191e5bd356554a44a88ba1526503a08a3875936e9fbf02cfcd7f764fdbd02a85d758fcded108475","ssdeep":"","tlshash":"362186b0734d6738473c50fad9edb341d1e661b3b5079cd3949d8c902d6470462dba8a","size":1351,"data":"","first_seen":"2025-10-08T10:27:40.449736Z","last_seen":"2025-10-08T10:27:40.449736Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","size":6293,"data":"","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f0d8809468cb0fedce0dcc7a4b55460e","sha1":"41717d551f966700f02b54601613af7cca07081d","sha256":"90f0dd9fa66f3885b85e0e75ac88ae3c4dd7616b6374e8c95c05436aa479d37c","sha512":"2e43d824e10f8358a588516e9f38e9eac3780156ef1398deccee442511dc5d0ab530b7acdfa4d59578f1c63fc3b2fe0987fdefb587dac94a01831c51124ee195","ssdeep":"","tlshash":"e411f02b540c5d2fe266b4c5781b3b23cadd01eb532458a0068ac05dd758159fccf146","size":1093,"data":"","first_seen":"2025-10-08T10:27:40.451002Z","last_seen":"2025-10-08T10:27:40.451002Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/js/global.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f873d76a520e07a69c88a2ab5f45c2a","sha1":"35e8c6999a54a2f9380b6b0f80562652bd4b4cf5","sha256":"763d6750f8fb80b10b8c8681d3beb8dc394c0073c8c67ada0f9e05169dd945e1","sha512":"03504fcf7601d3cb54199b2abba32aebadac0eb3e270bdae40ffd00bf95487414b1c21b0c60ac2508f1ad6923f95d198fbff8813ebc204d57c065317569412cc","ssdeep":"192:w1iF47v6g/EYfPHozwz1epdRPiO2PXMhDEdxv30:wcF96fPHozw5epdRPSc","tlshash":"6bf1c74cb46aa41a50d37477255f598e2037688fe158f6cef07ea4a04f68c44fb23b6d","size":7802,"data":"","first_seen":"2025-10-07T13:13:54.952157Z","last_seen":"2026-03-29T08:51:51.200792Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c86ad53113a0bc13a5cb4b8841b0d506","sha1":"6a42479a801153691c6c612c00f2fdf23cb46e74","sha256":"eb9e4b5605a49466ef95d8ce9b8b2524e40232ec1ea7588ced458429e54e558c","sha512":"56966342d97c6e769e53b59fbdece1c41fa3efb69da094263359a57eb9c55da8dcca393513f5b744307840ec9a06433333d586c13bcc4fd8c0d8119de6b56a26","ssdeep":"","tlshash":"f94130363761a44a62f528b3f2af4b0e7e35420350c8aa369294e5a4383dcd1e0bbd0d","size":2188,"data":"","first_seen":"2025-10-08T10:27:40.452243Z","last_seen":"2025-10-08T10:27:40.452243Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","size":6293,"data":"","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"4d37e1e711fcea9e77eec4470ab5de6f","sha1":"e388ea690b6c20986d4c7c0a7a8cece16a5f4f26","sha256":"49295daae8e878850b299a494c57723c7049317f2c8e733d69876ace64876b42","sha512":"ab058dc3412ed1e375a91253a332bd8fe9dba909d0b0f53b157efedb600320c529fe25b5d9a2976d76cb874ab083e372c27e35bbd33fa6130a995c8245544ac0","ssdeep":"1536:ic4Bys1/N5gpvcZFr378CgGJWH1EaTmj2waOa:gmvcLkGJWH1ECmab","tlshash":"e073d9883f96b0a403a2b4b3261fd50ee13a4d52658cf4d8db1794d8ed6cf1bfa39914","size":76517,"data":"","first_seen":"2025-10-08T09:48:12.74485Z","last_seen":"2025-10-13T05:04:12.549137Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"13a383921ea6922b9f1ca439409e1831","sha1":"20df8d8280a0d74342c25a49c9501ef3c7ff06e4","sha256":"f90153f3ee0bdb7ccd87957cd17b0f2a6a41c1601a8bd3fd14878295b3f890ac","sha512":"365ae1dd72f726457ca0b0e9565c0db94c9009df381b38269de04195b07fc432a1911aba184e2fc19eb5670fef48274599fc444a2388c72ffef81b1d4a472485","ssdeep":"","tlshash":"75f0783cd958c7315b93a2d5f65bb34d5330041df608020a721e4fe61e77b1a20e4c8d","size":617,"data":"","first_seen":"2025-10-06T13:54:04.868995Z","last_seen":"2025-10-08T16:50:52.243263Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/buddypress/bp-core/js/vendor/jquery-cookie.min.js?ver=4.3.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d833fe9e588d95ca1898efa7b852aade","sha1":"31ff1112da5b7a91cedc3cbb220391124cffa18c","sha256":"62f2f3e642ef54a52909525af5a51cec84a1543d3899bee8d169095c2bc73287","sha512":"11bd52f69913865a3ce2e43163885230d37cc418ab8e35fbcb1dbd6e906ccd5a169986f4fc58b136cc4558610b8562b68926dca991767ee2d0263e5675f46cd4","ssdeep":"","tlshash":"8a21e0c83489b846166f663562bf1a9e70b86f1124a94095c642b6f03e709c71a72ef9","size":1260,"data":"","first_seen":"2023-03-07T12:11:17Z","last_seen":"2026-06-10T17:27:29.384443Z","times_seen":1043,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f6a911ca37c43cb98723b80ffbd989b5","sha1":"cf4c794b6f53cc9c0823f95c6e5cbbeeddcf8950","sha256":"bdc136ec031bc609a677c2dfdc21cf6dbc737617bd0499476fbdf71bf28f9309","sha512":"736375efe580a3303c75b7acce74d1374c20edb20eae567410fb07db662a698ad960d583f5f1e8a7a77341fd593bb09997b1b0baa8ca1b73b4e9c32845b53a51","ssdeep":"","tlshash":"4da0222b88c32cb2a0bc30b832e08003a3c322c00000080c08cff20e2ffa022b0c8b8c","size":78,"data":"","first_seen":"2023-03-07T01:40:01Z","last_seen":"2026-06-02T22:23:58.970018Z","times_seen":340,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/js/rJS.js?ver=1","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d831390d20a51c6db4cac25b11837b8c","sha1":"03dc0b94226c6a39dbfa419f8e05c309ee9b8cdf","sha256":"0d0de37d1895402a9f85056478d43d7aaf51590247a07c6f569a9751f46a72bf","sha512":"dd5428a53717ed3f6a2821805c971917c4fba2ae1e5bdbcf3d25da985e674e4598c36b1063bd356e8fe08d26c5629e19fc24d22657cd203b05cb6e0e162cc45c","ssdeep":"","tlshash":"3b314b49a0a010bdc3e631592d3f583a60e71de2535aa28da23fd072bdb69144fb6d0e","size":1474,"data":"","first_seen":"2025-10-07T13:13:55.020715Z","last_seen":"2026-03-29T08:51:51.148573Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/js/modernizr.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3c59439b57abc8dba214cb8da9d0d8a0","sha1":"8f9565a5a59e99a46a34e17e5961b153fc1b9e21","sha256":"04f82722e68a5c02ccf55c02cce55da9492b15d1b76f5af1de52a97c422661b6","sha512":"02c635488720ba370097157b7233340df121b24c14e3fe778214cf4f1e5ac8c5dc831047eef8ff18db5ce140946e93a3c818426f2ad3804cc6c3a186fb139896","ssdeep":"96:ZuCpr7lkbYX8I18ivfCB8QGQ1CrulTOXPaJJccTMSeqdq9HVeMfXlY:JlkbK8qvKHv1OGaSJJzASeIUHVhi","tlshash":"f1b188c971a2f256879b1177143f9247f274957965184c60d089c8bcbd70cb4867bf3c","size":5351,"data":"","first_seen":"2024-08-19T18:51:12.936378Z","last_seen":"2026-03-29T08:51:51.10735Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/js/jquery.validate.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"228560d0e4bc99264827a65878f87d39","sha1":"fc1314eac28ad95a9125bb13d83fec8dab4d1a9e","sha256":"75858d2ca3c90028c9bffc23292d3957f012a59057b4cb4f24b0ff101658ea0f","sha512":"8ade56f39902383e9a9dd05dbd44f1495f3897f841e4e71ae381370488e391c3d23cb7605aae2fb555db2e5ac8e70580547e7df5a5a5efd257b6dfdd54558c3c","ssdeep":"768:F2SnjS0Z6d9zPI03s++nTW3VnyVCPnQF1J4Ou:T+0Z6d9zPI032nTW3VnyVXM","tlshash":"09c2a7097241101e8ecf31fbb89b624f72ba95946005a069b4fc94d1bff9f81b196f78","size":26744,"data":"","first_seen":"2025-10-07T13:13:54.888869Z","last_seen":"2026-03-29T08:51:51.169316Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"cfb63dc18fde53fef4d4fdc19ddfdcd6","sha1":"07e1e6f3160f3f3539f2ac7ceb69c7686c2051f9","sha256":"fe5d09013cdf89dd17c511c908bee2628e4c0f9b4550f802fdb1fd5086999c8d","sha512":"ef8cc04bb9ca987e5d528b8893300c2d053fb12c94777c8535dcc29e425cefacc046d9751ee73b2ceb8e8c7ba5699719427604b12815d72525b7130202279870","ssdeep":"768:mxhQEJv2lLCZJqqubYtrgcxw1OKqMZiEoVGMuCGv2C+ggYhh7z:mxXv2lLCZJqqub+EkKquf1gYnP","tlshash":"69f2c45e50413d1b923b02a6027a2603a237955fed44c928bc5d67ce6b7cc8672fefb1","size":36508,"data":"","first_seen":"2023-03-07T12:07:29Z","last_seen":"2026-06-10T06:55:40.62928Z","times_seen":494,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8","fqdn":"vmuid.com","domain":"vmuid.com","tld":"com"},"ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"dedd352338543b137f608adc8d0d4aa8","sha1":"100edb4e8fef9b6da043d51135077e68d2a61b22","sha256":"b338a91ba1d2ab7c3a7a0dd659426f5ffa4cd699be38e2bed5075c4d3e773a48","sha512":"e2fab4d95d5baa013a7c248945156524478341282dcffc462fb2de318f55ba29dcafba0db3abcfb6399c6164f6f630f06d48a7323b73f8ea05d5978cd60a4c5c","ssdeep":"192:ATn+ip4qxJ/gzuvu3fo8idwqnOqgStYc1qRP44+PHlCXXZE7904AxF:YbRJYz3oe+3tYGGx+NGXZCAn","tlshash":"2b22b5c9b2d2f06443d77161942f2007f23b2869b54dc498eb66e8d3bcb045ea227f79","size":10178,"data":"","first_seen":"2024-01-26T05:18:07Z","last_seen":"2025-12-29T12:17:25.567723Z","times_seen":3656,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4a356126b9573eb7bd1e9a7494737410","sha1":"8258d046f17dd3c15a5d3984e1868b7b5d1db329","sha256":"22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5","sha512":"005c3102459dbf145df6a858629d6a6de4598fafe24cd989d86170731b0c3b3c304da470cf66bfd935f6db911b723df0857b5ed561906f7f1c5c4e63ed9430de","ssdeep":"1536:/P10iSi65U/dXXeyhzeBuG+HYE0mdkuJO1z6Oy4sh3J1A72BjmN7TwpDKba98HrZ:++414Jiz6fh6lTqya98HrZ","tlshash":"dc83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","size":84380,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-06-11T00:44:36.514925Z","times_seen":18845,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/buddypress-notifications-widget/notification.js?ver=5.2.2","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4bb7c6c6145f0a931c1fb33f03a3ae37","sha1":"00cce813dc78ae4fb7109220a6cb9e640de8f8b5","sha256":"64a5c7e15d334cefaf02f751bd697e035697d5f83ec4f185bd7bb5d491e886a7","sha512":"b9f038b7c17194513f0e5774c3198c45132b82a804529b88aa89edcc681195da90fa2aae42f512e3372e168d8fea7b039706996c9c906a8d739ccb2616ff96f2","ssdeep":"","tlshash":"0e119eee7286ae49baf7097f482f41827233996d5d478c049aa7b0445b58349a3b3432","size":968,"data":"","first_seen":"2025-10-07T13:13:54.841001Z","last_seen":"2026-03-29T08:51:51.195384Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d62c8ab78eac94161aa92b34dbda0dae","sha1":"4fd04cdeac84994f88969bb605a8464b0367acc0","sha256":"b4908b3ec3a513f4f59e5799fa223e3089753daedcc70d5ff5576799e96c0d86","sha512":"ccc6439fecc9a91c3fb678a372feea5ac09006f7129537a90d13fab3d10440041d169e27bde13f6c99cab6c4076cdaae055daff9ba3d12ccee0499f03a7bf077","ssdeep":"","tlshash":"46f0591622c91e7166e432f0b8462ac241fb9be8cd244688eadf512c1d65f0ed54f25d","size":541,"data":"","first_seen":"2023-03-07T12:12:12Z","last_seen":"2026-06-02T22:23:58.972132Z","times_seen":195,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","size":6293,"data":"","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"106cefd7c92856477de4055865b81926","sha1":"c2e313d6b3a00f0b805945ad1362eaba672c9d22","sha256":"23830aeb8e11ff22b4cb64d8f31d5163db9e5483fa870588024943941bf80580","sha512":"890b365b8cddab91392793afeb40bbdaae01129ed9d7765dec4f4c50477c5c13e3c681e99beb02e14963627423a7d966ebe0aa40411166e1ff8ea396ec63c896","ssdeep":"","tlshash":"c9f0200243c1b89703fbe082288ece2438d217186ab4cfc104eccdb048f39136223a80","size":554,"data":"","first_seen":"2025-10-08T10:27:40.455817Z","last_seen":"2025-10-08T10:27:40.455817Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/js/responsive-paginate.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a0bc9051193b18cdcc3b139b8d144a5b","sha1":"17f248cf169fca426d055641fa5415dfc4efb6e6","sha256":"e37e5bf7b94631fb9870bf48be68c71fdad0f4593f258555e41703364dc574a7","sha512":"6c4972b87e242eb6952235d17599166a05075218ebdd5446e8e70abd50937e60e3f475cd2bad92248be75984b79f8864e1993e57d4bae9a53985e2864ce84011","ssdeep":"","tlshash":"905175593a05a378e4f680bd002f2f54e7bbaf15460dd68df909c0aa78f8c85452ef75","size":3049,"data":"","first_seen":"2025-10-07T13:13:54.953693Z","last_seen":"2026-03-29T08:51:51.166539Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-includes/js/jcrop/jquery.Jcrop.min.js?ver=0.9.12","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f61ab984c177275c71e34ff1a17c102","sha1":"d75073bdc3f0ca640412f08d1ac59fdce33beb24","sha256":"1b5d8e503805edc311c26145312e1b0317052ecf89e8c353c9d239e795da956e","sha512":"94b54e2480e632124367d5a463f9c5f78cd1b94e06f7f5e883874f7ced0f8b671ccb2ed47c2d32aa84661d53193fe9c448d5347408ff1258354c35fef2d3ce30","ssdeep":"384:fD7jHOVL9nuj7OzaFZBFmuFMUIGZnobQJx2eQMhKVSR56yQa:fLHOh92izSbvFMOZyO2eQMhKVSlx","tlshash":"1462f9dc3591b41aa237a2f760af140f523689a0ba8f4560a054e7d87c788bc933be4d","size":15893,"data":"","first_seen":"2023-03-13T16:51:30Z","last_seen":"2026-06-04T15:29:21.719238Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"be241acc3a369b4aecbd864b7ac83fcb","sha1":"efcd1ba98551e31c56db04f6c8e9e1b5a9180a17","sha256":"77bfdcbea8d2920a20ec557261075ad121efb215f9ec3ab9bb53fc92bfb308c1","sha512":"9a3b40d4e65077ede3ba794c189dd579b327ca6255eb4c911ef7a8d5ee0d2360d9b6795404d52f1a4cf3698698401c07f80ed757244218e92061565cbc4c14db","ssdeep":"","tlshash":"5ac08cc3f2c45a82bafcbed121597bbb41d3256729280c52138ee7a89e32051a41c92b","size":171,"data":"","first_seen":"2025-10-08T10:27:40.457877Z","last_seen":"2025-10-08T10:27:40.457877Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/buddypress/bp-core/js/vendor/jquery-scroll-to.min.js?ver=4.3.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7087ed48c1053946524a9f0d1ec80829","sha1":"a4d953a8039e278f11b382636d5c422d2ee6c785","sha256":"83db688184c9fbb0bc4cfd4a7228745ecfee70452f3357168ea3e3840a2f3524","sha512":"6f1f84f586e8424e85c1852cb932f04ec896851bef467d79b36383fba74b349f4f9f203e6e3a0807aff047ffffa6c91ce1c23fa187f724fc1a4867ee7b06d23c","ssdeep":"","tlshash":"5a4121dcf416f22547a3a476a25f010b32baa86b250a4050b64ccce83e7462b4537ffe","size":2189,"data":"","first_seen":"2023-03-07T12:11:18Z","last_seen":"2026-06-08T22:29:26.593635Z","times_seen":341,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/buddypress/bp-core/js/widget-members.min.js?ver=4.3.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"50485c32a5ecbf9efeed5bf12981d9ee","sha1":"c9a64a424d2dd002b21764ff054c5ae50ba80619","sha256":"535df7aecbed2bae12e73a5588988e0a33cb30f7ffce1535fcdf055700e67f26","sha512":"d5de047b8137ce45b34497c0aa1cac13e8d6ea2627a92b8ea3592a2cba237447e39f6484df0f3e8afc70eccfec78f0e92a777a8c7c72785650b46df59d3911b6","ssdeep":"","tlshash":"f62128183904a9ec2ab354e2bd3a7e33306a479ef1518d88d5313c5726ac6dc21b7617","size":1214,"data":"","first_seen":"2023-03-07T12:11:17Z","last_seen":"2026-06-08T22:29:26.575043Z","times_seen":242,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d3576886925b487b6d3b76d800ee4502","sha1":"dee49d990a32f63bec074ac68b3b249dfc81895d","sha256":"bbba6ce10342988d7acf0786fcba2bfc089335878f84c4fa49035d91845fd859","sha512":"3574c94385d354dbe8f6120ade7f61e89888e158fc6ce860905ab85b656ab7121f7ec714a7bf54b6872ad5365288ab5edc15caccdd1a8b888e9420af7baade84","ssdeep":"","tlshash":"762124167f60ec961bdfd3d13a8b7ec905e642c752288e66ae04c87c85f5862c9bb101","size":1227,"data":"","first_seen":"2025-10-08T10:27:40.458965Z","last_seen":"2025-10-08T10:27:40.458965Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/iflychat/js/iflychat-popup.js?ver=5.2.2","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"33e4e8478e92e4320460dbb58f0ec459","sha1":"ed182978ba90abcbc726f247b7e7e825daf94666","sha256":"94c9cf4de9d652a71f6ac3557e9520bb6a8fc2aa8fcae248dbe593154048238a","sha512":"0473e010581f21878d1dfc96ccfb217c7dac2fdd03dde0a9da3524e8c40e67f94cc64ba58eb1175950d2d93cdbfae6439140357ec60d1ad18d45ef34b3307b9a","ssdeep":"","tlshash":"75e06db32f306a1e1009bc861d6c866826d19af06f62fc3091bd8c39d830ccb4816c3c","size":391,"data":"","first_seen":"2025-10-07T13:13:54.977493Z","last_seen":"2026-03-29T08:51:51.142463Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/js/rating2.js?ver=1","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bf5d6fcddb2885c853ae758239195ce8","sha1":"9a5eb9fa5564ab8e0e277966d1ea259da393a73e","sha256":"ba66c2f5805848fa2eea4790af8dcc9ad3fbd424d50532a572be576ce9685861","sha512":"d930f6354516359b985bff4512779b54ff3f2124a9cab8c16e8a3c9799c7c1dd5e5129c9032f3205b17f8576e40779766e0b15c86e01e98c616c29e022d359fa","ssdeep":"96:e+wJ+s33dSKlTiL+SP54SwpykRr5/sWs1WEzdxfBsaxm6:C78KRSHwpywBZs1WExDHxR","tlshash":"9ba1328df199636c566321f11a5a550f5132a1b42047909cb07ecee9bebdc4c27abf3c","size":5062,"data":"","first_seen":"2025-10-07T13:13:55.005426Z","last_seen":"2026-03-29T08:51:51.222269Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/app/apx19.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2344c3f05f624d595f6fb920e4d74ded","sha1":"eb4d1404ac2d5eecd307f4588aeeab5c8ef463f1","sha256":"3a28fe59e4a2af96d8edeeb12d7040c574cf71fa88fccb5cf49e9c0a1d4e4c7a","sha512":"b1660b062c77332a119e159c5c69d3f75d375915a33f141503232f424c4fdd990998a883c271efb94e8eb909f7837d235354ecae15b58fc23ab9d1908170e831","ssdeep":"192:yfBLCNsvzXnQQuWYQVN6nYaRB5c5FM/MR6Adpf04u7w2Br:4gNYXnrYtBONxpf05r","tlshash":"62126cc87ac7f00b53ed8a53ae1a66b8117b946362a47907d3bcf6cd15e920bc179cc4","size":9183,"data":"","first_seen":"2023-03-07T12:40:02Z","last_seen":"2026-06-10T07:46:34.068973Z","times_seen":3595,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"d2bebd9ff920c750a90bfe2a7a767c49","sha1":"89e4b89640a7b9c553d8305e82dff2f19d5992c9","sha256":"f84724bf1a79096b7cc6fa8be3c98fade46761ac70ac2286155aacc6182f51d3","sha512":"fe10c19f1bbd2049eed0bf1bd2001b565fae4fd49f1e7b5701b4098c9b5f6f77ef0a41511ab81bd103827ee201350ff7d1a092c811635ccbc73ef043f99f7622","ssdeep":"1536:ic4Bys1/N5gpvcZFr372CvGJWH1EaTmj2wW/J:gmvcLhGJWH1ECmaF","tlshash":"3573d9883f96b0a403a2b4b3261fd50ee53a4d52648cf4dcda1794d8ed6cf1bfa39914","size":76528,"data":"","first_seen":"2025-10-08T08:36:23.112149Z","last_seen":"2025-10-11T19:15:02.429379Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/22/00/54/2200540f09f939738419313a1a090c32.js","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"baf5c9c89f70bd4e8820c77be2db95b7","sha1":"5cbcdb6ee7a98619b984544f27a8a1f572cf2208","sha256":"8ec7cd4734f2eb03bed7a64db018511e2946fe9625af84dd533448210bf4e76b","sha512":"65b8c19561fcdb520a25a2c5e5ad6de2faf23d57294b9b252d1e09ed85579493b262188d09eafd8fa150416ba806e33ee4cd51813e32551c7e8bdacd1b9bb1dd","ssdeep":"1536:YD5oAnYHPQztET0oO9imwpmx+FxeCUz4uy5aP6GJtSvMjHISMho9gGg39gysYc48:o6ZoiW9fkUT5AMsSYo9YTJcSYK0","tlshash":"b0a3ea88bfb1f05e23625477123f900be69e0e41649cda7ce513f8a52f9871bd07d9a8","size":98411,"data":"","first_seen":"2025-10-03T09:47:43.653715Z","last_seen":"2025-10-10T00:59:32.936764Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/iflychat/js/iflychat.js?ver=5.2.2","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c2980826fafa693ae6095bd762f498a","sha1":"ab59c1dcd37cdfe22b0684caaf6126dd07c8a1dd","sha256":"89e8436e40f5cc6d42de2f5799d2e68e43e2d91470599417a7c881ad5684e497","sha512":"66dbd89f8a6e94d27c34fb5f2d9335298249fc5a722d455d1173a312146010ac22c5afaf58dcd972831a9c4c6f5539fef4b881329b5362dc9fd08fe41f4cbcc5","ssdeep":"","tlshash":"2551c8fffb1062091616b476606f261a10b575d61c0cf971a1aacbb9fe3cec4502fc64","size":2993,"data":"","first_seen":"2025-10-07T13:13:54.801917Z","last_seen":"2026-03-29T08:51:51.207658Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/to-top/public/js/to-top-public.js?ver=1.8.1","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d57ea8be4223524c97a28d4bcbe46825","sha1":"b750ecd609b7245b8fcfd5f9c148b36a5dbbf2ec","sha256":"4e263a75e29fff467d615ae2b7c503c4e98ea972e25ec82db02197d1f0db058a","sha512":"56cd995341752bacb87e4c792056e48c16056bf2794059d2d5440b8054f68b72e944719b4c5ce62aa859c0bfb445f056d7f2920fbd3e579b293654523e23d9f4","ssdeep":"","tlshash":"9341590ef9ff141561bf317d8bbf81163b31905b211aca903d8cdba4af812395256bd8","size":2288,"data":"","first_seen":"2023-03-07T01:17:48Z","last_seen":"2026-06-10T02:46:15.785761Z","times_seen":147,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/luckywp-cookie-notice-gdpr/front/assets/main.min.js?ver=1.1.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a6e462f95de6aa0ce2909797af649e6d","sha1":"188a3242bcb79ddf0a062da602f0e88a8dfa8fde","sha256":"61f90f760d8cda014eabe3d8daf214c949dee6f4878004c3aefa23d0ab391719","sha512":"4d6ed12f75cce36e0f5b079c5b56143f0776531765d555b41e96455fc70ddb14e981c8147b94064c9f64ed6652f2a3612513e654132d0ee708bd02a3e9a73464","ssdeep":"","tlshash":"e321ed0ef28160b21d0e32bd0eab07f8da332c1ea613734992bf96545417a8dd0078ce","size":1384,"data":"","first_seen":"2023-03-08T08:26:00Z","last_seen":"2026-06-10T08:13:07.983341Z","times_seen":272,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/wp-user-avatar-pro/assets/js/wpua-imgloader.js?ver=5.0.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f9b0317909ad7f19a025cc81e43b80e3","sha1":"0710df2c1bf38fa20456be0d2e3489c316c58414","sha256":"1ae69442281fb1657a41ffd74b56db6d17fdceacf913c775b0f8c67d80389461","sha512":"728ea146b095583903445bd4ff27a235380ba8d2d24a035a9c6933a15e79f353dac1f4091de829e9c76a836d9775529471305b19b130d32f55725b2362799e29","ssdeep":"384:Ib1mrFrSLAjLdz3djLOOtD11IoUFUCIidFVVS9c7T:y1mbwDT","tlshash":"1d92d71cf7a578bf0172d26b614fde0c14a1c8978750e524e9218a9f88f9d0da237db7","size":19325,"data":"","first_seen":"2025-10-07T13:13:55.001772Z","last_seen":"2026-03-29T08:51:51.203801Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"96966f3f8c5ba87eb2447e805db6da92","sha1":"298cd0aa4c7184f60a8834e09871bf87d227cc6b","sha256":"8bb8e38ca59e507eeeee21b2c293ef47928afc46ba45f42373911de677fb1865","sha512":"37c72d68c0e15c93579a40f5179625714e4fa36aa5c9ccf27527d441ae641c0cf8cf2a2f916794f36bf68e0d7949f2216938593cdccfad47c48e63c0ab9919fe","ssdeep":"","tlshash":"4d41cc2f78470573b9aba1ba13bf684838b761531209c415384cead84f18dad1db8efc","size":1973,"data":"","first_seen":"2025-10-07T13:13:55.037051Z","last_seen":"2026-03-29T08:51:51.264259Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-includes/js/wp-embed.min.js?ver=5.2.2","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2dce40d16f9ff6332d3cbb7ae488a2b9","sha1":"0a8eca5975f21a9f1bc079d111ca1657009dbe8f","sha256":"2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7","sha512":"8c5cafbc2ce3705735ff1131ab34c2aef7aa50bf25ba13f0a29c07713561b0e6522c93596c8047ec332e7fa98565a9de56cf040632149b255b58d0bbc43fba7b","ssdeep":"","tlshash":"7921441a3338143b10db11e3b99d74c7d6f207ee240121d28d78c880fa94fa39966fc5","size":1403,"data":"","first_seen":"2023-03-07T01:03:06Z","last_seen":"2026-06-10T10:13:53.949699Z","times_seen":3181,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/js/typeahead.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a99b1e27fd62f49ca5d1cfabd5bfa4b5","sha1":"59be5f7157a8f9fc9f3d4c3618fe4fbab4463110","sha256":"8e74e41d702ff4a4dc55daf3f488a1269ca05a3a6b49c499a052d6fd4fa146ca","sha512":"e4501eb3f8e0439ed9bf146a43563f628f77a6b943609d6cf322a69a0c3a739214db9509d337dddff1629d0ce580aae1ba2e55d4e05766ccdf684ed0d937cc93","ssdeep":"768:9T0WW7nnF+gAvQ3WI8RGUHeS9xAknbkO1:u8RGUHeSdb1","tlshash":"96d2f9a1b5c1642046d79178a5bf020b21b798267485b02cf53799da3e7cf09a1fbf3e","size":29275,"data":"","first_seen":"2025-10-07T13:13:54.719664Z","last_seen":"2026-03-29T08:51:51.228838Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/buddypress/bp-core/js/confirm.min.js?ver=4.3.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e582c1101a40828bce00bf1aaf6d6502","sha1":"de3b8d23ee9c4c634b94563a99a58041312d71c8","sha256":"41f0d0efedd81ee93f7e39d944e84c9d0901a768b023e075f6d73e9cfe714746","sha512":"bd7178ba641f9c5c312f1788f1e1b68242e36cdd4fb9bd11b4ff6cca159e9469bbe35db9711c2411eb84ca184824790a4912c8f2f7cf0a397d9e997a0998b519","ssdeep":"","tlshash":"94c02b2f746d34ee20a23274e0fb8706719334d029124e080d1812601f3c43408f3a00","size":135,"data":"","first_seen":"2023-03-07T12:40:09Z","last_seen":"2026-06-06T22:54:45.41729Z","times_seen":142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ce4e157448487d4efe0ca538f656a71","sha1":"45d22de723a97ca19cddd4fb792e339b5fab5c50","sha256":"936567bc744e199e02bfc3c33fe2bc9c862999e0d479e2a694aa7485460a3960","sha512":"a28ea8c489ee99b0127217429933b84a07cd0b53e4a566754d7bb3e6c762bf7909052cee4de5ef3fcd1f8263ca88c2821a7590cd7cb3a1bdb54599c79c6ab5ae","ssdeep":"","tlshash":"c18163ecf1837420c3eb3b75507f594bb2bba896194d0468b09884d46db2e19907bf7d","size":4000,"data":"","first_seen":"2023-03-07T01:31:36Z","last_seen":"2026-06-10T06:55:40.654639Z","times_seen":1847,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8","fqdn":"origunix.com","domain":"origunix.com","tld":"com"},"ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"30a0b788015a461388ee933269a01023","sha1":"9f85954413fd92f68b06441c7b6146d74da3ce29","sha256":"c006492ec1d2657810938a3fb78531c142cf1ab3fd925dffe4518a2f3d4952b2","sha512":"18819d657a33ed742429df499abdb513ae4a945e1e14df6196c650ce8ab119cce0c4470fa560fede0a52befaf83edf66d79b6093b1bf082a76a460291bc7d4f4","ssdeep":"768:hCflSCRC850RCX+4D+R8WyX+86wA6C8CflJu4sTJ+zaXeXgtA9zk4sTJ+HXJpZ6G:qvV50gPowAzJfTqGF","tlshash":"6b53d698b5d2f1a102c370b8543f6106b2366929248dc098f7b5ded5ad78d6ea633f3c","size":64136,"data":"","first_seen":"2025-10-08T10:27:40.418722Z","last_seen":"2025-10-08T10:28:20.541066Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"7e46312a4ecede71e8a0d36aba8a3506","sha1":"32f7d893e456ccc9575f88b1929d06ee951a429d","sha256":"0467b0bb81f5dc167d8c89ecb02a966f4a8d79e8620fe29c4e6812970818357d","sha512":"7f761a56209ed3bc2c734ea9ff96968e0f0e768017a5ea90b09dcbf4ac0a33c44013f16646fea939f7d1be3de53aaf9841d8e94bdac12fc24f360ea6d04e49b9","ssdeep":"","tlshash":"05f04934576743a94f5bd1e52b4f0fef1a31080bd05b099c7118e3875ea072a22c4a36","size":617,"data":"","first_seen":"2025-10-06T14:35:45.700754Z","last_seen":"2025-10-08T16:50:52.179446Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"c37fc71c4910746e4dc1086d1504eec8","sha1":"14565ad25baee00fbfcdfb04cdaca8146cf8eef9","sha256":"86abf24db0f0710bdb2bdd82e5675a1fc444148707510005492b33cd4820068e","sha512":"759a316f29f039ce53e4c8568c95891d7d9a98ba2ece51028719a59275412bd04d8fa20c0802b8a52cebcba9050c2b813233692814eb14dbcc775e0efc59d24e","ssdeep":"","tlshash":"44217b3b9898c3b12243f157e126738cdb31005dfa191707330d0ae91eda36a26f99d9","size":1276,"data":"","first_seen":"2025-06-22T22:52:25.7742Z","last_seen":"2026-01-05T22:39:08.072676Z","times_seen":421,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"37f3d230d930d95f8c52fc955a420c3f","sha1":"2712cec4f0ca9b2bd27ad942d60c5d9448fe3509","sha256":"d70df3adf619efe6f3384becbb6e131ed55fec739d91c5d9a9baa787e5c6365c","sha512":"2378a4a19df98eba6369fc94955d30e7f4844f526e9ad3cbaaf6ddb5db012ce88702ecb163af2261cf6b1bd1e3524000a2dc7232c60a9fb963b8b53031119600","ssdeep":"","tlshash":"93a022e38e802b0bf2ecbee0020b2fa302e3203b3c3cc030bb00c0008aa0020bc20200","size":74,"data":"","first_seen":"2025-10-08T10:27:40.462597Z","last_seen":"2025-10-08T10:27:40.462597Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/buddypress/bp-friends/js/widget-friends.min.js?ver=4.3.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"832901075750636871430b2e944528b3","sha1":"da960c718c631017f0783d7e8e754ac8076b284a","sha256":"0c9ac108bc69994e4452dbd80bdcb074a2543676d082ca979935ba59d9e8e408","sha512":"6693f9fbda380af0fe318e9241f7a4e80c7ce893aade2c6afe11f80189221a716fc6788515c131f068d29119a9ab4e9186c70dd39d6c05b50e2d09f63d7a7bf9","ssdeep":"","tlshash":"db21211c354460ec27b695a2e53b6273307796edf3558e80a721348126f8adc113b507","size":1214,"data":"","first_seen":"2025-10-07T13:13:54.93623Z","last_seen":"2026-05-09T17:12:01.34217Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stats.wp.com/e-201926.js","fqdn":"stats.wp.com","domain":"wp.com","tld":"com"},"ip":{"addr":"192.0.76.3","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"12df00d326d9d7ca84ba60c0eca1f7db","sha1":"bc2af6354bdbe334c94b8a33d26357c5c3156925","sha256":"5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855","sha512":"9b4e38e6b3bd0ad3a494e62c56cf1c59e52272fb77d86d7a46a1f873078ff154cda9bcfd8a5983ea1c980f3d92cdd597a9728a03658e13951f773a2299f96429","ssdeep":"192:SZlmgfr24Se6MpTXapkyN8jcpypscqDciqtiPh71:SZlnrUwXapkyN8jcpyioyh71","tlshash":"84e196a93140b13916f720a2669f6307f0368f773e4b5041d67cc4207ab5e8b9927f9e","size":7370,"data":"","first_seen":"2024-06-03T05:08:03Z","last_seen":"2026-06-07T18:48:26.89593Z","times_seen":7818,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201926","fqdn":"s0.wp.com","domain":"wp.com","tld":"com"},"ip":{"addr":"192.0.77.32","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6e445ebe164621b7116b62ba8b1d642b","sha1":"b8d42e983993b6ecba34852218862cdf8630d550","sha256":"e93e9f28c6e8c3ed7f642e1a7a67a4a294ffabbc49909ae5d8bbaa48238ba3e9","sha512":"4d8884561f2492162a229f039f8f97e7b02c9068e8e76a67c088df5c29fb4649fc3a1286afb52f4c6f9f3501c73dd70b99c434585565e856df80cb48900b0547","ssdeep":"192:Bav/CHEaTmfctyoWc4g6R+68i29JNtDPlwH//7RzStFpow:BaSkaCfctyncSR+JJNBPC/dzStFaw","tlshash":"def183be31da323bca9230e1805f6618b67399615f0f8b66d318e45174bcd47a93af18","size":7820,"data":"","first_seen":"2023-05-15T07:11:39Z","last_seen":"2026-06-10T22:55:38.874166Z","times_seen":1956,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/js/jquery.validate.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"228560d0e4bc99264827a65878f87d39","sha1":"fc1314eac28ad95a9125bb13d83fec8dab4d1a9e","sha256":"75858d2ca3c90028c9bffc23292d3957f012a59057b4cb4f24b0ff101658ea0f","sha512":"8ade56f39902383e9a9dd05dbd44f1495f3897f841e4e71ae381370488e391c3d23cb7605aae2fb555db2e5ac8e70580547e7df5a5a5efd257b6dfdd54558c3c","ssdeep":"768:F2SnjS0Z6d9zPI03s++nTW3VnyVCPnQF1J4Ou:T+0Z6d9zPI032nTW3VnyVXM","tlshash":"09c2a7097241101e8ecf31fbb89b624f72ba95946005a069b4fc94d1bff9f81b196f78","size":26744,"data":"","first_seen":"2025-10-07T13:13:54.888869Z","last_seen":"2026-03-29T08:51:51.169316Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"06439382fea9b56e16cd111afe2a05f0","sha1":"94f4fc78dc84717210e686447005ff1042cf0937","sha256":"a10fbfbc3dfb9f61b3b70c74e8f3b5a5dafaae8d4c3d5a44d9040e3f057f0d60","sha512":"a510f59645cb22dcdf7835fe91b0458ca2ed55aab55e9468556425fdb7e0d7bb64245891ce5736fa72894f26901d8f9f8d2022a91f461b3271ec06d5143a9a81","ssdeep":"","tlshash":"ca21331eabdd213842ba211627bfe2c63e2501e3640c5cd59d6ddc683064d66283dee8","size":1356,"data":"","first_seen":"2025-10-08T10:27:40.463645Z","last_seen":"2025-10-08T10:27:40.463645Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6c87711a5d2974cd9ee1f91fdf13c865","sha1":"f8ed5f464bf5e473cf28b326f462df2ee5698b70","sha256":"d3f84084e3f7c148c636dc35fe87fc64580db8a3fafdf07ebf6174fa089d2398","sha512":"8da04dcbdb746b2810bee89cd945e4d09a0fa7838ab960b05d5227aadd59759d76a7385f83a58abde5ee52665e4f735e554651b2dda1e70ada87ede0cd3a3be1","ssdeep":"1536:I8zmHlk4JQ9aO4kD9VaZ06GUqo54Az0SBYQ4+DIVV3BWw:jzsJkaO44I06GUb0S6z3xWw","tlshash":"96b33bc6226a241612bf8034445bed0eb5aecd8104cdcdb8e1e5b8662d78b16d3f7fd9","size":109923,"data":"","first_seen":"2025-10-08T09:14:17.976464Z","last_seen":"2025-10-12T16:00:36.826808Z","times_seen":68,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0cebf0d01432623e31338307dcee4037","sha1":"d84fcb3c5ffcec34cb53e882017fdfa97d11b34d","sha256":"47a40ae7268f7de92124f55ce7d87549b4ec4a55b865ea8574aaaa3cd3d69502","sha512":"6e778f76a89e1e431c64159c029c1a2778e547103de12cc5c3bd754c808a8c6e461b6efde77776610c251f8d94f3f6fd11fc1724b8d4527f03a7e6d249aade1d","ssdeep":"","tlshash":"d751fc5c678e0a65dea37238539f37226725c0531124d9d2709ec3443fac0ba82aeadf","size":2941,"data":"","first_seen":"2025-10-07T13:13:55.04299Z","last_seen":"2026-03-29T08:51:51.268639Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b3ae0a2ea6fda8847a7864d651e8680d","sha1":"5925758d2dd3852b4fab9d438a8abcb8d0987c45","sha256":"c05df30581b47f90a0f005d33277859c68beaa615aed62cb9ecc89cdfe8d6457","sha512":"4a9df5bf5077e86d0587d2905fe7a27217ab229a10bde8f824a2ef51e806266e9bb903a9f3bce591776633e368e6f27abeb81ad2d450df77797f2f8826ba19d7","ssdeep":"","tlshash":"f131411475c09e398696e133eb66de4137f802a7b780997948148bd437df635cacb285","size":1597,"data":"","first_seen":"2025-10-08T10:27:40.465731Z","last_seen":"2025-10-08T10:27:40.465731Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8749ef703efe93eea60ce1f5a5dbd4e9","sha1":"c96b16ed3228d3188471d953f9836b1275e80f5a","sha256":"8df6aa919f232955640aaa7c137d6d8d474c5e2975eaf6b25e6fb08658978c22","sha512":"641e07d9ee73bc9ef198f3228074066c98c2ec11e458a4e4252ee27409131b10edad26f253070bbae6331f82e63ca586e2635a9f4c4db9cf64a464e059a960fa","ssdeep":"","tlshash":"7e01f70ad3fc759d00b6213c1815aaab127d5a3a07444daefbd38c6c1b0cf686736b86","size":775,"data":"","first_seen":"2025-10-07T13:13:55.050587Z","last_seen":"2026-03-29T08:51:51.271585Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"30f68efb602963480e172a5c32daf277","sha1":"b52d447979a9648db4b8e5f3168d7d379fecbeb0","sha256":"d6254282643db6824712aa71cd591723401110fb193bd1519ee8e8a15724a472","sha512":"103d032a408b1ef9c280f3a522d8fed713d9d0824c9c1b8276f8def89c282341fa568d93cb3274754443744ae094c39c85c5596f984c62b82181b5d85bdfb107","ssdeep":"","tlshash":"2ac012b39b00c64b22a1ac15714a11c559db88f64a24f8b254acdaf2d912cc6a6d7dec","size":177,"data":"","first_seen":"2025-10-07T13:13:55.052741Z","last_seen":"2026-03-29T08:51:51.272346Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/search-filter-pro/public/assets/js/chosen.jquery.min.js?ver=2.4.6","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3e9f1dcb9cc75169765265133fb815a7","sha1":"7678293e0a0df6f57aea34e07b7e0392ebba2234","sha256":"73881513a7e7f8944a311bea8e80e9fad946e256ae74d62b5c8d469dc6df0186","sha512":"acc186178c20d51ef77a1b67c5706de666d47cdf49509c1b936d4a3259cb643261ec190f99ea2f06e75d64210d25d7476183240a1f613c59cf992f6cb29922f2","ssdeep":"768:+Otj9+umwo0XCITm9HNfhvwITdNWb0DvHrqgtV:+ORjgF9HNfh1TdNWb0DPugtV","tlshash":"8ad23188fab0a12041f795e5a65ba5c5f337a49ce80c89acf93dddd65868c0d702fb34","size":29121,"data":"","first_seen":"2023-03-07T01:07:22Z","last_seen":"2026-06-10T22:53:23.629248Z","times_seen":14715,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/wp-user-avatar-pro/assets/js/webcam.js?ver=5.0.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f239dc7a66275a632077d62bfb6a7baf","sha1":"217f7cac5e5b4c1140c73445f04620f30a003a14","sha256":"a622c545a356283fbb55ff8255488aaccf02f0b98f9b8df7ae3d68381a457a55","sha512":"d2875155101235fdea02c5792b44959aa6a1ec3aa3de40d156477b9f761703b48d26bd219713aff22a184556de898c99d3fa8b103e146f2f914be1a81ebea25f","ssdeep":"384:dVoIOFaz7ms10jQFkEST6lpM6L5U8KbSrcQ2dJTtC1W1twXTSkT7giTcEcbOFg1z:dVzH2sAQFkEST6lD1mtwpciFg1Z24uHs","tlshash":"6ca2e8bf97a2905b00d101572b8a5240627ed00f3b86daadba30ddda18fcc57b576f74","size":22754,"data":"","first_seen":"2025-10-07T13:13:54.782591Z","last_seen":"2026-03-29T08:51:51.092871Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"434f170dff72c3134ede304a08d63124","sha1":"43c09f2585a5952e0ffc390f67d04ed79c6ec9ab","sha256":"85f9a6348dbc53515d99c98cefcbe8e57739a190e0cc5aaa890273902b8ee5fc","sha512":"f6001d7d1f73966e7685b4076c2eb282d385c5b61829028a601d7a05074c70e669c6d7132eaefa4481ee6292582f7a73d79e9f0a76771e44cb7816e4ea439baf","ssdeep":"","tlshash":"e0c0804172c16d4521fdd7dd039c3771718755278d2f0b719288c3845ff60f4c458251","size":178,"data":"","first_seen":"2025-10-08T10:27:40.469255Z","last_seen":"2025-10-08T10:27:40.469255Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"6d39137eb8d02d4e2df2563660059ffe","sha1":"2c81cac4cf1ef68e9d03139e2c99159119b6716a","sha256":"eca852eb904270ebcc5929449e0e0c3988247034512c6055065787edcc36c8c9","sha512":"3dd2c015d415ac469fc5d8b2fd407e56f69a5d389105c286cdf01de976cb2c5fc176efe9480793fa2b031a994a568eacfdd2c1b53a160f6d3945f96d7f14b817","ssdeep":"","tlshash":"04d0a755386588306599019650b6e399666025907621654083c9cc2b6a11d9384a195c","size":217,"data":"","first_seen":"2025-10-08T10:27:40.470506Z","last_seen":"2025-10-08T10:27:40.470506Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","size":6293,"data":"","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2be9f896fc2333236c81e64047ff6bd0","sha1":"3f68b48389ad70ecf2ccdf913c4807769b4c181c","sha256":"f90478dd3e852d3c615893f35d3cab1d7c1bbb94afe0e7160d1b830841ef2f78","sha512":"aa7f8216dda82bf3b67987a035b662fa15fb715e32486acd5836e0f70170323b3cbe160c7e6273aa57c5ba957581da1545643982d33a0211badd25b6c2fc088e","ssdeep":"96:hFznifT5BF4SVlHNref0PNrJmRzIcfK/3e7jlroUmjkSqSnI+uqqZDJfTLTuqvYs:/zYgMtEEq4xK99TLSqkpWLgZfBYjf","tlshash":"8c22198f3dcb281e995e644150af30c326aeadf818825e4ac7a85cf4ff5275d918ed0c","size":10181,"data":"","first_seen":"2025-10-08T10:27:40.405668Z","last_seen":"2025-10-08T10:28:04.593176Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/micro-themes/active-scripts.js?mts=1156\u0026ver=5.2.2","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6311a616937e80f4bc114535c2b66738","sha1":"7d825c49142dd1b45d4868c6721eb496524fd237","sha256":"29972bf1fc3e4ad90212cc1af10dd9cab7700048f31b915a751a6e6191f27ebc","sha512":"7dec0d7c588978aae27b0afe60c1c454cfa2445e9202bfb5728a4b213836053f66f9c671257cdfe5e5d3231005b467f655288004086103ac899a7e5344766cc5","ssdeep":"","tlshash":"cbb012ff909c988e9e672241083b270579433467651800918348e2110c2c1209066725","size":106,"data":"","first_seen":"2025-10-08T10:27:40.28456Z","last_seen":"2025-10-08T10:27:40.28456Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"79be7ab67cbb8e42e17fc3638841e3f0","sha1":"0b7e1111608cea159b4c162fcd92746f567f92ee","sha256":"94ddb649f6d1bbf0127512b05653c42d2a5e676ff3a37f993574eb449e98b272","sha512":"fc79f9cc4e87dcb335bd7ae80420e7b8939cac729cc070fbd47722d52a06d5e6e074e08b1c7d77f2d2e4e4ec0527c7eb45377e500e777de0feb0d4c1449888d6","ssdeep":"","tlshash":"3ec022479ec81c8371f42af110e8376323f302691e302802428ac0444a3d002eb08105","size":188,"data":"","first_seen":"2025-10-08T10:27:40.471552Z","last_seen":"2025-10-08T10:27:40.471552Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/js/jquery.blockUI.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c6d5b17ff66243065b008250904728e4","sha1":"12a9930890416d49f5cf1e8dc21fb272682d77fd","sha256":"3923af32e835758da47f989bee7c16ddf1bd02307df25dc6827377957f5833d1","sha512":"aff5af5a204c0669f889f6b7057072592f705765b97e6ec465bbc082ba194e61f71bb8f9554fbbc04857ca33309a1434e59aa00dc13a13927b1c77bc987d35b6","ssdeep":"192:PZf6grGfOCa32wZptCC5zk3P5PbjKikRMb9ml6FeQzT0n5GJwmNrO+:P1CamaCCJShXAWmlweQzTIYxO+","tlshash":"ae32fa7c30b3909641f376917dfbabcb7b35253bd483a8c1d078d1a925ace5aa112d0e","size":11438,"data":"","first_seen":"2025-10-07T13:13:54.931803Z","last_seen":"2026-03-29T08:51:51.138299Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.3","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb26aed7179698e6cc95f097b978df09","sha1":"e6cf8807ce558f00ce026f027241bff5a525685e","sha256":"32d9329d48ccd5a058fc1f4a6be8b010c4c9afb03d046ffe8a211ce474db2b6a","sha512":"5529925dc1feb9c5d3c9caadc0aa0e4eacfc4881cf9d1e5dea48a36d40085cd4a3a51e31d5ece13f38151b5ec00701fad6e05addf136c93b50852c48083a5f20","ssdeep":"192:msOm6DjUwqEZU4Idu2pY14s5EOnxk7qX1y+M8s6+gQNK:Im6DjUwrn2pY14svn+7qXPM8AgQNK","tlshash":"4922a29cf27266e96afb12f660cb17431b326867c8835395d09d84241dbcc86b527f0e","size":10901,"data":"","first_seen":"2023-03-09T23:01:43Z","last_seen":"2026-03-29T08:51:51.110448Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"dbb14fb296945e09a607f4ffc8a8da52","sha1":"73977a2c0d08bad9790597988fedbaaf5ead054f","sha256":"20adabea74e67d597e882751a5a8b27b89161075d1b0d635bf43a84a6a957a95","sha512":"fbbf4bdc148577fe9602f47b55a1941faa5a28e2929e6c7ec19c75226c823ad36e411685118b18e5dceef7ed832345e59e95503e43df89b0c1152cdee6fb02e4","ssdeep":"","tlshash":"f6f0281d1429ba368bb3128d9c794f1f6a5d60fa72440417f1bcb3291b6dc4ab06fc04","size":616,"data":"","first_seen":"2023-03-07T01:38:44Z","last_seen":"2026-06-10T11:45:55.863648Z","times_seen":1253,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"24c8e85b12464b435e686d99f8a05631","sha1":"9951c62b8c49f7d5631bcbb7644340561b839bb4","sha256":"eaf9ad1cc1d42a9f4e95881acac913af7de62b6149278db6f2ce486203be388c","sha512":"91c231f436f193a2438242dfee9b861ff6af21686cd0c6220f0267f15fd41684a534941bb9c8e4ccc7fe316091a6b81be4e7651dc2887adee17095c0a6e1f525","ssdeep":"","tlshash":"12d022b252bcb13ce3a4344c282deabea0c10417d61608002bb0a4ac233e2ca80c2a10","size":195,"data":"","first_seen":"2025-10-08T10:27:40.473332Z","last_seen":"2025-10-08T10:27:40.473332Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e200a1ecc4e1acac7b7bc0508be473dc","sha1":"a5cf3e6b0257b16d479bd72215648ce47c67dfaf","sha256":"f9c173fc04e3dcc4970d6d4a3d12b068fffed23778001e062f4f90533d76ab72","sha512":"dd8e2eec4a40a69c383946c3c878e8136f5708372f8db5cc4644d98d190eb7b736fee04a841d93ac1104df9577977779825cc5d4993729b5702b2dc720ec469a","ssdeep":"","tlshash":"f6f0e1ba3dd0a0308659f1a4b15eaa14a46168146400690988cdc4c8bce4b9e4eada9c","size":551,"data":"","first_seen":"2023-03-10T19:38:09Z","last_seen":"2026-03-30T18:41:29.169662Z","times_seen":228,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/bbpress/templates/default/js/editor.js?ver=2.5.14-6684","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5b6ff29762cbc4e0fa17706e829d3b56","sha1":"5df46656ec675b27628e47f7ddc5717f50adb083","sha256":"d87177c71bcb4761c9f98d781832d583ba9e2ee7bd0d0cda2ad48e79e21418fb","sha512":"31f0ef0b7bad0d3d0294c3327fd78d2b22134b192e79956df4ad5d7c4d0e35f8b79dd9aee6f89a47d96a9ae1c04edda5e0cdd3fa413716e2d4858ed9a4da7367","ssdeep":"","tlshash":"5e21c2f1ef5d40d17172705c99a5d698260ec8b2b50156df7cc24a34d2d107ac3a9f25","size":1399,"data":"","first_seen":"2023-03-07T12:11:54Z","last_seen":"2026-06-07T12:44:51.495696Z","times_seen":287,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/email-verification-on-signups/assets/js/verify-email.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6ae52edfb2f9361cde39d84ed046c59e","sha1":"4935b2efb5daea19ae783f9a99ef7a70dc0f679b","sha256":"ad58bca769408630e44431b49b89a9a36af5ba945ad3d064d0b8b8884fe5a5ad","sha512":"adafe79e17f9a968501744087f7bc6f06b8b3a5bba1bd6e7f7caef323164a77bb6edff999f2215bd7668332b94878dc7216443241ef7bda5a0316ca6ba014b44","ssdeep":"","tlshash":"e1d0972eacc8384982fb31f9e81f1a397222008306ebd403f0658081ce76312ba31389","size":266,"data":"","first_seen":"2025-10-07T13:13:54.744773Z","last_seen":"2026-03-29T08:51:51.100593Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8ec4ea2cc07fb4298dd793cbc67d3755","sha1":"04c34c92ef5baad58af7c56b728d4a84c55f7185","sha256":"9a0e8ee9789c9f554b318f332bf0d2c61f85cdcf33afc1228b6f94181f841b1d","sha512":"30304737e90f692141d3d9d94011b08bd5605aa54d85f9808fb80fb3fae2b0c1d8151784f56ab2bbd89729e5cbc7aef8f6f3b00acae27ae268a8718a5d3ceba0","ssdeep":"","tlshash":"e1f0dc20a9ce2dff820650ba9c78cd0a71a7381ec1f0c0070e00d83563b1fc909582c8","size":449,"data":"","first_seen":"2023-03-07T12:40:02Z","last_seen":"2026-05-22T22:37:39.400616Z","times_seen":2074,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"08d5b840d684128d363d9eab22dcfcbc","sha1":"23eb2c82a2cf37357ab6f20927dc99c248a2faae","sha256":"119f29cd5a878dd6515956ef6571e03d3fcd4a91ffa53a929bf8b2b65684c510","sha512":"b99b2e67b9570a55979e47ec386a7c7394b5f68f8ef8f59d87f4e9407663613b887d54c1c4388083fbcf2633e546590ec5b8495ef4290ad1bef0b37bead06d09","ssdeep":"1536:ic4Bys1/N5gpvcZFr378CgGJWH1EaTmj2wa/a:gmvcLkGJWH1ECmaI","tlshash":"d173d9883f96b0a403a2b4b3261fd50ee13a4d52658cf4d8db1794d8ed6cf1bfa39914","size":76516,"data":"","first_seen":"2025-10-08T09:45:31.160347Z","last_seen":"2025-10-11T07:10:57.019542Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.seaofads.com/Scripts/infinity.js.aspx?guid=4e69f855-2c35-4d4a-af81-8ad75434b320","fqdn":"cdn.seaofads.com","domain":"seaofads.com","tld":"com"},"ip":{"addr":"172.67.140.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ae1726c1db83b3c733709455f0eed0b","sha1":"82db97cfd3479b7076119b8f497e2f5e50fde3e6","sha256":"095b369142b2b13d50d061ec5b0b2974fb203fe6a01b9222ac74b9eb4e0d88f1","sha512":"a96d3ab467da1c59ca8318f1b0c46e514208b478b273664130d69686b09e2e0c0c1400d57030db6c2d8453e244d3f62b07324eaa8dfa566648d854bae15695d6","ssdeep":"1536:R3hEUjlRC3YxEtFKBr+2RHUiogsjwxe5F4PtHARCOKk44roi0JY3FokIAxxgZHMI:RhEUFEtBxrO8vWOiotq","tlshash":"34e309397142603501bda554613f334a7b3a2dfc570aa424bb2cccd86c7998e627bb7e","size":155330,"data":"","first_seen":"2025-10-08T10:27:40.440021Z","last_seen":"2025-10-08T10:27:40.440021Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/buddypress/bp-core/js/jquery-query.min.js?ver=4.3.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c36eed91beaff12ee36e5c012872faf0","sha1":"080b6b24a6ca224dfd4fc178c54195c712fcfe83","sha256":"046b1a95c139aeaef8f2e3c321041ba7d00e80e4fb96da4e783ff519bd06070a","sha512":"040e7bf8fc59ef7046ff89ee23a16cfdf30e83806bd9afd595bc324554202f95f800ee8ccc6125fe583371ea1d8c57c7ac3d34ce4daf2cfecd915554c4fd6aa5","ssdeep":"","tlshash":"5ab092c161868d9c8baaa849464e25cde27c8b0a99df161494a3f28097b836a8772130","size":119,"data":"","first_seen":"2023-03-07T12:11:17Z","last_seen":"2026-06-08T22:29:26.594268Z","times_seen":239,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ddb38cec2a3e44027f210856f6c3ab06","sha1":"8dcbb5f9a59c7d2c12441b2d46e47194281e3fd7","sha256":"145bcde519f7316cb23a753d5147be17044a81c66d3e2062610f49738914a969","sha512":"bbf3d3201d294b0a4ac92e1619eaed9bd6764a0da32712ff7dc7837d043795c4704108ca013e794ec4a536facba30be2dfd6a0872d20d5708a2d6c8e2f9f516d","ssdeep":"","tlshash":"ebc022b564a490300424009a707beaa83c31318874926080c48d781ca924fd30452ca8","size":187,"data":"","first_seen":"2025-09-24T02:22:33.853601Z","last_seen":"2025-11-12T14:46:36.801298Z","times_seen":271,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"bb161e88dff626bfea83c5617e3df2f9","sha1":"7b2423cbaac75374c0db8f9c6dd35facc5c238ab","sha256":"d722fe0029cbcb62f49297d0fcceb49f670864df1e3aeaa56ff9476dc3ab2ecf","sha512":"7b56654dc450644351f4414344a592df8a039ea6c5a2af95c4fbfead794b3a501024fe68729bc859040cb7c284fb5c8b771a5bad8e33379ab2406dfbf7b90f26","ssdeep":"","tlshash":"f511c0753a1a5534c9c5819b31bef7a93e3260617a02a084c3acdc299d18e8714efdbe","size":902,"data":"","first_seen":"2025-10-08T10:27:40.4759Z","last_seen":"2025-10-08T10:27:40.4759Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/bootstrap-3.3.5/js/bootstrap.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1f57084dd4489eb4b77c8f850177a787","sha1":"bf0c3cf5d9a9775a5c6a73576e2be1e00cab6e33","sha256":"3684b7cd203df98651f804f801a62884755d1bc1af449778e5a51cff1f563852","sha512":"1570700c4620463cf824ba988ec60ccf6e9814cf6e459504915a57f0f360cea9a645a946c307bdb76f070ba02413dca615e4882a83d8dcceaf4de639cd34cefe","ssdeep":"768:1LBtidRanpFkpHpb76uYdvytNqbdK+KSIEhYAPl641:XIcPhKh+KSZPR","tlshash":"5723b7067630316202ffa1a7805b234d733da629940ad0bcb8799bd43e75d45b26bf7e","size":46884,"data":"","first_seen":"2023-03-07T01:26:29Z","last_seen":"2026-03-29T08:51:51.168763Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/wp-movies/js/common.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"60815785ae931c55e4896529d88d6eb9","sha1":"c06471c09a857d04d2df2182ec1e0a272dbf5232","sha256":"a874710db02e2f425060b222dbe5cc8a10070a32c09a23ab59f95f9072258e1c","sha512":"4a1f1199dbbba5b49569a5f4d292541efe7a5c908ce59264f84fb6075f85c3c4323ceeeb28c1617e030542cf5ab296236bdf39a6fd628679019366a791546307","ssdeep":"96:0VP0tCnRnlPHvvhbL9vODYveMXxac0O44oF:6fnRndHvvhbLgMhXv0O44oF","tlshash":"3f91936e7187145b88e32df72daf3017e87a5e140a1ce4f4da00d9aa2a74549da3bf0d","size":4425,"data":"","first_seen":"2025-10-07T13:13:54.864407Z","last_seen":"2026-03-29T08:51:51.152236Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2018/05/avatar1526856863.png","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2018/05/avatar1526856863.png HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cEAOdarQckizwis28eMVVavWGV9UXUzyrfqoQdnVi9xQHE0ZnfLv9FRMbkP3NAXHV82sQmFOpnAbPiOo978YhAyoaCkIK5Oyb9i2vpuGtO5MGIl9ohJc3jU%3D\"}]}\r\ncf-cache-status: BYPASS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f193dbde1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":206,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"47e655a40d6414e2e20fb7200ebbb7d5","sha1":"f44ae996e01976eae4466ad0f261fa20ee051631","sha256":"09362f9ae36eee33a1f619f0af1a68d29d7d57d85fe34fc766566c8625c306d3","sha512":"e847ff20884dcd3ceb57028993d9263f98191a241d8f308aa01f080b6a243e84a56b8104834c78e6092010610ab53e9ab8e42989326a78e281bbbffa122e4b8e","ssdeep":"","tlshash":"9bd012e739413d6dd4e3717d28836a98f29595dc10f8651045e11f6332cb2966bc3b13","first_seen":"2023-09-14T05:49:03Z","last_seen":"2026-06-10T02:02:14.288053Z","times_seen":792,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gravatar.com/avatar/55bb067c945bc0e17c6c4def15145634?s=40\u0026f=y\u0026r=x\u0026d=wavatar","fqdn":"www.gravatar.com","domain":"gravatar.com","tld":"com"},"ip":{"addr":"192.0.73.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gravatar.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Wed, 13 Aug 2025 19:44:00 GMT","end":"Tue, 11 Nov 2025 19:43:59 GMT"},"fingerprint":{"sha1":"74:C6:11:97:72:6C:AD:3D:C4:B8:07:B9:71:B0:52:7D:5C:EB:20:23","sha256":"0C:AA:22:E1:81:4D:7A:6C:A4:5D:C6:37:89:F7:40:15:1A:3C:86:FB:89:C4:F0:EB:1A:74:4B:32:C1:CD:2E:A0"}}},"request":{"raw":"GET /avatar/55bb067c945bc0e17c6c4def15145634?s=40\u0026f=y\u0026r=x\u0026d=wavatar HTTP/1.1\r\nHost: www.gravatar.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 10:27:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 2095\r\nlast-modified: Wed, 11 Jan 1984 08:00:00 GMT\r\nlink: \u003chttps://gravatar.com/avatar/55bb067c945bc0e17c6c4def15145634?s=40\u0026f=y\u0026r=x\u0026d=wavatar\u003e; rel=\"canonical\"\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nexpires: Wed, 08 Oct 2025 10:32:08 GMT\r\ncache-control: max-age=300\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: HIT arn 1\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=HIT;dur=0.0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2095,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 40, 8-bit/color RGB, non-interlaced","md5":"2bc1b775abe8424261bd2f5d2ad854a5","sha1":"90a66156c303d79addef294c6a4409cdd06766be","sha256":"27b8aa277170ae34e45b40f4688075447e2790d4cd70543b07cefd56be1fac77","sha512":"f0cf3f3f7c3bc584e48c930dd6cf579b9af1d0239a74a79a797e443f6a18812e288d4de9c37a656cfecc7ec9f9850093ec090db2114dd41dbc2bca48b3524e4b","ssdeep":"","tlshash":"4441197e58b24d8c348286535842b21ca7c611fdab90a300260b26489b1dd3cdca47e7","first_seen":"2025-10-07T13:13:54.867616Z","last_seen":"2026-03-29T08:51:51.229623Z","times_seen":8,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":56,"dns":210,"connect":8,"send":0,"wait":8,"receive":0,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-includes/js/jcrop/jquery.Jcrop.min.css?ver=0.9.12","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.870Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-includes/js/jcrop/jquery.Jcrop.min.css?ver=0.9.12 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=btVeO%2FoRD8%2B7zpjihOnF3rwRLc%2BA1uIdAUW1KjiapxNj07MnHTuXazNpnU0ztH58hGy0eMqI%2FNIxlQTjlC4oasZdOlV0mIU%2FbRbPKOerIz6Q1DxgajhbP1k%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f192aaae1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2124,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"56cc9ea201dc2f4b910e78bfacac9211","sha1":"54188a4fe21e7abd464d997fc6a7a413f51a257b","sha256":"1d759cb63296f313922f5cfa5d922bb069adac2d2a52014c57168f97d9e1fae9","sha512":"61dc5648ccc83a39af98415ffb71fa779b981713f7aa5e22a59b9d56cbb403d643ed41f2afe30c2ba8777e033eae5a30b15d9710908f7712218cf53a8235a7ca","ssdeep":"","tlshash":"a2414971ef59102cd0239c67f5b2a8e8381a2b9343d6bbd1a9c5b9e2c53da68e512244","first_seen":"2023-06-15T08:18:29Z","last_seen":"2026-06-04T15:29:21.917336Z","times_seen":68,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2016/06/2/a/attack-of-the-giant-leeches-18888-150x225.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2016/06/2/a/attack-of-the-giant-leeches-18888-150x225.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:06 GMT\r\ncontent-type: image/jpeg\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MyK443I3ynYajeVN5LwIAwP%2Fo5BaWzVlDfK1vA2LdPvJdFA0PS954%2BLMbl0RFeyj9aMLvfXMYhvxNgr0Ukr3sw1khjnERNw7SvEbXb%2F5pltQPujSlgWFCz4%3D\"}]}\r\nset-cookie: view=1; Max-Age=86400; Expires=Thu, 09 Oct 2025 10:27:05 GMT\nPHPSESSID=q5a2j2phpqnkou1d2lad1d6mvn; Path=/\r\npriority: u=4,i=?0\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f19a3d671a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14663,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x225, components 3","md5":"aaa5eb08be282bf1408eb1b7feda84ea","sha1":"ac99f9377a2e4dd2f13852b64d75ba83b7182b96","sha256":"831872f621a23d8c7851abb8c82ec1990f23752f6d55a2cedc729b9c8d4515e2","sha512":"82316e1bb5e5b876dcfc7b7a134470417516ac49f030a77afc25c5277e01cbf765848131f7269860051bbf9da3447b47540612a05f445a6e13149f3d02a6d64d","ssdeep":"384:V36om90SM2gjzwbP6CLpGrU9SQsYBY57Jl/FEczRb4uoRpZdMrNHYBZ:dg90S0KHLpGgUQs37Jl/WOgdSdYD","tlshash":"2062bfc3a43a5051d4ff94f21a18ab24f5947e0027e1c339785a2a7c07322a5db9352f","first_seen":"2025-10-07T13:13:54.728862Z","last_seen":"2026-03-29T08:51:51.088783Z","times_seen":8,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html\u0026l=1325\u0026fd=261","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html\u0026l=1325\u0026fd=261 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 08 Oct 2025 10:27:08 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:09.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"F3:C7:68:20:2E:52:7F:61:4B:43:46:72:CB:A9:29:91:40:A0:5A:96","sha256":"1A:0B:E2:45:70:7A:DB:88:E8:4C:4E:DF:ED:F5:08:2F:2B:2A:CA:33:09:72:DC:80:8B:D2:7B:C6:48:3D:CA:D1"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Oct 2025 12:56:02 GMT\r\nexpires: Fri, 02 Oct 2026 12:56:02 GMT\r\ncache-control: public, max-age=31536000\r\nage: 509467\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-06-11T01:56:42.938524Z","times_seen":877123,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 08 Oct 2025 10:27:06 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3430\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d4a680750fa4ce411da6dfea8f9dc992\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6293,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6293), with no line terminators","md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"resource_available":true,"data":null}},"time_used":648,"timings":{"blocked":263,"dns":1,"connect":93,"send":0,"wait":100,"receive":0,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/favicon.ico","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:09.935Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://streamdreams.dirproxy.dev/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=ffki957an88r45irtce9n3sotl; dom3ic8zudi28v8lr6fgphwffqoz0j6c=1745697a-7a84-4ec8-a970-36191885505c%3A2%3A1; sb_main_a286902791a7f4c98bcb1e812322cd78=1; sb_count_a286902791a7f4c98bcb1e812322cd78=1; sb_main_a032b4d33c8aea68a4f9b84235614bff=1; sb_count_a032b4d33c8aea68a4f9b84235614bff=2; pp_main_2200540f09f939738419313a1a090c32=1; cf_clearance=MkXyfpEjGapPFsef0CJJaw.Rwv2Qfa5WxIBWBNvpAGY-1759919227-1.2.1.1-1DicwaxqgBPOwCdQVkxf8T.I76pDJ1aj7.FM8G4mwOwtNcJFuqdktzr8djdvWDqJrUoOy2BqQPIqmGNc0rrDJHWiI1bm0a.U2Ive6dwhPGeQvkN9TvUJ6l.q71bjGyqOvWbBTl8ANMvoJHkGrsLcQe6M.k9baLOPmU1553DlOALRrJy1nB1Rg6fTN7yDGrH97yufKn8DRh.9tVR_dyipYlDjrFBopxN2Xi9oW7yG6dA; pbpr0tpuw4isk85t8yg3jb2lj5vqf=heartilyscales.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:10 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5k8vE2diSvdDeIvvgcWrQcNPG5YATQYYBoS9aJd92KuRg5VlrY73sYqaIkRRfwjjlILGLrM9i%2FB31Vd0qVwvEz4G1ZsDRX7KxPx7ha8f%2FsuoyIBX8EKWsfE%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:10 GMT\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1b318381a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":130,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/f/e/the-evil-inside-her-593456-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/f/e/the-evil-inside-her-593456-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TFzWKZCdMKeXtKr2hjyZAf4MhT5%2BG8KVIAxSABJavIBnY%2Ba58PRRm3NsBUxl4fd090FFQR%2F97sMhaIyjBi36qCWufE44f56eyxE%2FXambJJbgvRp6DaQFVRc%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1935b611a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10020,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"d86e6e6e61d781e861eca7689943c66b","sha1":"6ab074fdcc27f1be3eeb827f107bdcce432a8f04","sha256":"8d475d6f997fbdaaf9fda5551892892fd7a76df40548a2da22426d51b3af8ca1","sha512":"77fa928ef63e5418de449e5dccb33d7bc83538ecffb9af422406a1907c0f59e2ba289762ad44936b2bcb0c507a4318ff5d7f23ad96e567a2498ff510ea24ebe0","ssdeep":"192:McbI980Pd5ViTM1ce5Mm7IQZGcUhobmzyNapyDaK4LzdOT/1:to80Pz8o1ce/8KGTwmmUkDaK4LYT9","tlshash":"75229e135f72930ce8e52fead96ac36d8730d10567285838c935f75f935ace8da810c8","first_seen":"2025-10-07T13:13:54.998174Z","last_seen":"2026-03-29T08:51:51.239627Z","times_seen":8,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2018/04/avatar1524382833.png","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2018/04/avatar1524382833.png HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/png\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IeNkkzJ92RRJ0JH7ymV%2BEpGsUsPfdxEsHgDsbzVRVMHbCny%2BTFwyxL6HLf%2FXHLeHZg%2Bh6kdB3HiIf%2BIijd2HCFKStaAruKtGja3sUvMTicpj%2FWsaWbCTFrQ%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f193dbe01a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":456358,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 465 x 465, 8-bit/color RGBA, non-interlaced","md5":"23d58623f626ad9e1646f0af17cf54fc","sha1":"407a7f1c73807659dab923f799b538d75eb0dc11","sha256":"3bf755c8cd5cbb6e53fda45134dd18db99d04483e77f5fe28f79d59dfb408735","sha512":"ffaa1cad5286a7cef21599212fe7d2399e0f5e7f7d80e23b3201d66f295598572bb238708b78925faf1cb82c58bc3cd4913687d0f6d4171daf26890ee2f88f0c","ssdeep":"12288:cpZKxLQyh4K3QHhyk9YEOFzYIgswQLlR+SWHE:y8QADEogDQZ8JE","tlshash":"27a4233bcd68c915071e4163e9e1e692b7e1206c07ccce68540fe16c60aee9bad53f6d","first_seen":"2025-10-07T13:13:54.883939Z","last_seen":"2026-03-29T08:51:51.106641Z","times_seen":8,"resource_available":false,"data":null}},"time_used":379,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":263,"receive":116,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/js/global.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/themes/wp-movies-theme-1.0.23/assets/js/global.js HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rPZwsNIMt343oO7N9zy%2BUl2JcAp08gnkSHtmH%2FMSoU3fLhDmPmWaquiR%2BMnzpEONhOhs0MZmFGoWDlUon7pzrWYJj4I8HfozT%2BPylWbTnf7iVjINJvrUzo8%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1943c011a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7802,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (382)","md5":"2f873d76a520e07a69c88a2ab5f45c2a","sha1":"35e8c6999a54a2f9380b6b0f80562652bd4b4cf5","sha256":"763d6750f8fb80b10b8c8681d3beb8dc394c0073c8c67ada0f9e05169dd945e1","sha512":"03504fcf7601d3cb54199b2abba32aebadac0eb3e270bdae40ffd00bf95487414b1c21b0c60ac2508f1ad6923f95d198fbff8813ebc204d57c065317569412cc","ssdeep":"192:w1iF47v6g/EYfPHozwz1epdRPiO2PXMhDEdxv30:wcF96fPHozw5epdRPSc","tlshash":"6bf1c74cb46aa41a50d37477255f598e2037688fe158f6cef07ea4a04f68c44fb23b6d","first_seen":"2025-10-07T13:13:54.952157Z","last_seen":"2026-03-29T08:51:51.200792Z","times_seen":11,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8","fqdn":"vmuid.com","domain":"vmuid.com","tld":"com"},"ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.377Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"vmuid.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Sep 2025 01:59:37 GMT","end":"Mon, 15 Dec 2025 01:59:36 GMT"},"fingerprint":{"sha1":"84:BD:C5:EF:9D:1D:34:8C:A0:22:2D:D2:FB:A2:D3:F5:74:5F:7A:90","sha256":"30:7E:44:EB:16:94:91:A3:8A:D6:C1:32:D3:2D:D0:B9:A7:40:77:14:44:AB:8F:B5:EE:45:E6:8B:43:50:B5:55"}}},"request":{"raw":"GET /script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8 HTTP/1.1\r\nHost: vmuid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 08 Oct 2025 10:27:05 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 10178\r\nConnection: keep-alive\r\nCache-Control: no-store, max-age=0\r\nAccept-Ch: Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10178,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (10178), with no line terminators","md5":"dedd352338543b137f608adc8d0d4aa8","sha1":"100edb4e8fef9b6da043d51135077e68d2a61b22","sha256":"b338a91ba1d2ab7c3a7a0dd659426f5ffa4cd699be38e2bed5075c4d3e773a48","sha512":"e2fab4d95d5baa013a7c248945156524478341282dcffc462fb2de318f55ba29dcafba0db3abcfb6399c6164f6f630f06d48a7323b73f8ea05d5978cd60a4c5c","ssdeep":"192:ATn+ip4qxJ/gzuvu3fo8idwqnOqgStYc1qRP44+PHlCXXZE7904AxF:YbRJYz3oe+3tYGGx+NGXZCAn","tlshash":"2b22b5c9b2d2f06443d77161942f2007f23b2869b54dc498eb66e8d3bcb045ea227f79","first_seen":"2024-01-26T05:18:07Z","last_seen":"2025-12-29T12:17:25.567723Z","times_seen":3656,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":32,"connect":33,"send":0,"wait":35,"receive":1,"ssl":74},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"vmuid.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js\u0026l=962\u0026fd=577","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:09.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js\u0026l=962\u0026fd=577 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 08 Oct 2025 10:27:09 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/css/typeahead.css","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/themes/wp-movies-theme-1.0.23/assets/css/typeahead.css HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EDME%2BG0qJPFdLUVq8A73nZtlz6KsfADcqO79k3HRkl6hvuP6fpQjlr%2Fu2aR0CHB6HwGvwNOE3PCufVP14YDbKQv4KRJGDjsyKW9dCCYbAmPtjrcB6ievKuA%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1926a941a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5722,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (5722), with no line terminators","md5":"21135c438a001253cff8623a4664d091","sha1":"287e20f82cabaab707c9e3a262d81e76a8de794d","sha256":"481f7c3986b4865a9024618f85dd6adfc61471de9e8606a40d5ac97623fdc01f","sha512":"b30601ae13c194ecebbfe77c0df38023959f2090d2342a4f961b63adbceff79c1e4439d3cb4952945071960327dedf1bbe506942edee8ff50e449781eb154b15","ssdeep":"96:yqngYqt0XZWqlnmVo6PzscZ0r8tD/PWfWAQt:yqngYqt00qcVoEsflg","tlshash":"b6c16cf2595cb922b8a68f9469c0cc825c9e5003fe22289af70d61715eb691f873bf15","first_seen":"2023-04-12T04:45:27Z","last_seen":"2026-03-29T08:51:51.132712Z","times_seen":14,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/4/7/escape-plan-the-extractors-593355-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/4/7/escape-plan-the-extractors-593355-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mYOLafAWKMEWmZ4lzWM%2F%2F5nJBNVowTsYUeF8yqQ3h5ftmEnIJBEzhmWkGEHBPy9tMzD0tKugk7f%2FtUC2zP1IFafNzpsC7zm378dpZg%2BRZBGpQNkrl11hcUs%3D\"}]}\r\ncf-cache-status: BYPASS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f193bba61a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":206,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"47e655a40d6414e2e20fb7200ebbb7d5","sha1":"f44ae996e01976eae4466ad0f261fa20ee051631","sha256":"09362f9ae36eee33a1f619f0af1a68d29d7d57d85fe34fc766566c8625c306d3","sha512":"e847ff20884dcd3ceb57028993d9263f98191a241d8f308aa01f080b6a243e84a56b8104834c78e6092010610ab53e9ab8e42989326a78e281bbbffa122e4b8e","ssdeep":"","tlshash":"9bd012e739413d6dd4e3717d28836a98f29595dc10f8651045e11f6332cb2966bc3b13","first_seen":"2023-09-14T05:49:03Z","last_seen":"2026-06-10T02:02:14.288053Z","times_seen":792,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"matomo.hellohi.me/matomo.js","fqdn":"matomo.hellohi.me","domain":"hellohi.me","tld":"me"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hellohi.me","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Sep 2025 02:30:09 GMT","end":"Wed, 10 Dec 2025 03:27:45 GMT"},"fingerprint":{"sha1":"77:E9:73:0D:B1:FF:D8:33:D2:70:E5:D7:AC:43:15:25:3B:5E:8E:B7","sha256":"1F:E0:AF:A2:3A:69:98:87:C5:49:EF:0B:41:08:52:24:C5:3A:2B:56:AD:92:AD:93:7F:5C:00:22:3F:66:FE:4E"}}},"request":{"raw":"GET /matomo.js HTTP/1.1\r\nHost: matomo.hellohi.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Wed, 08 Oct 2025 10:27:06 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZT44TOfQfi4RECBixJ70XPQDap5Mz9sSqzfmwVD0zGVs4u16eJqIFCWOXhGIHr7EWFLE7q4OFehfPLyInkD4Y4t9v2%2B6qv2aCpjF%2FKzgQQ%3D%3D\"}]}\r\nage: 160\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 98b4f19ffe300b51-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":684,"timings":{"blocked":320,"dns":21,"connect":1,"send":0,"wait":10,"receive":0,"ssl":328},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/buddypress/bp-core/js/confirm.min.js?ver=4.3.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.885Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/buddypress/bp-core/js/confirm.min.js?ver=4.3.0 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MtRJGBe2VbYCnK5dAiT2Zc%2FWXdCKTsGdMyQsG9xjBlrml7YQHfNJ8QL9w%2Fom98qHaR%2BQ4BdUFL4wpZBQruvEdmi9owYd4W6ss7ToHuO2wEpylKkQkCCN3kM%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f192aab31a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":135,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with no line terminators","md5":"e582c1101a40828bce00bf1aaf6d6502","sha1":"de3b8d23ee9c4c634b94563a99a58041312d71c8","sha256":"41f0d0efedd81ee93f7e39d944e84c9d0901a768b023e075f6d73e9cfe714746","sha512":"bd7178ba641f9c5c312f1788f1e1b68242e36cdd4fb9bd11b4ff6cca159e9469bbe35db9711c2411eb84ca184824790a4912c8f2f7cf0a397d9e997a0998b519","ssdeep":"","tlshash":"94c02b2f746d34ee20a23274e0fb8706719334d029124e080d1812601f3c43408f3a00","first_seen":"2023-03-07T12:40:09Z","last_seen":"2026-06-06T22:54:45.41729Z","times_seen":142,"resource_available":true,"data":null}},"time_used":188,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":188,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/a/4/toy-story-4-593342-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/a/4/toy-story-4-593342-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dGxBDQEMY9UqXZ12WsUCpL3GvU4nfMPL1EaQSX6cYj9LcbXZnaSOyjPe0p1ci0rDadldp2J66CTIIeL%2FWzwP9ZIVVS23eNatHDvRqmvcGgZDZ%2B2p7noR%2B%2BY%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1931b1e1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10873,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x221, components 3","md5":"9aacd4352038e850d0a06063829efe17","sha1":"8854cfb5726cb3fac16d565d62bd0899bf5b915c","sha256":"daa855d8bfdbe68c079a1a314549a3802757ec853d5a8799a4e9e60887587367","sha512":"08535a3a6e72a924d38ed8c045a9405e8e6da6257a0d62a170e70347a5148497a65a8f4e1ea193f42aa654d31d603ac3411deafea0d2d70229be0af5eed94fb3","ssdeep":"192:M81Af0bHcouX7f+41I7xPC/FaIHoeajjjXH0+zj5PYWX/mSnEOGa1:j1Asb8ouXjFOxPC/FJH9aXA+xnEdg","tlshash":"ba22cf0897d6c28efe1a0eba91660d0d2e75e94714aaebb4f7b4edb107390c20f54c05","first_seen":"2025-10-07T13:13:54.84607Z","last_seen":"2026-03-29T08:51:51.242675Z","times_seen":9,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/3/c/revenge-is-a-promise-593453-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/3/c/revenge-is-a-promise-593453-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:06 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TjLgPh0k2q8SvP60B%2FzYgYv9d4XWl9W1TB9XH3vyHFLd5Rvw2kThJqCXs6p17vZqVk0m1ML%2FojF70QZe6bertkkXH1oO2RSrrQpoQ7NZvY3M1RN9QgykleM%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f19a1d621a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10919,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x221, components 3","md5":"fb4b1076256a39bb27d1dc4b9e2a398e","sha1":"f90553008bec2e109799e4a54b3d25f4257b625a","sha256":"f944d912d9ac08bff02b7d6724f0297c3f18ec6b80557ba0d48c029f4a8ab84e","sha512":"ebd5e45d9dbf2f433564277f14e9b883d5320e7356a413f31637c9584a209ceb9cec0942566133fdb649b8d56d46a56bdd282e42f44c929c3d13b18cadec2b0e","ssdeep":"192:MZY4kiHIzkyppMd3cnhhXIVsZIUIdgleyqn0ClwPYIssyjim0pbgvQuFfmoBiB7t:F4RHm3ppMd+h+UQrC/m0pbgv3F9BiBug","tlshash":"8d32bf87b6410245ec257e3a8770d4a08f672dd8c644414f12fbe6109d36af11c95cf6","first_seen":"2025-10-07T13:13:54.769919Z","last_seen":"2026-03-29T08:51:51.212971Z","times_seen":8,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.gravatar.com/avatar/dd3c4cdf42295040a5e0bfaad33012c2?s=14\u0026d=wavatar\u0026forcedefault=1","fqdn":"secure.gravatar.com","domain":"gravatar.com","tld":"com"},"ip":{"addr":"192.0.73.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gravatar.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Wed, 13 Aug 2025 19:44:00 GMT","end":"Tue, 11 Nov 2025 19:43:59 GMT"},"fingerprint":{"sha1":"74:C6:11:97:72:6C:AD:3D:C4:B8:07:B9:71:B0:52:7D:5C:EB:20:23","sha256":"0C:AA:22:E1:81:4D:7A:6C:A4:5D:C6:37:89:F7:40:15:1A:3C:86:FB:89:C4:F0:EB:1A:74:4B:32:C1:CD:2E:A0"}}},"request":{"raw":"GET /avatar/dd3c4cdf42295040a5e0bfaad33012c2?s=14\u0026d=wavatar\u0026forcedefault=1 HTTP/1.1\r\nHost: secure.gravatar.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 10:27:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 528\r\nlast-modified: Wed, 11 Jan 1984 08:00:00 GMT\r\nlink: \u003chttps://gravatar.com/avatar/dd3c4cdf42295040a5e0bfaad33012c2?s=14\u0026d=wavatar\u0026forcedefault=1\u003e; rel=\"canonical\"\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nexpires: Wed, 08 Oct 2025 10:32:08 GMT\r\ncache-control: max-age=300\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: HIT arn 4\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=HIT;dur=0.0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":528,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 14 x 14, 8-bit/color RGB, non-interlaced","md5":"21b28f06a68f96d3a9fb48f0fb0721d3","sha1":"6a7e4d6816299b2b0836c6d8a9d8d5c29d772a0d","sha256":"8b3271b8b0724243f5a793c386fd1a1e8d1ac2ad40351272954a4067a7f7ee42","sha512":"5b38852a0fdde0d6db25e87a903d5d67fc82c46f42271cb230bf0a87d84d2fa9086241279ab15ece3073d7de9788e9fcf3afdeb2e70c8aee798082c4d8686593","ssdeep":"","tlshash":"d1f075c90152d825af468a7b1161f001df3906e578a1ae0e04bafeb119db8d093a57c9","first_seen":"2025-10-07T13:13:54.731734Z","last_seen":"2026-03-29T08:51:51.164359Z","times_seen":10,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":62,"dns":195,"connect":10,"send":0,"wait":8,"receive":0,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fnotifications%2Fios%2Fnew%2F2%2Fcss%2Fstyle.css\u0026l=4676\u0026fd=556","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:09.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fnotifications%2Fios%2Fnew%2F2%2Fcss%2Fstyle.css\u0026l=4676\u0026fd=556 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 08 Oct 2025 10:27:09 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/micro-themes/active-scripts.js?mts=1156\u0026ver=5.2.2","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/micro-themes/active-scripts.js?mts=1156\u0026ver=5.2.2 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=g9rZeprQO3CM8hrDD0D0kovqJA9rE1mCwyACu8uXdyBWV6f8s3MAvFMVAWi0A12VtfSNRD%2FZCCKNPDO4qBeWNE2C30OH56AGf6mn1A2JB%2BqaQYQ42pRyu5o%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f192fb001a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":106,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with no line terminators","md5":"6311a616937e80f4bc114535c2b66738","sha1":"7d825c49142dd1b45d4868c6721eb496524fd237","sha256":"29972bf1fc3e4ad90212cc1af10dd9cab7700048f31b915a751a6e6191f27ebc","sha512":"7dec0d7c588978aae27b0afe60c1c454cfa2445e9202bfb5728a4b213836053f66f9c671257cdfe5e5d3231005b467f655288004086103ac899a7e5344766cc5","ssdeep":"","tlshash":"cbb012ff909c988e9e672241083b270579433467651800918348e2110c2c1209066725","first_seen":"2025-10-08T10:27:40.28456Z","last_seen":"2025-10-08T10:27:40.28456Z","times_seen":1,"resource_available":true,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/buddypress/bp-core/js/vendor/jquery-cookie.min.js?ver=4.3.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/buddypress/bp-core/js/vendor/jquery-cookie.min.js?ver=4.3.0 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WW4JBVhxAAcguz2wdCrd6UEOE9VlaolBPJzCY3h3LQfWCaAPdEX4RFNtiv8ItWJ4uWBLkmlq0fd1A6IQWD0DQ01AVthv6cG6EM777p2PbEUx9ngboHFrqEA%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f192bac11a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1260,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1260), with no line terminators","md5":"d833fe9e588d95ca1898efa7b852aade","sha1":"31ff1112da5b7a91cedc3cbb220391124cffa18c","sha256":"62f2f3e642ef54a52909525af5a51cec84a1543d3899bee8d169095c2bc73287","sha512":"11bd52f69913865a3ce2e43163885230d37cc418ab8e35fbcb1dbd6e906ccd5a169986f4fc58b136cc4558610b8562b68926dca991767ee2d0263e5675f46cd4","ssdeep":"","tlshash":"8a21e0c83489b846166f663562bf1a9e70b86f1124a94095c642b6f03e709c71a72ef9","first_seen":"2023-03-07T12:11:17Z","last_seen":"2026-06-10T17:27:29.384443Z","times_seen":1043,"resource_available":true,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/luckywp-cookie-notice-gdpr/front/assets/main.min.js?ver=1.1.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.908Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/luckywp-cookie-notice-gdpr/front/assets/main.min.js?ver=1.1.0 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kFUU1Z%2BC1HeXwDDfzfZrrFG%2FtKEI7wtETd6l2%2BS3j%2F7dMDccNh%2FQJBmD%2FfW99B7KSvFiNhRhk%2Bs89oSCN83d5TRKv2VlG7WGaupQL877uThHjQyVUnzR32o%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f192daea1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1384,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1384), with no line terminators","md5":"a6e462f95de6aa0ce2909797af649e6d","sha1":"188a3242bcb79ddf0a062da602f0e88a8dfa8fde","sha256":"61f90f760d8cda014eabe3d8daf214c949dee6f4878004c3aefa23d0ab391719","sha512":"4d6ed12f75cce36e0f5b079c5b56143f0776531765d555b41e96455fc70ddb14e981c8147b94064c9f64ed6652f2a3612513e654132d0ee708bd02a3e9a73464","ssdeep":"","tlshash":"e321ed0ef28160b21d0e32bd0eab07f8da332c1ea613734992bf96545417a8dd0078ce","first_seen":"2023-03-08T08:26:00Z","last_seen":"2026-06-10T08:13:07.983341Z","times_seen":272,"resource_available":true,"data":null}},"time_used":195,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":195,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/sbar.json?key=a032b4d33c8aea68a4f9b84235614bff","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:07.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"directlycascade.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Sep 2025 11:12:27 GMT","end":"Tue, 09 Dec 2025 11:12:26 GMT"},"fingerprint":{"sha1":"76:17:4A:20:73:64:94:52:3B:6A:50:E2:7C:F7:F5:73:52:38:47:A4","sha256":"66:CD:95:7F:5E:D7:56:27:7A:6F:3B:80:CB:84:DC:89:A0:F0:BB:44:49:55:B4:81:76:24:2E:38:E3:FC:78:29"}}},"request":{"raw":"GET /sbar.json?key=a032b4d33c8aea68a4f9b84235614bff HTTP/1.1\r\nHost: directlycascade.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 08 Oct 2025 10:27:07 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4211\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://streamdreams.dirproxy.dev\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: pdhtkv=true; expires=Thu, 09 Oct 2025 10:27:07 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Thu, 09 Oct 2025 10:27:07 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Thu, 09 Oct 2025 10:27:07 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Thu, 09 Oct 2025 10:27:07 GMT; path=/; secure; SameSite=None\nu_pl22675059=1; expires=Thu, 09 Oct 2025 10:27:07 GMT; path=/; secure; SameSite=None\nsleca032b4d33c8aea68a4f9b84235614bff=[6220621]; expires=Wed, 08 Oct 2025 10:27:12 GMT; path=/; secure; SameSite=None\r\nHost: directlycascade.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 28bfeec4b87bd429e1b6cfd8471cd32e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5743,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"68636099bf8ab1464e8cdd51f885ebf4","sha1":"960a9b2ea1f24f9294b5ccf98b81c3e9b02efdb2","sha256":"6675851dabb7914f6b1e3d20d4146e427627e93ddede925d636f915b05e2d4e2","sha512":"6846e6e2187aa4e9fb900308f32a149fcb13613192c5592879232f823dc410216a0710a8fbc33c1f339447b039e2e3206ba189f87c3eb7eb66e7bc007f9b501e","ssdeep":"96:9zn4oDudoxLN/jzXExrCAe77JYOSlWb/Lvq8wlKK8Shi4V7EpxQxAcGCFyAyijoi:9zfDhxLBzKlbOmo/ylKKb7px1IAyijoi","tlshash":"dac14dfea3c073d11fd9962c594b0ee42d11b88ab9484e67ac0fdf3dee61a5d4790809","first_seen":"2025-10-08T10:27:40.28691Z","last_seen":"2025-10-08T10:27:40.28691Z","times_seen":1,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":301,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/b/?https://streamdreams.dirproxy.dev/favicon.ico","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /b/?https://streamdreams.dirproxy.dev/favicon.ico HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nCookie: PHPSESSID=ffki957an88r45irtce9n3sotl; dom3ic8zudi28v8lr6fgphwffqoz0j6c=1745697a-7a84-4ec8-a970-36191885505c%3A2%3A1; sb_main_a286902791a7f4c98bcb1e812322cd78=1; sb_count_a286902791a7f4c98bcb1e812322cd78=1; sb_main_a032b4d33c8aea68a4f9b84235614bff=1; sb_count_a032b4d33c8aea68a4f9b84235614bff=2; pp_main_2200540f09f939738419313a1a090c32=1; cf_clearance=MkXyfpEjGapPFsef0CJJaw.Rwv2Qfa5WxIBWBNvpAGY-1759919227-1.2.1.1-1DicwaxqgBPOwCdQVkxf8T.I76pDJ1aj7.FM8G4mwOwtNcJFuqdktzr8djdvWDqJrUoOy2BqQPIqmGNc0rrDJHWiI1bm0a.U2Ive6dwhPGeQvkN9TvUJ6l.q71bjGyqOvWbBTl8ANMvoJHkGrsLcQe6M.k9baLOPmU1553DlOALRrJy1nB1Rg6fTN7yDGrH97yufKn8DRh.9tVR_dyipYlDjrFBopxN2Xi9oW7yG6dA; pbpr0tpuw4isk85t8yg3jb2lj5vqf=heartilyscales.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:08 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tbz0dFBfZ5O0PL%2FSQJ2849h%2Bczt41wOTBKvsXwj2gpLWSlJdb7g%2BWHJkYapijHd1FitMcUeNJW%2BAouDZ9fcZ2mne8ebZViYDQwyXBKtCIZAJyBpCLmW509g%3D\"}]}\r\nlocation: https://streamdreams.dirproxy.dev/favicon.ico\r\ncf-cache-status: BYPASS\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1a84f4c1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2017/02/cropped-cropped-fullmoon-192x192.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:09.933Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2017/02/cropped-cropped-fullmoon-192x192.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://streamdreams.dirproxy.dev/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=ffki957an88r45irtce9n3sotl; dom3ic8zudi28v8lr6fgphwffqoz0j6c=1745697a-7a84-4ec8-a970-36191885505c%3A2%3A1; sb_main_a286902791a7f4c98bcb1e812322cd78=1; sb_count_a286902791a7f4c98bcb1e812322cd78=1; sb_main_a032b4d33c8aea68a4f9b84235614bff=1; sb_count_a032b4d33c8aea68a4f9b84235614bff=2; pp_main_2200540f09f939738419313a1a090c32=1; cf_clearance=MkXyfpEjGapPFsef0CJJaw.Rwv2Qfa5WxIBWBNvpAGY-1759919227-1.2.1.1-1DicwaxqgBPOwCdQVkxf8T.I76pDJ1aj7.FM8G4mwOwtNcJFuqdktzr8djdvWDqJrUoOy2BqQPIqmGNc0rrDJHWiI1bm0a.U2Ive6dwhPGeQvkN9TvUJ6l.q71bjGyqOvWbBTl8ANMvoJHkGrsLcQe6M.k9baLOPmU1553DlOALRrJy1nB1Rg6fTN7yDGrH97yufKn8DRh.9tVR_dyipYlDjrFBopxN2Xi9oW7yG6dA; pbpr0tpuw4isk85t8yg3jb2lj5vqf=heartilyscales.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:10 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2B%2FVGKTLdmIo9PVDyimoY8JrUDXmD5Ynuy9xAlRX5uMf0CghAfbBWpGvcTAoqiKiHrSLd92LUb6QkSjh4%2BmYMATE%2FxexL4Ql95G5Y7xq7OvCE5q%2BJsAjHUDg%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:10 GMT\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1b318371a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6771,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3","md5":"952e34849b374a735462cf6e4f641af7","sha1":"71d9855d8302530e94aa2daafe7906617bd7c1b3","sha256":"37c6dd91609f91830c94b276bc3af58e10f431395d9b764c33a40ef170f660bb","sha512":"b03b634eaee32a5090651731a2713ed3d4d6bec7e42b7f94c37db80d57e23b8fcb4d14a43915228cc071ff0c07df9e0b25c3d70eedd1ddde9c576320bc59afa2","ssdeep":"192:7YVUMN1k6GSWYHkE7fteloqqk0XUP7EEf0TY6vyUR2TEPe:7YVUMNvHkExQ6XUPIU0E6vyUzG","tlshash":"17d1af8a61da8f0ac64e4e312e730fda31d83e883cb6570204637729b77a0f6c451ca4","first_seen":"2025-10-07T13:13:54.701416Z","last_seen":"2026-03-29T08:51:51.178695Z","times_seen":11,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/bbp-style-pack/css/bspstyle.css?ver=4.2.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/bbp-style-pack/css/bspstyle.css?ver=4.2.0 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uZQ%2FbQjetpHqm3iu9xt1GlPB0daWWwaBOhewqC2Dryjxs%2F31Uv5bdj0xl8NmNDk4As8FVZSJVoy424IgTH4KAQUXdnliqOarMHh489L6YGJllJddQI5gp0U%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1928aa51a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11895,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (11893), with no line terminators","md5":"96fa204b4cc149a7603305de13b497f2","sha1":"14a45860069d10756e4f7c54bbff30ae37529c25","sha256":"6f772441ca6467bca371eb17613284f4d9c13256ac0926906416489c737d012b","sha512":"0f5e71ef1d6082a85c14b43aaf997380a5fa736fd5725a6f37bc35d648924bf561fc3bc65ded46d1ad10a38ef7f61e987359df98488170b892764a4616004300","ssdeep":"96:rg+BUxMnJHyJbozWVGNZeTQfxQBNWi58p5DlCSl98jsC4m4GadNcIPGeGoG1GgGp:rpWuitjsC4m4GCNcItYhXnMJDp","tlshash":"6932dd308d1debc5b212f49efbd174112250d964f882ead39037787843da06eee7d2a6","first_seen":"2025-10-07T13:13:54.827174Z","last_seen":"2026-03-29T08:51:51.114562Z","times_seen":11,"resource_available":false,"data":null}},"time_used":147,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":143,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=ffki957an88r45irtce9n3sotl\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nlocation: /cdn-cgi/challenge-platform/h/b/scripts/jsd/16f9cd2f90a6/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\npriority: u=3,i=?0\r\ndate: Wed, 08 Oct 2025 10:27:06 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\ncf-ray: 98b4f19e8de01a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10181,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/c/d/madhouse-mecca-593585-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/c/d/madhouse-mecca-593585-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U%2BGaqhIEVIOZHKGDrbauh2OEmlQ892rvzDs%2BD2iMPA5T4Mc8JWibfxQ00bD1L2dIK37Gsyp%2F0wqG5ZzYZwJE5QQYtE0gQrokG6tFSf9kiLMPY6QkXDgHHPM%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f199fd5a1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7097,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"1a5ef64203182a172228f34d2f7b4412","sha1":"608088855870cd631c297c57d6451e330b7d610c","sha256":"07927cf85c8ecf2727e87e8468bad2ce2ef527124c5fd7186357212cab023fa5","sha512":"0a9d43595fe17aaad71a172943412d7908c46c74e3098b3b0c5c15a7916491b9c85584d6a6c42a797704039afcd3c3849d069fc915c8b4a6b3c8cb20a71cd25d","ssdeep":"192:MWa0/5Od+SFIe8IiFvUSOq9FoZi7UEahK:gUk+8iXfoZi7HahK","tlshash":"b9e16db62f509a85d88badbe0a9697044e19cc5de1e29f097c3bd505b2723c2ea0c5b4","first_seen":"2025-10-07T13:13:54.957093Z","last_seen":"2026-03-29T08:51:51.117285Z","times_seen":8,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/js/jquery.blockUI.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/themes/wp-movies-theme-1.0.23/assets/js/jquery.blockUI.js HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fWX8ifUFxvCqnK77LCgUgmEO6SYVFQHbPPCHzVHWuktkgrd3V%2FoJ%2F%2BrPsErAwdw26QxEPDTrFManwA3lfPMKIDK0X9vdM5gIWznDvf8SyRE0O2G%2BruqK9oM%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1944c041a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11438,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1376)","md5":"c6d5b17ff66243065b008250904728e4","sha1":"12a9930890416d49f5cf1e8dc21fb272682d77fd","sha256":"3923af32e835758da47f989bee7c16ddf1bd02307df25dc6827377957f5833d1","sha512":"aff5af5a204c0669f889f6b7057072592f705765b97e6ec465bbc082ba194e61f71bb8f9554fbbc04857ca33309a1434e59aa00dc13a13927b1c77bc987d35b6","ssdeep":"192:PZf6grGfOCa32wZptCC5zk3P5PbjKikRMb9ml6FeQzT0n5GJwmNrO+:P1CamaCCJShXAWmlweQzTIYxO+","tlshash":"ae32fa7c30b3909641f376917dfbabcb7b35253bd483a8c1d078d1a925ace5aa112d0e","first_seen":"2025-10-07T13:13:54.931803Z","last_seen":"2026-03-29T08:51:51.138299Z","times_seen":11,"resource_available":true,"data":null}},"time_used":193,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":193,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/to-top/public/css/to-top-public.css?ver=1.8.1","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/to-top/public/css/to-top-public.css?ver=1.8.1 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=shcLnTx2%2FN%2BjveEwLfOxdZs45pJp0UwxrG64g8fv8JoN9i2PSA2vlt5nyTDisbHpai%2FFsWXE0VmOOjH8p6fz6YQpxi5jzC4nqWD1CGOCYhHyBn04Rdm%2BIhY%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1928aa11a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":525,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (525), with no line terminators","md5":"a14b2980a2368b056adc0b0cae1dd804","sha1":"9210c9acb8ecb3f3d1d25f2524abe4f6822370c1","sha256":"f1b875fe8868c894f20a8c48777195b88c764af61be864a9ea7709f2bfd24192","sha512":"a63baabdf52a6b5d7ce5d8ea0fa80c9608db0c6f75b89ffa79f9d284683a5a1c696a64acb9bb6bf889a650c0f7cc55f9cd95b38ea0a8801c2961dbe1535b8dd4","ssdeep":"","tlshash":"87f0c97184a86159e16bda18f0d3efee34748263d6b71605a6cabe74c2824db0d3230c","first_seen":"2023-06-18T06:55:14Z","last_seen":"2026-06-01T07:09:03.340584Z","times_seen":71,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/search-filter-pro/public/assets/js/search-filter-build.min.js?ver=2.4.6","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/search-filter-pro/public/assets/js/search-filter-build.min.js?ver=2.4.6 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cwByM98OMYRgmKSCXQ0bYihJoITVE17dmevO%2B81XVo3VPWbaYsLnsvBrpQ40kPrtPZNnxY%2B60e1LCfK7JG%2Bk5iHe0AyGvI%2BOJrSKB%2FcCguwF1NchTchAkfE%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f192daeb1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43091,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32060)","md5":"4e3affbe4574dcfbb26b4248f80b4b2a","sha1":"e6404709fd27fd724d5dda797e00f58eaf09e117","sha256":"02c73295f0735f12b364ea36a34cb3b920f33ab344fee485a9b5b23556e3be20","sha512":"fed719fbe9af155ab000c332b099986701446a0bfed02f49bd28f8cb32bff58ed854744958c00d1060f3048c86f7471fbf0618e0d231fa7541dd9418d64ff50c","ssdeep":"768:CPCxwtplaNaRadYgRqeTQWkqKZuL43dgtYtdgAcnuma73RexkYhHuMK20rXXONeV:mOgjprCe0+0Zd8DesUEB","tlshash":"3313e784b9903067076320f1501f520bb2766a35b54d88a8e364d8f1fcb8e6d56bbf7d","first_seen":"2025-10-07T13:13:54.920876Z","last_seen":"2026-03-29T08:51:51.108952Z","times_seen":8,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/3/7/the-wolfs-call-593347-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/3/7/the-wolfs-call-593347-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EUDDvu9aue6cpATLe6Ax99gdGDm%2BjKV%2BkNODoC053Ai%2FVo1k0ODO6bs%2Bp5s05I19hlt%2BzzEO3NoI89enf0qlFM3cyoj%2FZlR5iOIoesOYSAtcpO5CU%2F%2B039Y%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1930b1c1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7238,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"7c30d7d59431d0580d612b6d306bfc88","sha1":"077ca30aac2b448d68db941908c7a5d12142ac68","sha256":"f7c3cfd6fe25e0c005ee807f31bac9d3c7c6ffed0239d3fc73341e4d36967be1","sha512":"46bfbd32bd233c0cf730b32736c1646d4150cb96c402a8ee65a17632d7c06981ea3886c14cc6bc63aeb00650e39999cc64a794a8d308bf9ea73a35dd7a74f75e","ssdeep":"192:M/AcIHUN7ftxhGvRu+nnPOMyc1sKDwc311yCob5S:UtxKXOnwpl1W5S","tlshash":"cae19e8a536c403ce51c3f1a506eab87d6c74f6ac6f9c850e274e968dfa43cd4034055","first_seen":"2025-10-07T13:13:54.757869Z","last_seen":"2026-03-29T08:51:51.183506Z","times_seen":9,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/js/typeahead.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/themes/wp-movies-theme-1.0.23/assets/js/typeahead.js HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=V5%2Bv3%2FUVtyBR%2FBYLIEflorVof5ZnN%2F6odHfMtr5UxA40kCi8CsbHlg9GaLGNhYa9haJJ9%2BMHrtXFPng%2Bge5pYAvIY8Om%2BFfHTWR78DmAeRN2Ndq%2FAVyenPs%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1943c001a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29275,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2232)","md5":"a99b1e27fd62f49ca5d1cfabd5bfa4b5","sha1":"59be5f7157a8f9fc9f3d4c3618fe4fbab4463110","sha256":"8e74e41d702ff4a4dc55daf3f488a1269ca05a3a6b49c499a052d6fd4fa146ca","sha512":"e4501eb3f8e0439ed9bf146a43563f628f77a6b943609d6cf322a69a0c3a739214db9509d337dddff1629d0ce580aae1ba2e55d4e05766ccdf684ed0d937cc93","ssdeep":"768:9T0WW7nnF+gAvQ3WI8RGUHeS9xAknbkO1:u8RGUHeSdb1","tlshash":"96d2f9a1b5c1642046d79178a5bf020b21b798267485b02cf53799da3e7cf09a1fbf3e","first_seen":"2025-10-07T13:13:54.719664Z","last_seen":"2026-03-29T08:51:51.228838Z","times_seen":11,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/03/d/6/five-feet-apart-584755-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/03/d/6/five-feet-apart-584755-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:06 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vbR7AGX9IYkpELz%2FoCZCnlyYkn19WJVpz0Wi52x7BpKs0YiukksQnGjO3jSsdhxy%2B2EsWbNpqCa%2FYgs2Ysu71bRDaS6kp63oFi8NqmQC1mTrVtNdlFSXQc0%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f19a2d641a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7518,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x221, components 3","md5":"e5de1377c5341da186c8688eae12b1d2","sha1":"d5a8863fba9ea15e906187be262b8b562cf61a2b","sha256":"11cc78e04f0e1b3cce34fa5a1f1f53cffd21555778b6bfeb8a49bc8d9deb144e","sha512":"4b878e3ccbdcd3c8d96d54903a601fd337e9b313ec49104dcbb633de8684b52226eb7143104d2c71a08ba97273ffa59de80c2bd11694f9818b0ae09a79f67fe0","ssdeep":"192:60uML3SBrlJQnrk/h9B6TZCkSDJWYAjsimnLp:nL3WQaAwREjsJV","tlshash":"fdf1af0f4f06d80bd8792d3965e96de12b722d052528d0f931ba9f30360a2ed0d577b1","first_seen":"2025-10-07T13:13:54.739982Z","last_seen":"2026-03-29T08:51:51.180956Z","times_seen":8,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"52.57.8.161","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:06 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://streamdreams.dirproxy.dev\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=ce3230e3-9dd0-4a33-86cc-15ebf398c827:3:1; expires=Sat, 06 Oct 2035 10:27:06 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"86dd25305988ad3844bb030f8d0c2528","sha1":"e6b014fa19bcdcbda25d11a634b94fb2a5565774","sha256":"f654dc88fb725263e424fefbd98dcec002347686939e7ac239c1734e286c90d2","sha512":"6de9cfa75bd795c724eb5c5258ceb70dcdda262c593e83793d73e3f8ec23c448cc243d97de27c5cfd0c8a59ed897b1dd1e2f85332c832a28a1f9dd3d7f1f05d8","ssdeep":"","tlshash":"8e9004d143014c0433cc1d4f45411710c375450150f30fc750337774017300d0570735","first_seen":"2025-10-08T10:27:40.298418Z","last_seen":"2025-10-08T10:27:40.298418Z","times_seen":1,"resource_available":false,"data":null}},"time_used":494,"timings":{"blocked":201,"dns":34,"connect":21,"send":0,"wait":21,"receive":0,"ssl":213},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/3/c/revenge-is-a-promise-593453-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/3/c/revenge-is-a-promise-593453-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6AgR1BuxwDnStDI40ZlxohPFbpZ0O7tyk5tGGlA7Qr%2BdQNsaN%2BpMxYMbkpcT%2FTv0Okex1YoVWA2FIOlw1VIGn6QHnKv3mllT%2BQdGEjeaaamXUkcKgQR8fHQ%3D\"}]}\r\ncf-cache-status: BYPASS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1936b651a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":206,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"47e655a40d6414e2e20fb7200ebbb7d5","sha1":"f44ae996e01976eae4466ad0f261fa20ee051631","sha256":"09362f9ae36eee33a1f619f0af1a68d29d7d57d85fe34fc766566c8625c306d3","sha512":"e847ff20884dcd3ceb57028993d9263f98191a241d8f308aa01f080b6a243e84a56b8104834c78e6092010610ab53e9ab8e42989326a78e281bbbffa122e4b8e","ssdeep":"","tlshash":"9bd012e739413d6dd4e3717d28836a98f29595dc10f8651045e11f6332cb2966bc3b13","first_seen":"2023-09-14T05:49:03Z","last_seen":"2026-06-10T02:02:14.288053Z","times_seen":792,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":160,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"msdoj.com/hit","fqdn":"msdoj.com","domain":"msdoj.com","tld":"com"},"ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"msdoj.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 00:32:12 GMT","end":"Fri, 28 Nov 2025 00:32:11 GMT"},"fingerprint":{"sha1":"A8:56:C4:4B:26:AD:D5:72:31:67:E8:75:28:D7:6C:F5:D6:A1:E2:B5","sha256":"65:DA:95:54:55:5B:C8:18:65:43:99:33:52:5B:EF:99:EF:5E:0F:AC:FB:6E:F7:6A:27:0B:3B:6A:69:3C:78:C7"}}},"request":{"raw":"POST /hit HTTP/1.1\r\nHost: msdoj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: multipart/form-data; boundary=---------------------------17725005513544833924146979293\r\nContent-Length: 1190\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 08 Oct 2025 10:27:06 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 2\r\nConnection: keep-alive\r\nCache-Control: no-store, max-age=0\r\nAccept-Ch: Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nSet-Cookie: av_sw_hit=1; expires=Thu, 09 Oct 2025 10:27:06 GMT; secure; SameSite=None\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-06-11T01:55:37.935758Z","times_seen":321554,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/ren.gif?sid=H4sIAAAAAAAC_1RSQWgkRRutTvb2_yDq4k2Ywx4UzKRnumcy7Qph424kGpOQjQTxVF1VPSnT3dVWdU9PZi_BgO7N8SB4s_Mm2aAG0asgLBMPSlCwBTGHzUXw4kUQFrwYmclA8B2-7xWvDu973_fefnZOHGT0bO111ZNhSGcbVbvy3KaMucpNZWWjUrOr9s3Kpoyb7s1Kd1R058Wa41bt5yuvCLatZut2zbZrdq2yKLUIVHd2rEImx16t6tlVt16tNVx09X_fJrNgqAXeOSdPQfLyid-CtyDZEHH05W1htlOVvHAnykKaKo0OP3oj3o5VHiO6ooG2EMRHk99QpiTk4ymo-GgyAVTnYDQBfFmSqWcewY-PJjbhdw4vnfohRAyf_w95ZwgRDiHpEEztQfKfCMA4VlYRRw9WlM7pzqVKR2pJrj3-CzIvybVH1xFHXyyEslu5q8IslSo26AYFZHcI2R4iyU6Q9qYg8xOw9F1I_iOZfbyMODpYNaGC5Gc3mHDqji2cGY9ze8aljjPTajI2U2sIP3C8FmvV58YRyWAIaqaRGQuZtJAFFrLEQsTPKq7dclmNOs3A42zOdqnrcuHbXqtu29Rjc8jYyHsfadIHC_tgeheJ3sW27ENnD2G2ChhuwaQEHV4gFwS5IcgpQS4J8pQg7xSHPDR1Uzzgocn82qTXJ90pBipt79NDlbZFTEB1H5oXBzJ5x-yBpdODXmD4QI0K9dNiQH1e7Cfn5MlRrNab_xhsi7MKtZ2673LHYS0qaLNF3cDzW27daTRrrh8EMLKANFOgxkJPlmSu_B6JLAn54Ff49AQmPAGT06DZs6B5AbpVoBcfc6kTrbo7VaYicFUgSa8h3bH2w3Py9GB9Y-HheLu3_v4Igp3O_xKMAaYLJLrA2_JbgnZ4f7CucnKwrnJDvlpNUhnJHh1t_m5KUzH92WtiJ1eaL902_U9vsZEwoscbwqTLNOYybhvy-YLkXOhFpZkg3yyZTeGvZWZrIdNxliyvvby4FCVaGCNVPASVJbHu_QAmS_L_V--Mr_rG0vtgyS5McuXTKAI_sRDKkjjXv0MoTuc_-fPrPy4uLkD9AkackgngX_F9cx9tbYGme4ijAh1doBMWoGEfJpsepIk-nf_ZGQN-aA38UFsHfqjDDy-zMvKs0qj7TrPVaoqgyQOHO3WHew1beC71mq7nNpCacuv3l-79GwAA___vZWnbfAQAAA==","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:07.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 21:51:40 GMT","end":"Thu, 01 Jan 2026 21:51:39 GMT"},"fingerprint":{"sha1":"AC:0E:0A:1C:AA:E5:DB:3D:5E:08:F6:26:F1:1D:98:65:42:D8:4F:97","sha256":"24:D8:C8:0C:EB:CB:B6:51:7E:D6:F0:16:2A:4D:4C:93:AF:30:D4:E9:B0:FF:9D:5C:C7:9E:8F:A5:CE:E2:1A:E1"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSQWgkRRutTvb2_yDq4k2Ywx4UzKRnumcy7Qph424kGpOQjQTxVF1VPSnT3dVWdU9PZi_BgO7N8SB4s_Mm2aAG0asgLBMPSlCwBTGHzUXw4kUQFrwYmclA8B2-7xWvDu973_fefnZOHGT0bO111ZNhSGcbVbvy3KaMucpNZWWjUrOr9s3Kpoyb7s1Kd1R058Wa41bt5yuvCLatZut2zbZrdq2yKLUIVHd2rEImx16t6tlVt16tNVx09X_fJrNgqAXeOSdPQfLyid-CtyDZEHH05W1htlOVvHAnykKaKo0OP3oj3o5VHiO6ooG2EMRHk99QpiTk4ymo-GgyAVTnYDQBfFmSqWcewY-PJjbhdw4vnfohRAyf_w95ZwgRDiHpEEztQfKfCMA4VlYRRw9WlM7pzqVKR2pJrj3-CzIvybVH1xFHXyyEslu5q8IslSo26AYFZHcI2R4iyU6Q9qYg8xOw9F1I_iOZfbyMODpYNaGC5Gc3mHDqji2cGY9ze8aljjPTajI2U2sIP3C8FmvV58YRyWAIaqaRGQuZtJAFFrLEQsTPKq7dclmNOs3A42zOdqnrcuHbXqtu29Rjc8jYyHsfadIHC_tgeheJ3sW27ENnD2G2ChhuwaQEHV4gFwS5IcgpQS4J8pQg7xSHPDR1Uzzgocn82qTXJ90pBipt79NDlbZFTEB1H5oXBzJ5x-yBpdODXmD4QI0K9dNiQH1e7Cfn5MlRrNab_xhsi7MKtZ2673LHYS0qaLNF3cDzW27daTRrrh8EMLKANFOgxkJPlmSu_B6JLAn54Ff49AQmPAGT06DZs6B5AbpVoBcfc6kTrbo7VaYicFUgSa8h3bH2w3Py9GB9Y-HheLu3_v4Igp3O_xKMAaYLJLrA2_JbgnZ4f7CucnKwrnJDvlpNUhnJHh1t_m5KUzH92WtiJ1eaL902_U9vsZEwoscbwqTLNOYybhvy-YLkXOhFpZkg3yyZTeGvZWZrIdNxliyvvby4FCVaGCNVPASVJbHu_QAmS_L_V--Mr_rG0vtgyS5McuXTKAI_sRDKkjjXv0MoTuc_-fPrPy4uLkD9AkackgngX_F9cx9tbYGme4ijAh1doBMWoGEfJpsepIk-nf_ZGQN-aA38UFsHfqjDDy-zMvKs0qj7TrPVaoqgyQOHO3WHew1beC71mq7nNpCacuv3l-79GwAA___vZWnbfAQAAA== HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nCookie: uid_id2=ce3230e3-9dd0-4a33-86cc-15ebf398c827:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl15816950=1; sleca286902791a7f4c98bcb1e812322cd78=[6220621]; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[4323733]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 08 Oct 2025 10:27:07 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e19319c47ca5b8d5337e405547de2d11\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.gravatar.com/avatar/6ed4e73989ed993b16fe795fbee65271?s=14\u0026d=wavatar\u0026forcedefault=1","fqdn":"secure.gravatar.com","domain":"gravatar.com","tld":"com"},"ip":{"addr":"192.0.73.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gravatar.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Wed, 13 Aug 2025 19:44:00 GMT","end":"Tue, 11 Nov 2025 19:43:59 GMT"},"fingerprint":{"sha1":"74:C6:11:97:72:6C:AD:3D:C4:B8:07:B9:71:B0:52:7D:5C:EB:20:23","sha256":"0C:AA:22:E1:81:4D:7A:6C:A4:5D:C6:37:89:F7:40:15:1A:3C:86:FB:89:C4:F0:EB:1A:74:4B:32:C1:CD:2E:A0"}}},"request":{"raw":"GET /avatar/6ed4e73989ed993b16fe795fbee65271?s=14\u0026d=wavatar\u0026forcedefault=1 HTTP/1.1\r\nHost: secure.gravatar.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 10:27:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 554\r\nlast-modified: Wed, 11 Jan 1984 08:00:00 GMT\r\nlink: \u003chttps://gravatar.com/avatar/6ed4e73989ed993b16fe795fbee65271?s=14\u0026d=wavatar\u0026forcedefault=1\u003e; rel=\"canonical\"\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nexpires: Wed, 08 Oct 2025 10:32:08 GMT\r\ncache-control: max-age=300\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: HIT arn 4\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=HIT;dur=0.0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":554,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 14 x 14, 8-bit/color RGB, non-interlaced","md5":"911745414021d3a7551d19451f8b5c2b","sha1":"86a9ed0dc5ba881128e81612e40d4319dfdfa69a","sha256":"7bd46a2df53716d275cf8f861820e43347be79b93a06acb067df1056680ead33","sha512":"675d24ae769150e4585979e04cafd346a922087db6bc0cdd43beadb57c5521216af866964d3c8c8d342a83b40b6e79f172fa9876f6f664e767aeb864e9d2441c","ssdeep":"","tlshash":"4df020934083bff1f90e052bba0902dcaafcc38e0ea00f18635294e20750586f9e368d","first_seen":"2025-10-07T13:13:54.860312Z","last_seen":"2026-03-29T08:51:51.251053Z","times_seen":9,"resource_available":false,"data":null}},"time_used":322,"timings":{"blocked":58,"dns":195,"connect":10,"send":0,"wait":8,"receive":0,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2018/12/1/b/the-oath-576435-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2018/12/1/b/the-oath-576435-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TRuOZpYdUj5AlTq8jHljYwU0y%2BWTpemEPc1HhttDR0E4jp6RUHmB4OiF3LB0noRws%2BzOfCegA1mFOyUGg9e1BbiRMizSxL2ubt8Ogvz2T62dTN12Zkl9l%2BU%3D\"}]}\r\ncf-cache-status: BYPASS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1935b5e1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":206,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"47e655a40d6414e2e20fb7200ebbb7d5","sha1":"f44ae996e01976eae4466ad0f261fa20ee051631","sha256":"09362f9ae36eee33a1f619f0af1a68d29d7d57d85fe34fc766566c8625c306d3","sha512":"e847ff20884dcd3ceb57028993d9263f98191a241d8f308aa01f080b6a243e84a56b8104834c78e6092010610ab53e9ab8e42989326a78e281bbbffa122e4b8e","ssdeep":"","tlshash":"9bd012e739413d6dd4e3717d28836a98f29595dc10f8651045e11f6332cb2966bc3b13","first_seen":"2023-09-14T05:49:03Z","last_seen":"2026-06-10T02:02:14.288053Z","times_seen":792,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 21:51:40 GMT","end":"Thu, 01 Jan 2026 21:51:39 GMT"},"fingerprint":{"sha1":"AC:0E:0A:1C:AA:E5:DB:3D:5E:08:F6:26:F1:1D:98:65:42:D8:4F:97","sha256":"24:D8:C8:0C:EB:CB:B6:51:7E:D6:F0:16:2A:4D:4C:93:AF:30:D4:E9:B0:FF:9D:5C:C7:9E:8F:A5:CE:E2:1A:E1"}}},"request":{"raw":"GET /a2/86/90/a286902791a7f4c98bcb1e812322cd78.js HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 08 Oct 2025 10:27:05 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 29977\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3b24149a30d038736b60884362b44750\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":76528,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d2bebd9ff920c750a90bfe2a7a767c49","sha1":"89e4b89640a7b9c553d8305e82dff2f19d5992c9","sha256":"f84724bf1a79096b7cc6fa8be3c98fade46761ac70ac2286155aacc6182f51d3","sha512":"fe10c19f1bbd2049eed0bf1bd2001b565fae4fd49f1e7b5701b4098c9b5f6f77ef0a41511ab81bd103827ee201350ff7d1a092c811635ccbc73ef043f99f7622","ssdeep":"1536:ic4Bys1/N5gpvcZFr372CvGJWH1EaTmj2wW/J:gmvcLhGJWH1ECmaF","tlshash":"3573d9883f96b0a403a2b4b3261fd50ee53a4d52648cf4dcda1794d8ed6cf1bfa39914","first_seen":"2025-10-08T08:36:23.112149Z","last_seen":"2025-10-11T19:15:02.429379Z","times_seen":12,"resource_available":true,"data":null}},"time_used":627,"timings":{"blocked":95,"dns":53,"connect":94,"send":0,"wait":100,"receive":93,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2018/06/avatar1528170635.png","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2018/06/avatar1528170635.png HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qAXRATeLmdFuZX6%2FNG9Cc88rGsxHaSgsOY3GWqQw0ZfYZiNzz%2FLy2rJKwKaKbOmeuLdDWhzf6X5bCfNT23M2NTAFKM1%2Fkioe%2B3L6RIPQHPE%2FkEYnLlnR0lQ%3D\"}]}\r\ncf-cache-status: BYPASS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f193dbdf1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":206,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"47e655a40d6414e2e20fb7200ebbb7d5","sha1":"f44ae996e01976eae4466ad0f261fa20ee051631","sha256":"09362f9ae36eee33a1f619f0af1a68d29d7d57d85fe34fc766566c8625c306d3","sha512":"e847ff20884dcd3ceb57028993d9263f98191a241d8f308aa01f080b6a243e84a56b8104834c78e6092010610ab53e9ab8e42989326a78e281bbbffa122e4b8e","ssdeep":"","tlshash":"9bd012e739413d6dd4e3717d28836a98f29595dc10f8651045e11f6332cb2966bc3b13","first_seen":"2023-09-14T05:49:03Z","last_seen":"2026-06-10T02:02:14.288053Z","times_seen":792,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vmuid.com/uid/send","fqdn":"vmuid.com","domain":"vmuid.com","tld":"com"},"ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"vmuid.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Sep 2025 01:59:37 GMT","end":"Mon, 15 Dec 2025 01:59:36 GMT"},"fingerprint":{"sha1":"84:BD:C5:EF:9D:1D:34:8C:A0:22:2D:D2:FB:A2:D3:F5:74:5F:7A:90","sha256":"30:7E:44:EB:16:94:91:A3:8A:D6:C1:32:D3:2D:D0:B9:A7:40:77:14:44:AB:8F:B5:EE:45:E6:8B:43:50:B5:55"}}},"request":{"raw":"POST /uid/send HTTP/1.1\r\nHost: vmuid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://streamdreams.dirproxy.dev/\r\nContent-Type: multipart/form-data; boundary=---------------------------43051906215673354131226300350\r\nContent-Length: 320\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 08 Oct 2025 10:27:06 GMT\r\nContent-Type: application/json\r\nContent-Length: 65\r\nConnection: keep-alive\r\nCache-Control: no-store, max-age=0\r\nAccept-Ch: Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version\r\nAccess-Control-Allow-Origin: https://streamdreams.dirproxy.dev\r\nAccess-Control-Allow-Headers: X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, set-cookie, Cookie\r\nAccess-Control-Allow-Credentials: true\r\nSet-Cookie: guid=1314da31-6fd7-4a5a-bb61-487f8e504d62; expires=Wed, 31 Dec 2025 00:00:00 GMT; domain=vmuid.com; path=/; secure; SameSite=None\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"340cd0c1f3e5fa5d7b9314696731d3d3","sha1":"90c144ad19eec0d6bf8ead9669019eed1c39bc4e","sha256":"d322b0218f1679a1c0ced6aba3de719e2d499b128b5ec577d902d2f551b8a508","sha512":"cab5f220987136ebfc113e20a27d14b00a06449a53cc9554632193cc76248610abc1bf3e4da538adffabb968016318fbdca08637bfa2cc41f62b0513ba2e8e32","ssdeep":"","tlshash":"3da0025a529054739fe6b440547daa06345184448874e57d544a5415a91b78d3593264","first_seen":"2025-10-08T10:27:40.301818Z","last_seen":"2025-10-08T10:27:40.301818Z","times_seen":1,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"vmuid.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/ren.gif?sid=H4sIAAAAAAAC_1RSQWgkRRutzubwwx5-1OBBEOaoIJOe6Z7JjCsEY4wEs0nMRqIIQnVX9aRMdVdb1T09GS_BgCx4cLx5s_Mm2bAaRK-CuE48uAwI28JiDpuLoIe9LAh7EYzMZEB8UN_3Fa8O772vPjpIz4mDlJ6tX1ddISWdrZXt0nNbImIqM6XVzVLFLtvXSlsiqrvXSp1R0e0XK45btp8vvcb9HTVbtSu2XbErpSWheaA6s2MWIj5pVspNu-xWy5Wai47-792kFgy1wNrn5EkIVvz_t-AdCH-AKPx6kZudRMUvvBqmkiZKo82O34x2IpVFCP8dA20hiI4nr6FMQchnU1DR8cQBVPtw5ACeKMjU0w_gRccTmfDaR5dKPQkewWNXkbUH4HIAQQfw1T4Eu0cAn2F1DVF4a1XpjO5esnTEFmT68Z8QWUGmH8wgCr9akKJTuqFkmggVGXSCHKIzgGgNEKenSLpTENkp_ORDCPYzmX28gig8XDNSQbB87F4EA1BjIR0dYSENLKSxhZCdlVy74foV6tSDJvPnbJe6LuOe3WxUbZs2_Tmk_khWD0ncgy978PUeYr2HHdGDTu_AbOcwzIJJCmK9sYc2y5FxgswQZJQgEwRZQpC18yMmTdXkt5g0qVeZ9OqkO3lfJa0DeqSSFo8IqO5Bs_xQxO-bffjJlX43MKyvRoV6Sd6nHssP4nPyxCg16-2_DXb4WYnaTtVzmeP4DcppvUHdoOk13KpTq1dcLwhgRA5hpsaBdEVB5oq7iEVByCe_wqOnMPIUvrgCmj4LmuWg2zm60QkTOtaqs1v2VQimcsTJNJJd60Cek6f6G5sLd8bLe_fhdXB_SCaAr3PEOsd74keClrzZ31AZOdxQmSHfrMWJCEWXjhZ7I6EJt754ne9mSrPlRdO7_bI_IkbjySY3yQqNmIhahny5IBjjeklpn5Pvls0W99ZTs72Q6iiNV9ZfWVoOY82NESoagIqCXP3fW_BFQWaeuTv-tLX79-DHezDxcP5-MAaMIvBiC1IUxJn5CZIP5z9_9O3Di4sLUC-H4cP5H27_9Yf8eBEeH37_6NLfgbmJlrZAk31EYY62ztGWOajswaRX-kmsh_O_OGPAk1bfk9o69KSWn15mZcRZqVb1nHqjUedBnQUOc6oOa9Zs3nRps-423RoSU2z__tIH_wQAAP__ghXlrVsEAAA=","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:07.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"directlycascade.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Sep 2025 11:12:27 GMT","end":"Tue, 09 Dec 2025 11:12:26 GMT"},"fingerprint":{"sha1":"76:17:4A:20:73:64:94:52:3B:6A:50:E2:7C:F7:F5:73:52:38:47:A4","sha256":"66:CD:95:7F:5E:D7:56:27:7A:6F:3B:80:CB:84:DC:89:A0:F0:BB:44:49:55:B4:81:76:24:2E:38:E3:FC:78:29"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSQWgkRRutzubwwx5-1OBBEOaoIJOe6Z7JjCsEY4wEs0nMRqIIQnVX9aRMdVdb1T09GS_BgCx4cLx5s_Mm2bAaRK-CuE48uAwI28JiDpuLoIe9LAh7EYzMZEB8UN_3Fa8O772vPjpIz4mDlJ6tX1ddISWdrZXt0nNbImIqM6XVzVLFLtvXSlsiqrvXSp1R0e0XK45btp8vvcb9HTVbtSu2XbErpSWheaA6s2MWIj5pVspNu-xWy5Wai47-792kFgy1wNrn5EkIVvz_t-AdCH-AKPx6kZudRMUvvBqmkiZKo82O34x2IpVFCP8dA20hiI4nr6FMQchnU1DR8cQBVPtw5ACeKMjU0w_gRccTmfDaR5dKPQkewWNXkbUH4HIAQQfw1T4Eu0cAn2F1DVF4a1XpjO5esnTEFmT68Z8QWUGmH8wgCr9akKJTuqFkmggVGXSCHKIzgGgNEKenSLpTENkp_ORDCPYzmX28gig8XDNSQbB87F4EA1BjIR0dYSENLKSxhZCdlVy74foV6tSDJvPnbJe6LuOe3WxUbZs2_Tmk_khWD0ncgy978PUeYr2HHdGDTu_AbOcwzIJJCmK9sYc2y5FxgswQZJQgEwRZQpC18yMmTdXkt5g0qVeZ9OqkO3lfJa0DeqSSFo8IqO5Bs_xQxO-bffjJlX43MKyvRoV6Sd6nHssP4nPyxCg16-2_DXb4WYnaTtVzmeP4DcppvUHdoOk13KpTq1dcLwhgRA5hpsaBdEVB5oq7iEVByCe_wqOnMPIUvrgCmj4LmuWg2zm60QkTOtaqs1v2VQimcsTJNJJd60Cek6f6G5sLd8bLe_fhdXB_SCaAr3PEOsd74keClrzZ31AZOdxQmSHfrMWJCEWXjhZ7I6EJt754ne9mSrPlRdO7_bI_IkbjySY3yQqNmIhahny5IBjjeklpn5Pvls0W99ZTs72Q6iiNV9ZfWVoOY82NESoagIqCXP3fW_BFQWaeuTv-tLX79-DHezDxcP5-MAaMIvBiC1IUxJn5CZIP5z9_9O3Di4sLUC-H4cP5H27_9Yf8eBEeH37_6NLfgbmJlrZAk31EYY62ztGWOajswaRX-kmsh_O_OGPAk1bfk9o69KSWn15mZcRZqVb1nHqjUedBnQUOc6oOa9Zs3nRps-423RoSU2z__tIH_wQAAP__ghXlrVsEAAA= HTTP/1.1\r\nHost: directlycascade.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[6220621]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 08 Oct 2025 10:27:07 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: directlycascade.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 83992fa106b1031e98a836204086b25a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/3d/81/bb/3d81bb97268ef5728376a4b8c41e5769/1680149067.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/3d/81/bb/3d81bb97268ef5728376a4b8c41e5769/1680149067.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 70486\r\nserver: nginx/1.21.6\r\nlast-modified: Thu, 30 Mar 2023 04:04:36 GMT\r\netag: \"64250a54-11356\"\r\nexpires: Fri, 10 Oct 2025 10:27:08 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70486,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"5b12f832c47768efe99140878896a06e","sha1":"e4ad174888c105b49055b901cf85ea28fdf08718","sha256":"cd602fed63cebb83565961dae66555978c2e1927388e50c7fb2ee0bb70939fb0","sha512":"7cae7180c69b456dd973f5430e88eca4b0fcf150c999bf14d44601906a320290bb494ee6330a8d33dc0b2ee295dc335eda1e1c6a2a394a31abca690667be1196","ssdeep":"1536:ZF2THgeV1DYIau/86djX5X01YjA/K9NF+Hp8CB2fRHCr:ZF2zgeov8dLC1Di9uJXYfA","tlshash":"9563026fd9fc60573afb58489928afcbd87e91578710d304e164868d008f9cef21b792","first_seen":"2023-06-24T15:48:47Z","last_seen":"2026-06-10T12:47:42.291648Z","times_seen":1122,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":81,"dns":2,"connect":19,"send":0,"wait":28,"receive":26,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/notifications/ios/new/2/img/close.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/notifications/ios/new/2/img/close.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 605\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:44 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"65aa8500-25d\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 170618\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fcYXlBd9vs2HyuDX6XT8Q5GG33sk8vAH%2BV1FU%2Fe5OWwEmOAu5mpaWOmK2wDQcvtREjhCZ90%2BgFUtR1kM9jAVoAH6%2BvRolXAJNOwyrJZ47rM%3D\"}]}\r\ncf-ray: 98b4f1ac1f71c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":605,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit colormap, non-interlaced","md5":"7df5ce0a180f652c8822f0f6eb983503","sha1":"78a2d0ad98add3f7965e67b3189523f5b0143f2b","sha256":"d9180fc43276f3bb0afce5337ec25b4bf9ac07b896f481b212cb5c6853df8dae","sha512":"8c693de3bceb11225af1ec4a53e1eb8c14e51067fd61906036e9d8101e7d9e48aa7f41cf20fb306d5137e828927dc270c17bf904f67ddd2bf0921946a29ea452","ssdeep":"","tlshash":"91f09e537d0e39ade5719136b8c50059eb84bf10c1711b629c7866513a6b8a0b188a04","first_seen":"2024-09-30T19:08:45Z","last_seen":"2026-01-26T14:24:17.940122Z","times_seen":90,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.016Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"F3:C7:68:20:2E:52:7F:61:4B:43:46:72:CB:A9:29:91:40:A0:5A:96","sha256":"1A:0B:E2:45:70:7A:DB:88:E8:4C:4E:DF:ED:F5:08:2F:2B:2A:CA:33:09:72:DC:80:8B:D2:7B:C6:48:3D:CA:D1"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Oct 2025 12:56:02 GMT\r\nexpires: Fri, 02 Oct 2026 12:56:02 GMT\r\ncache-control: public, max-age=31536000\r\nage: 509464\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-06-11T01:56:42.938524Z","times_seen":877123,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":144,"dns":0,"connect":9,"send":0,"wait":8,"receive":8,"ssl":144},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/impr.gif?sid=H4sIAAAAAAAC_1SST2gkxRfHq7N7-MEefqiLB0EYxIOCmfS_zB9XWIzryuJuErKRLAhCdVX1pJyarraqe3oyeggGZG_O3jx2vpNsUIPowaO4TLxIQNgRxBw2F8GLCIqQs8xkIPgO772qbx0-71vvk938lATI6cnqHd2XStGFxapbeWlDJlwXtrK8XvHcqnutsiGTWnit0psk033VC8Kq-3LlLcHaesF3Pdf1XK9yUxoR697CVIVMD5tetelWQ7_qLYbomf-ebe7AUge8e0qehuTj__8WvwvJRkg6X98Qtp3p9JU3O7mimTbo8oN3knaiiwSdizY2DuLkYPYa2o4J-WwOOjmYTQDd3ZtMgEiOydyzTxAlBzNMRN39c9JIQSSI-BUU3RGEGkHSEZjegeSPCcA4lleQdB4ua1PQrXOVTtQxuXz2D2QxJpefXEXS-WpJyV7lrlZ5JnVi0YtLyN4IsjVCmh8h689BFkdg2ceQ_CeycHYbSWdvxSoNyU9e5K7wAx7QeebV4vmw5sXzTd_j81Ecey6t0aaoialFMh6B2kvIrYNcOshjB3nqoMNPKqHbCJlHg1rc5KzuhjQMuYjcZsN3XdpkdeRswj5Alg7A1ADMbCM122jLAUz-CHazhOUObEbQ5SUKQVBYgoISFJKgyAiKbrnPlfVt-ZArm0ferPqzGpRDnbV26b7OWiIhoGYAw8s9mX5gd8CyS8N-bPlQTxKNsnJII17upqfkqamtf987Q1ucVKjfqDVdv970aD0OWbMRscgTDc8PfJ_xegNWlpB2DtQ66MsxccpTpHJMyKe_IqJHsOoITL4Amj8PWpSgmyX6yWGeREqztuBVycF1iTS7jGzL2VWn5Jnh2vrSoynGe3_cgWDHZBZgpkRqSrwvfyBoqfvDNV2QvTVdWPLNSprJjuzTyc_fzWgmnC_eFluFNvzWDTv4_HU2ESbt4bqw2W2acJm0LPlySXIuzE1tmCDf3bIbIlrN7eZSbpI8vb36xs1bndQIa6VORqByTK787x6YHJOrz_043erFXx6Dpduw6QWn1QRR6kBJAiUu7mlUworj699e_-jPB5sWkTj-_q9zbdfeR8s4oNkOkk6JrinRVSWoGsDml4ZZao6v_xxMA5FyhpEyzl6kjHpw7pOVJ5U4ED5z3Ua95gWNWHhByFm82AibvEbdIBDI7Hjz99c-_DcAAP__JLYkv3gEAAA=","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:09.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 21:51:40 GMT","end":"Thu, 01 Jan 2026 21:51:39 GMT"},"fingerprint":{"sha1":"AC:0E:0A:1C:AA:E5:DB:3D:5E:08:F6:26:F1:1D:98:65:42:D8:4F:97","sha256":"24:D8:C8:0C:EB:CB:B6:51:7E:D6:F0:16:2A:4D:4C:93:AF:30:D4:E9:B0:FF:9D:5C:C7:9E:8F:A5:CE:E2:1A:E1"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1SST2gkxRfHq7N7-MEefqiLB0EYxIOCmfS_zB9XWIzryuJuErKRLAhCdVX1pJyarraqe3oyeggGZG_O3jx2vpNsUIPowaO4TLxIQNgRxBw2F8GLCIqQs8xkIPgO772qbx0-71vvk938lATI6cnqHd2XStGFxapbeWlDJlwXtrK8XvHcqnutsiGTWnit0psk033VC8Kq-3LlLcHaesF3Pdf1XK9yUxoR697CVIVMD5tetelWQ7_qLYbomf-ebe7AUge8e0qehuTj__8WvwvJRkg6X98Qtp3p9JU3O7mimTbo8oN3knaiiwSdizY2DuLkYPYa2o4J-WwOOjmYTQDd3ZtMgEiOydyzTxAlBzNMRN39c9JIQSSI-BUU3RGEGkHSEZjegeSPCcA4lleQdB4ua1PQrXOVTtQxuXz2D2QxJpefXEXS-WpJyV7lrlZ5JnVi0YtLyN4IsjVCmh8h689BFkdg2ceQ_CeycHYbSWdvxSoNyU9e5K7wAx7QeebV4vmw5sXzTd_j81Ecey6t0aaoialFMh6B2kvIrYNcOshjB3nqoMNPKqHbCJlHg1rc5KzuhjQMuYjcZsN3XdpkdeRswj5Alg7A1ADMbCM122jLAUz-CHazhOUObEbQ5SUKQVBYgoISFJKgyAiKbrnPlfVt-ZArm0ferPqzGpRDnbV26b7OWiIhoGYAw8s9mX5gd8CyS8N-bPlQTxKNsnJII17upqfkqamtf987Q1ucVKjfqDVdv970aD0OWbMRscgTDc8PfJ_xegNWlpB2DtQ66MsxccpTpHJMyKe_IqJHsOoITL4Amj8PWpSgmyX6yWGeREqztuBVycF1iTS7jGzL2VWn5Jnh2vrSoynGe3_cgWDHZBZgpkRqSrwvfyBoqfvDNV2QvTVdWPLNSprJjuzTyc_fzWgmnC_eFluFNvzWDTv4_HU2ESbt4bqw2W2acJm0LPlySXIuzE1tmCDf3bIbIlrN7eZSbpI8vb36xs1bndQIa6VORqByTK787x6YHJOrz_043erFXx6Dpduw6QWn1QRR6kBJAiUu7mlUworj699e_-jPB5sWkTj-_q9zbdfeR8s4oNkOkk6JrinRVSWoGsDml4ZZao6v_xxMA5FyhpEyzl6kjHpw7pOVJ5U4ED5z3Ua95gWNWHhByFm82AibvEbdIBDI7Hjz99c-_DcAAP__JLYkv3gEAAA= HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nCookie: uid_id2=ce3230e3-9dd0-4a33-86cc-15ebf398c827:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl15816950=1; sleca286902791a7f4c98bcb1e812322cd78=[6220621]; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[4323733]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 08 Oct 2025 10:27:09 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nSet-Cookie: iprc_l+a9b03995509d8f6b18fc86ab6b9a7bc6=6220621; expires=Thu, 09 Oct 2025 10:27:09 GMT; path=/; secure; SameSite=None\niprc_l:6220621=1; expires=Thu, 09 Oct 2025 10:27:09 GMT; path=/; secure; SameSite=None\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: df145c09c80ca2299da738c054769a4f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/c/6/anna-593551-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.943Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/c/6/anna-593551-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5C%2BrPTCnoLYw69wCfMR2HvP9J0D3FENLHVQClIZUbXqFMhh%2F9vFmX2wEght%2F82kW7K54YX0mWJ2OVCt372XhwXs1TMyoReo0bUjov%2FrOSCKgv3HdtpxFexs%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1930b1b1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8250,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"560fceeecfd7d0fa5917bc9d69014b2c","sha1":"b33a7e606026717f12bc7c688b31c95ce3417ae7","sha256":"07490b714ba67a4012508c7761e523e555a74e8f084fd5b89fe0b7e5ce293f02","sha512":"1b7e43cd490bc1467e008bb210c9e4b538df3532005948ff9f86206ff8fc00dc6a10c91ebe30d545d41500cb80abdcf6e31bde7d96fe1f89c4d982dcd7ae17e5","ssdeep":"192:MN0DmBHt3x7wz9AiQ5IP7AVbPeP7mkvny/nXFCKzkWt3gdfcgrZQ9bss:8BN3aIIPUWTw/XFCKF+fcmZI","tlshash":"ed029f954e359b04f3f52f7858cd86d21a886b843d20e083cef7e17b70191e757d618a","first_seen":"2025-10-07T13:13:54.995625Z","last_seen":"2026-03-29T08:51:51.172718Z","times_seen":9,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/bootstrap-3.3.5/css/bootstrap-override.css","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/themes/wp-movies-theme-1.0.23/assets/bootstrap-3.3.5/css/bootstrap-override.css HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1gh43oj0a4gxVNFssGw2k9svnEEYWn4KC6pLoXjlGKeZaPVuaObLOLsvN%2Fx5aFvu1I60SrfF4RGBMs%2B6rxJJTkjjbkF6tbHYoCoP2d8g48sTBWmovOI98kY%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1926a8f1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1194,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (1194), with no line terminators","md5":"d6194ce3614d75b976f817712c774881","sha1":"c15d0d754b397654197662625f994cc5dc6a3b2f","sha256":"8058940abced6bbec734207b26784f83cd4616b88feed4d6ad99863e34b5cda1","sha512":"6d2a2374c5b9d772bf0645f50b231b24cc8335ecc0f129a0e908ed1183a5b48437e16e503f097ccb8a554f4d8b1e074e1522ffc38b895f43c443a32a5bc1c5db","ssdeep":"","tlshash":"0921246512ed37aa41334558999b7775c218d1105b460dd5ae00963c0acb08a2cb3e68","first_seen":"2025-10-07T13:13:54.853928Z","last_seen":"2026-03-29T08:51:51.11639Z","times_seen":11,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/better-recent-comments/assets/css/better-recent-comments.min.css?ver=5.2.2","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/better-recent-comments/assets/css/better-recent-comments.min.css?ver=5.2.2 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZQz8Y1C5ZYHQo%2FZFj6FxEsKZtL4qJZ0TtybdgE%2Fic2DnSC58DdyQl0REq60CVWIOgkd9ONRUK%2F6CAQVRQub32o2dPeBzsGtdn6tV2qLDcvM6w01i6uVk244%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1927a991a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1088,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (1009)","md5":"a5744d30b97e79948b06636d7c1cfa62","sha1":"a9716e1c338f41d4e4a125e68a6eff2e1e4f41d0","sha256":"53c4d6f90f7d50b8abccb43b65f362f3128e641e8cf40bbf58050babda8158d5","sha512":"e8e0558a2c5b14c787bbcbc616c0a6274d9379d9f7a42785c19f69a08f2af29bc7126f201984cbabd45366ca8a8ce946035e144d29e1bd527a6c9a9f051306f3","ssdeep":"","tlshash":"1711a2e044f91848809ab2175da5b38318f8d731ce72d59de66de704870bfdaf14571e","first_seen":"2025-10-07T13:13:54.736934Z","last_seen":"2026-03-29T08:51:51.225541Z","times_seen":11,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/micro-themes/active-styles.css?mts=1156\u0026ver=5.2.2","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/micro-themes/active-styles.css?mts=1156\u0026ver=5.2.2 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8dOQNztI1FlPd2uC6e4rXjHxX8IUdYgNAh1qTm%2BqwX8Hwlw%2Bt5K59DdQxNdpKsqjrGSBpJ78hb7Yc1PWxh38IA%2Bc2TJpDNuCurZBNScUAK3dOvFRGQG4%2FAM%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f192aab01a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3579,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (3579), with no line terminators","md5":"78566ca7a5e938e321e6d0e7dafcb6fa","sha1":"05d02900c3539d25dbe658224bf2edf615fac243","sha256":"d783626ac0ddb14837bd1238df360f4779feaf3396bfd04b027dacb58ec14d8b","sha512":"81ea31f07720a9b4df6ea12527d26ce711e28273e459c287bf1e3c0892a1e76ed909d333ac6f87a3756e19eac3bddfd383210aacfb77482422033e1d4727ed27","ssdeep":"","tlshash":"6b7179d3f5c90967346b855a9081f77c1c3fa8a007924f2ba722b37857486d7a743b0d","first_seen":"2025-10-07T13:13:54.716789Z","last_seen":"2026-03-29T08:51:51.209642Z","times_seen":11,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/MV5BZTQ3YmIyZjQtMDJkMi00NWVmLTlh-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/MV5BZTQ3YmIyZjQtMDJkMi00NWVmLTlh-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iGJONu0tunchP8StmkFSgkNkmQyE%2FsjQUWXiFlUlnuk5LRXtT73vhzBxHoGHX12oZbfHTJ64Ng21AeS6yI1g6XWqc%2BrSP5J7DCDcbPfHAjHCBmck1Yz5d%2Fk%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1933b3f1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9147,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"5e64694b5069fbc2638ef6397e4cdbc8","sha1":"1fc72a1c4bcd79da8b28d44dc0767847a0371f94","sha256":"2aeef8ac00e54e28df9793ee615e0a6e55a26049743eb2c27de15cb730326759","sha512":"b27a1ba6afd7d2196e2be2f9558a3e2e47cde5a4ce6f2027d1851b5e88fa979f19a222fdbf700401bab5672d3789753802b166ce89f89e469519d27d64f098f6","ssdeep":"192:MlIzQ9lsJv3o9ibjELZ+Mb5M6Jyk31pvGU1rNMGd15uLPNdk2fJBiQ:BQIJlbUZ+Me68k31pOsZdXuLPs2fXiQ","tlshash":"0b12bf4f6582a6b4b97bbf70562cb3d00a50d3223571f18ac970e56104848d6a5c6391","first_seen":"2025-10-07T13:13:54.734405Z","last_seen":"2026-03-29T08:51:51.163291Z","times_seen":8,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/iflychat/js/iflychat.js?ver=5.2.2","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/iflychat/js/iflychat.js?ver=5.2.2 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CkQ5AfE0%2FeOSlSuv1Uf50BvnIsZuJzZeEVDFpUEy%2Bq9smfDclLK4TuQ2y%2BbOfDFcqknng1vW3PYbxyllIce%2FmqQbFaCuBZZ8cR4c97xf2nZkmHX8zn2qIy4%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1940bf61a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2993,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2184)","md5":"2c2980826fafa693ae6095bd762f498a","sha1":"ab59c1dcd37cdfe22b0684caaf6126dd07c8a1dd","sha256":"89e8436e40f5cc6d42de2f5799d2e68e43e2d91470599417a7c881ad5684e497","sha512":"66dbd89f8a6e94d27c34fb5f2d9335298249fc5a722d455d1173a312146010ac22c5afaf58dcd972831a9c4c6f5539fef4b881329b5362dc9fd08fe41f4cbcc5","ssdeep":"","tlshash":"2551c8fffb1062091616b476606f261a10b575d61c0cf971a1aacbb9fe3cec4502fc64","first_seen":"2025-10-07T13:13:54.801917Z","last_seen":"2026-03-29T08:51:51.207658Z","times_seen":11,"resource_available":true,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.3","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.822Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.3 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YUUKib0FTC3Q7q%2FjXxBCtuMPpLsluu5Ch7zlDBtCDAdNuIpOb3pVTsSM8ZYg77JoejlRARW971ySCdJbf82M6EKX7zeyKvOOey0p3QpyILnAQvZSXw61bYo%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1928a9b1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1411,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (1411), with no line terminators","md5":"4df4ac22175898ca183108f91cf5c6cf","sha1":"38c949956372c951a469b55f5becc4f66470e65a","sha256":"382fe3dd880202e9e2971b7ae531720bc1bf2bb68decbc507d04e64b62531f44","sha512":"2044b4d27ed89ab6e85b19920093b7b19d17dcc3eb9206a63d1c8012a659b4956b60f0e93fba2cbc3ceb02ae9edd82b08a4f956d67d8af55fa0c8d2d8289ddea","ssdeep":"","tlshash":"7921c0715240d217ebf7d2d3eac5ab4fa32128b2e953533d95c543384cb97705622605","first_seen":"2023-05-10T21:51:28Z","last_seen":"2026-03-29T08:51:51.232132Z","times_seen":20,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/to-top/public/js/to-top-public.js?ver=1.8.1","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/to-top/public/js/to-top-public.js?ver=1.8.1 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pwWAKN6orUsu7%2FkRgZS%2F5EhKQT1MTtLOb0mkfFIPBrzj8cNWGSh13O2gFfFUNl%2FYsHSwdQRqiQegmiY2YnTjU4xW1KLAugof%2FHYLVBS3PH7W1hlBCb9t084%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f192cad41a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2288,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"d57ea8be4223524c97a28d4bcbe46825","sha1":"b750ecd609b7245b8fcfd5f9c148b36a5dbbf2ec","sha256":"4e263a75e29fff467d615ae2b7c503c4e98ea972e25ec82db02197d1f0db058a","sha512":"56cd995341752bacb87e4c792056e48c16056bf2794059d2d5440b8054f68b72e944719b4c5ce62aa859c0bfb445f056d7f2920fbd3e579b293654523e23d9f4","ssdeep":"","tlshash":"9341590ef9ff141561bf317d8bbf81163b31905b211aca903d8cdba4af812395256bd8","first_seen":"2023-03-07T01:17:48Z","last_seen":"2026-06-10T02:46:15.785761Z","times_seen":147,"resource_available":true,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/9/9/quality-problems-593388-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/9/9/quality-problems-593388-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xw6pEIXyahMCtW85lxRfMxrRhYVuTnSlrJxebHZ3uwBHsW%2BBcS8wMLDBRsDWCMQzClf4GEdyDRSzxVprwEoiI6cR%2FqMAidG4Ha9fQs5IaeZusoJqMtVLmvQ%3D\"}]}\r\ncf-cache-status: BYPASS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1938b7b1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":206,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"47e655a40d6414e2e20fb7200ebbb7d5","sha1":"f44ae996e01976eae4466ad0f261fa20ee051631","sha256":"09362f9ae36eee33a1f619f0af1a68d29d7d57d85fe34fc766566c8625c306d3","sha512":"e847ff20884dcd3ceb57028993d9263f98191a241d8f308aa01f080b6a243e84a56b8104834c78e6092010610ab53e9ab8e42989326a78e281bbbffa122e4b8e","ssdeep":"","tlshash":"9bd012e739413d6dd4e3717d28836a98f29595dc10f8651045e11f6332cb2966bc3b13","first_seen":"2023-09-14T05:49:03Z","last_seen":"2026-06-10T02:02:14.288053Z","times_seen":792,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":138,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2018/12/avatar1544290918.png","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2018/12/avatar1544290918.png HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/png\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IBVSc9MmOaAYQiqupiUYay1SBtNueCcZjcQuDlH4hubA9FnVJm8xIvjix5GqUi%2Ft56uiHbHluUjr3ai5u7Nss2nT58hycC5G%2FAvV%2B5F03pyFkmOlTN5PUz0%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f193fbf31a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":42060,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 266 x 266, 8-bit colormap, non-interlaced","md5":"57b2d77dd19d139afd4e5ae4bcd81693","sha1":"26d661a02d75a822cdc14fcee7926f9cd56bd45e","sha256":"4171ef7b93d42b89084efb7ed16eb0a5229e9175391c2207cb0a097e0d86cf85","sha512":"81564732a9fa429932c3e72b50710ebef8c11c98684bcbd6a355880072b415626941c8499f739bc5f417fcc65bee4491bbd8aa7654049cfe8d3a60e01ebed41e","ssdeep":"768:WqgoLorXB2Uax4b50SQufat+7exKTi6NjosbZzLPPoo/XuLFLD:O1XB2z4nQufc+7xi2RbZzLHoo/ULD","tlshash":"aa130243b72b310692073b9516feed7028693a12950a13d1cfccbea3eda4651fb662c1","first_seen":"2025-10-07T13:13:54.761909Z","last_seen":"2026-03-29T08:51:51.206587Z","times_seen":9,"resource_available":false,"data":null}},"time_used":279,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/js/jquery.validate.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/themes/wp-movies-theme-1.0.23/assets/js/jquery.validate.js HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BU%2BJDUGWvVcA4tOnZ4ProLwDo4ESK%2BzqaDTbJ6ggEKkv63U3T2hep8iGEujR6gCl012Iay6ljRY%2BJaDK3rv06CfXF9%2FknyhjJALYOCYg39CfDi94v14LnHE%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1942bfd1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26745,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2796)","md5":"228560d0e4bc99264827a65878f87d39","sha1":"fc1314eac28ad95a9125bb13d83fec8dab4d1a9e","sha256":"75858d2ca3c90028c9bffc23292d3957f012a59057b4cb4f24b0ff101658ea0f","sha512":"8ade56f39902383e9a9dd05dbd44f1495f3897f841e4e71ae381370488e391c3d23cb7605aae2fb555db2e5ac8e70580547e7df5a5a5efd257b6dfdd54558c3c","ssdeep":"768:F2SnjS0Z6d9zPI03s++nTW3VnyVCPnQF1J4Ou:T+0Z6d9zPI032nTW3VnyVXM","tlshash":"09c2a7097241101e8ecf31fbb89b624f72ba95946005a069b4fc94d1bff9f81b196f78","first_seen":"2025-10-07T13:13:54.888869Z","last_seen":"2026-03-29T08:51:51.169316Z","times_seen":11,"resource_available":true,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/app/apx19.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.282Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /app/apx19.js HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nlast-modified: Fri, 12 Sep 2025 20:28:32 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"68c48270-23df\"\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y4XtzhcQStaJZNKW2kuGg08m0oJERch3kN8CEoMkjsvVTS%2B%2FJ%2F0Yv%2B0HAsbRRXXo%2Bm7OI%2Bcjz5MFAxUcO6xPgd4HF7N3sXuL69YUj1yNb7aYadse2KczjAI%3D\"}]}\r\ncf-ray: 98b4f1947c121a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9183,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (9183), with no line terminators","md5":"2344c3f05f624d595f6fb920e4d74ded","sha1":"eb4d1404ac2d5eecd307f4588aeeab5c8ef463f1","sha256":"3a28fe59e4a2af96d8edeeb12d7040c574cf71fa88fccb5cf49e9c0a1d4e4c7a","sha512":"b1660b062c77332a119e159c5c69d3f75d375915a33f141503232f424c4fdd990998a883c271efb94e8eb909f7837d235354ecae15b58fc23ab9d1908170e831","ssdeep":"192:yfBLCNsvzXnQQuWYQVN6nYaRB5c5FM/MR6Adpf04u7w2Br:4gNYXnrYtBONxpf05r","tlshash":"62126cc87ac7f00b53ed8a53ae1a66b8117b946362a47907d3bcf6cd15e920bc179cc4","first_seen":"2023-03-07T12:40:02Z","last_seen":"2026-06-10T07:46:34.068973Z","times_seen":3595,"resource_available":true,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/sbar.json?key=a032b4d33c8aea68a4f9b84235614bff\u0026uuid=ce3230e3-9dd0-4a33-86cc-15ebf398c827%3A3%3A1","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:07.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 21:51:40 GMT","end":"Thu, 01 Jan 2026 21:51:39 GMT"},"fingerprint":{"sha1":"AC:0E:0A:1C:AA:E5:DB:3D:5E:08:F6:26:F1:1D:98:65:42:D8:4F:97","sha256":"24:D8:C8:0C:EB:CB:B6:51:7E:D6:F0:16:2A:4D:4C:93:AF:30:D4:E9:B0:FF:9D:5C:C7:9E:8F:A5:CE:E2:1A:E1"}}},"request":{"raw":"GET /sbar.json?key=a032b4d33c8aea68a4f9b84235614bff\u0026uuid=ce3230e3-9dd0-4a33-86cc-15ebf398c827%3A3%3A1 HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 08 Oct 2025 10:27:07 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4739\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://streamdreams.dirproxy.dev\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=ce3230e3-9dd0-4a33-86cc-15ebf398c827:3:1; expires=Wed, 15 Oct 2025 10:27:07 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Thu, 09 Oct 2025 10:27:07 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Thu, 09 Oct 2025 10:27:07 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Thu, 09 Oct 2025 10:27:07 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Thu, 09 Oct 2025 10:27:07 GMT; path=/; secure; SameSite=None\nu_pl22675059=1; expires=Thu, 09 Oct 2025 10:27:07 GMT; path=/; secure; SameSite=None\nsleca032b4d33c8aea68a4f9b84235614bff=[4323733]; expires=Wed, 08 Oct 2025 10:27:12 GMT; path=/; secure; SameSite=None\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: f4d225bb778193ec92bc8830ea48a67d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6082,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"c1c8f65db02bfb1f4ac9085b93af295a","sha1":"3936601709374162cf83bc3baa7bc012da921a4a","sha256":"128f0920a56691958f65bdd20715555f3b33b6b1665fbc97795198ce1d608804","sha512":"8b58e264d926c8b20ba3fc1cdcf7ac0ee0c7df933ec84d1d71283a28bc27d65b7487c3a9bff8a4d1c9b09a38271e611a6274f6ad52b7ac48df88b6489ce7e69d","ssdeep":"96:9zNSvdEjZfqcOvydtmAYimy2A3qKbl5kOvDiihkaE1eONnTpS7e6TyYPFRiJL35:9zNSvyZfqcOKrmAYieUpx02kageWTpSa","tlshash":"e3c18ef6140535fb5ec248dc81a60de9be856dad3b45aed1aaccc33f88ad9844f44328","first_seen":"2025-10-08T10:27:40.319965Z","last_seen":"2025-10-08T10:27:40.319965Z","times_seen":1,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":306,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/pixel/sbs?c=1","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:09.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 21:51:40 GMT","end":"Thu, 01 Jan 2026 21:51:39 GMT"},"fingerprint":{"sha1":"AC:0E:0A:1C:AA:E5:DB:3D:5E:08:F6:26:F1:1D:98:65:42:D8:4F:97","sha256":"24:D8:C8:0C:EB:CB:B6:51:7E:D6:F0:16:2A:4D:4C:93:AF:30:D4:E9:B0:FF:9D:5C:C7:9E:8F:A5:CE:E2:1A:E1"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nCookie: uid_id2=ce3230e3-9dd0-4a33-86cc-15ebf398c827:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl15816950=1; sleca286902791a7f4c98bcb1e812322cd78=[6220621]; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[4323733]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 08 Oct 2025 10:27:09 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/9/9/quality-problems-593388-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/9/9/quality-problems-593388-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:06 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DbGMxTg%2BB37%2FvfOKWi%2BtENUHBZozmmMZO%2Fa6z6VHTTMuxSJIQkLO1yo%2BaYYzRhCsfBkFb6DvNBOdiFKAbYykOM7yHZ4sxvWE8ifnhWX0ZTQhHrcGfKOh5g4%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f19a3d651a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11672,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x221, components 3","md5":"94859ed3b517e2ae2874f6f2ac4711c0","sha1":"7f5bda0b4913ee2cfdcd6d636bd7b869db2ecea8","sha256":"8d8e3a0a0d32df16f879dc357742aeebe190b6bd47fbef787f43d98bbdbfc09c","sha512":"570d67fbf9e95685008cee0fa72224662edee7bb37ba146ff590e1b1a93d5da334a3cf265794a1f1a6ac218e0c7486b57792ae2092bc1728c1d779352e435782","ssdeep":"192:MZIolCLDOFJo+2DBFAATVs732Jzkiz+aYP8CrzasXGRSHCJDLlFbfbnp9i9ju:rowDOFJr2cAGgIaWSsXESiJDLfbnudu","tlshash":"7432aec116fac6e0f0a4af3e6c112415eee59896efb2434d51b1be101e361ef62a21e5","first_seen":"2025-10-07T13:13:54.77147Z","last_seen":"2026-03-29T08:51:51.124711Z","times_seen":8,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/search-filter-pro/public/assets/js/chosen.jquery.min.js?ver=2.4.6","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/search-filter-pro/public/assets/js/chosen.jquery.min.js?ver=2.4.6 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QBnjqpoWkvsyjWWm6b1gUlgKngvw0jJxK77HEETnIKjdkiXWc5PpBFefTSr6pqZ6CiJGK%2BisMLp7f%2FUuMFbwSYpeLY3UMHMC6ri5MZA67a9%2B9gaW3AfzJgc%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f192eaec1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29121,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (28999)","md5":"3e9f1dcb9cc75169765265133fb815a7","sha1":"7678293e0a0df6f57aea34e07b7e0392ebba2234","sha256":"73881513a7e7f8944a311bea8e80e9fad946e256ae74d62b5c8d469dc6df0186","sha512":"acc186178c20d51ef77a1b67c5706de666d47cdf49509c1b936d4a3259cb643261ec190f99ea2f06e75d64210d25d7476183240a1f613c59cf992f6cb29922f2","ssdeep":"768:+Otj9+umwo0XCITm9HNfhvwITdNWb0DvHrqgtV:+ORjgF9HNfh1TdNWb0DPugtV","tlshash":"8ad23188fab0a12041f795e5a65ba5c5f337a49ce80c89acf93dddd65868c0d702fb34","first_seen":"2023-03-07T01:07:22Z","last_seen":"2026-06-10T22:53:23.629248Z","times_seen":14715,"resource_available":true,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":223,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/wp-user-avatar-pro/assets/css/wp-user-avatar.css?ver=5.0.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/wp-user-avatar-pro/assets/css/wp-user-avatar.css?ver=5.0.0 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1rfA169Ckr%2Fga%2F%2FFZkTqu5S0UvDLqa%2F0VPFxcxc2VjzUHV3uF%2BJgg0CoxoNBoozIe8%2FiRv%2FapP%2BBY6NAL7Y3Ah8stCxP1M1hGDLLD9MWmhTb6fR2kngBleI%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1929aad1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5987,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (5987), with no line terminators","md5":"8e23884f399bdb52ea419431f3103db0","sha1":"0d93e4fb09264e176dd395ca8da8dd1292956e78","sha256":"071f5c7a7009f45d11e6894dc184133e900e0596bbc76701776464e1438456c7","sha512":"c5384d8c6ac6f71cf5dacc5aec3abfbf6b467657a2c49f8a9c1525f9f35b3190b70e1ff020867ebb3063fdb210d4cac18e1628c47f2ad6593c7f3933c1b8bef5","ssdeep":"96:9SWZWUGGzZWKNAUrHYu1OqHS0RJb4YKJHiHzPizgyj:9SEfGSZfd5x4fHiHzWj","tlshash":"58c18516d1f810b9aa27c60eb790ffdc3819e152f7420e6be922ae14c7d41e331a7b04","first_seen":"2025-10-07T13:13:54.812251Z","last_seen":"2026-03-29T08:51:51.160716Z","times_seen":11,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/jetpack/css/jetpack.css?ver=7.4.1","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/jetpack/css/jetpack.css?ver=7.4.1 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c86wuDt%2Fnnm2iQBzhcNKD%2B2obYxCGTQCyZ7ApeYhewuUBdQDJJLEaa3Xb8WtfuVD2vsvhBM%2FiXI0iGB27pnU0BOIw0GJ3%2BFf%2FASqN%2FXfrjoRIeG0Ohh6Bd4%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f192aab11a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":71347,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"27cbb212befdcf5dc3516e430b2c9f4a","sha1":"154451df8f94940ba84e4157cf4c642ee8f49f1d","sha256":"09b385062a6867b04a0eb84dcc0695ed81dba17e6d5147ee1b87f6582f34d142","sha512":"05b96bcf00a82685a17392238b7ab00901f307000f8ba597d1541ba23ce8042f8a6bde5b801583a08a25343e808950950660af72356cfbb10dc2f602d4db90bf","ssdeep":"768:HZMDqXKAVjm4nYX5u/jZpAV2KUkjuGL1oJ76zamDMQM/TQMIGgZPPKsFqJ3nQJtK:HiSKAbZpAV2aoJ76zoAAJ3nQJtQFP","tlshash":"98639371f2880159aa23c376a896b3e835ac9551c7011eddf9e3b63c8fc67d9142eb4c","first_seen":"2025-10-07T13:13:54.829518Z","last_seen":"2026-03-29T08:51:51.121905Z","times_seen":11,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/buddypress/bp-core/js/vendor/jquery-scroll-to.min.js?ver=4.3.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.894Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/buddypress/bp-core/js/vendor/jquery-scroll-to.min.js?ver=4.3.0 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yax%2BN8C2CrX2wSNisYWn%2BuWWKZY5kYe9rqWek8cpUiQfVyRAF2gNtTbfpVGRcuaEJDfBNq7amCnwJWw2tER5AB8q8MqrtZkwVUKCHEEv9zcW2FwJBih9YIQ%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f192bac61a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2189,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2189), with no line terminators","md5":"7087ed48c1053946524a9f0d1ec80829","sha1":"a4d953a8039e278f11b382636d5c422d2ee6c785","sha256":"83db688184c9fbb0bc4cfd4a7228745ecfee70452f3357168ea3e3840a2f3524","sha512":"6f1f84f586e8424e85c1852cb932f04ec896851bef467d79b36383fba74b349f4f9f203e6e3a0807aff047ffffa6c91ce1c23fa187f724fc1a4867ee7b06d23c","ssdeep":"","tlshash":"5a4121dcf416f22547a3a476a25f010b32baa86b250a4050b64ccce83e7462b4537ffe","first_seen":"2023-03-07T12:11:18Z","last_seen":"2026-06-08T22:29:26.593635Z","times_seen":341,"resource_available":true,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/6/0/the-intruder-593206-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/6/0/the-intruder-593206-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PhPc9xetKeY32K1yLvX3c8rb1fg1LM1SY%2BuY7LbCEniKE0aN7PESevzJ%2Fu1EaVSxQGnEK5PyyMK9tOlCw5iwLj7%2BANgNDyrIXYe%2B217HtN6fWz6SnDRBgKA%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1931b261a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6209,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"ba8c4643690a24c9807222caef49d14d","sha1":"34861ff0008a0e5910a928aa5a3bd2562a8a3588","sha256":"517726d9fedc183ef0ab2213fc2984f10ca35f66728a1de642278eadde18aa42","sha512":"a135a1133c13f6e71d15f14d4f9423879b41f0b626cbc467443e91d9a3a0242d57cfbe37f8165a997e0a6476487b06b7575e4f239a66b4e9429fd20c99162408","ssdeep":"96:MUJAzaJ759J9GOjUKv3elNt6DxtTa5VsxthfU9afmwIQVopL2opyyw3KIaxs8TC:ME6aJd9J9hvv36WFyVgPfYCVoyD3KXDC","tlshash":"b4d19e5907181868c97c8d3059572eb3c684dd04cfbb61cebfb8fa9560880c875a062b","first_seen":"2025-10-07T13:13:54.799313Z","last_seen":"2026-03-29T08:51:51.130835Z","times_seen":10,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":183,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/c/4/a-rough-draft-593444-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/c/4/a-rough-draft-593444-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GShd1xJ9YvQc1vaCt%2FBxYoXWrdn53ClZVMUcrbsNywzEXt07QRv%2B7guK0B2vVNoBwsMOFo%2FHW%2BlWe3n%2BDtgNHfcv1NhhmXX3CWjiRw2PMm2flcq%2F71VfFs8%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1936b661a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9567,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"6e73efd7593e3aeb28794ea8c15ee1d1","sha1":"b7fa1d186dd9bf06c947abfc55aeab0b952ad42f","sha256":"8ef9f3ab2dfc7ff5b71a441802825dbc29e6769791063035f8b180b0a12f7de8","sha512":"107821423bd55286b6ef35238c48613a9d28651d844a2a5dd024ed004ba7a76b7eafdbf0f946567e689017750dbecb6e0734d545ff4d4c84fc31325d00001508","ssdeep":"192:M8AV3nKMw3AShDLJQ7jahB6pciLa+25gWnuhFeEydFvGqBGEV0pN:zAFnKHFdS7ja6pRa+SbnUtydFvfIN","tlshash":"7312b00feaee2209505baf7d57e2907561cd690fc2186e67253cd1171eaa4cfd924031","first_seen":"2025-10-07T13:13:54.988971Z","last_seen":"2026-03-29T08:51:51.1974Z","times_seen":8,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":192,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/notifications/ios/new/2/img/close.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/notifications/ios/new/2/img/close.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 605\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:44 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"65aa8500-25d\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 170618\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UJMTlueU1f%2BNZ1DsRcQVo6T9uS3sm%2BYNm6PDZoFlF%2Fhttmf1YHYzTK7vKu%2B3N9ueV8pNm71%2B0jgDudGrTWeyQd7VYboRqqxu8V5xN3ymQ3w%3D\"}]}\r\ncf-ray: 98b4f1ac4fd4c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":605,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit colormap, non-interlaced","md5":"7df5ce0a180f652c8822f0f6eb983503","sha1":"78a2d0ad98add3f7965e67b3189523f5b0143f2b","sha256":"d9180fc43276f3bb0afce5337ec25b4bf9ac07b896f481b212cb5c6853df8dae","sha512":"8c693de3bceb11225af1ec4a53e1eb8c14e51067fd61906036e9d8101e7d9e48aa7f41cf20fb306d5137e828927dc270c17bf904f67ddd2bf0921946a29ea452","ssdeep":"","tlshash":"91f09e537d0e39ade5719136b8c50059eb84bf10c1711b629c7866513a6b8a0b188a04","first_seen":"2024-09-30T19:08:45Z","last_seen":"2026-01-26T14:24:17.940122Z","times_seen":90,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/jackbox/css/jackbox-global.css","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/themes/wp-movies-theme-1.0.23/assets/jackbox/css/jackbox-global.css HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MI764ePzu%2Fw6GSuPH1sHtEl7nbZtWTjB9EOZNlD8Sd0P3KFLm9gVShW2EyWoBGXbvBfhGZy1jIMgQaVz49bWCoHFPbgD4%2Fjo0leFBe7ql7arWu1jmhnJ%2BAs%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1927a961a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"9287149694b5cfd00bc34f5968a5287d","sha1":"dcd6f91706301bbb60b70267e9d343186e534403","sha256":"a0c0c0050cb02338fdbafe2c302f3f06b01c5a16c726aa2281125dd18d94a344","sha512":"8ed89ae26b373f19a5625670e5c0bf4fb9a68406f5440dd0e27fd4fb305e41b1d55b7b6aeb1f24e151f1d14a6af8bf326ddb9a571f0c1a62167428cefe2345e2","ssdeep":"","tlshash":"e5a00157684002098032ea98cc65a32e98be034a851d9a0bd603e21805aeec225ba228","first_seen":"2025-10-07T13:13:54.7228Z","last_seen":"2026-03-29T08:51:51.129771Z","times_seen":11,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/a/5/marriage-killer-593270-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/a/5/marriage-killer-593270-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:06 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fjcuw3DDG%2FAqihTavJRL5XgXZQun46KQU24j3Abydy%2BLHT62AzOeob004CiOjCXeXZhbQu3cLrZeKi43D9u3jcxw1CSzb1119Zgiw2n4%2FxXCFRn2xYMMVO8%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f19a4d691a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8735,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"0142829140726770cf06a4fae8e0153d","sha1":"8ee5151733b1565d8ca5c9776a0fab46de99a760","sha256":"c4df1e4cb3f42f64e7be6651d59a6822003d86e70b35bf0524ec608027a11fa2","sha512":"ded1b6cc9a40e9947680fef1a0c5d622e895370f4e6893da9fc4b2b68aded2d2eb7ea199cc2fe3a3ed990e5cd206544486bc913ab040a13fc8a241cdc450ea96","ssdeep":"192:M8KZRLV/OLbY9WaYpfsDfWcvXy/Ntq3pJneXLyACzYZ4m7iqaKFsM7bl:fMRLV0Y9Wasf8vXcRfKm7SKFN7bl","tlshash":"3f02bf51914b9395fe31bcf7946a6abab50cfdbc981205a70a33d85324730c9c12403e","first_seen":"2025-10-07T13:13:54.928653Z","last_seen":"2026-03-29T08:51:51.12286Z","times_seen":8,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 08 Oct 2025 10:27:06 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 5f7c23056afdd9cfcaf79fdc0bcf3c5e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":197,"timings":{"blocked":56,"dns":1,"connect":20,"send":0,"wait":25,"receive":41,"ssl":48},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/bootstrap-3.3.5/css/bootstrap-cyborg.css","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.768Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/themes/wp-movies-theme-1.0.23/assets/bootstrap-3.3.5/css/bootstrap-cyborg.css HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f6J%2BIlwFrnGI%2FJfB6%2FOiXFdJuhY1DqyGHlJxzAjA3c4fzeHQt8O%2FmZtGsiy0Jpki7O%2F0TyUR5L%2FNaynAix0JTCfO%2B3Qm6BBO69uaYBhreiwWRz3rizvDbw0%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1925a8e1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":125505,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65253)","md5":"80ee2358f6b0baf7444a9ea6142eab3b","sha1":"34328c4b8c18db07aee1c9cff229cea12543ff7f","sha256":"9fa88a091ff1a0abf51774ac3c011efc1b8340212fead1cbc2cece28e8b7920c","sha512":"fd348f098b6079d4c54123a2bbafa442cdf051580a7f33b961338e9d86e548798c3f96f27383c1cb44ed4987fdf0d8f65f117bb0551ca7f18d637df6e9362943","ssdeep":"768:O7FGxw/GbmdRa8N8xvI6JHeM0r63L37xR1M1bdbpn0tO2Viq3kKW70mjH2tqZ8I7:Rw/au0I6JHeMZ3xRednr/H2t/I7","tlshash":"5cc3d6a0f11030ea7723c55a71d0ed872219b153e5674eb7f22f25e88f896ca1673f1a","first_seen":"2025-10-07T13:13:54.87695Z","last_seen":"2026-03-29T08:51:51.227892Z","times_seen":11,"resource_available":false,"data":null}},"time_used":309,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":254,"receive":55,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2018/12/1/b/the-oath-576435-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2018/12/1/b/the-oath-576435-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ib7f1Vqc7Id5dcIwaPWN1AJRVZEDro6tj11kTjlXtuQSr1f3mInT8lOzo98eQ1sRrKxC99abhAOGlqW6lXyoznNjgwmePiuQfPsaCa%2ByBvdOO%2FjK2pS2Iqc%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f19a0d5d1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8627,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x221, components 3","md5":"2ee22c8f375bda8c238dc54d2168f13c","sha1":"bf0cf0228566da8919ab86d88f55449b66103522","sha256":"8f65b45638343729d5c958c712270c0440f7b7d28dbcfecdcf3871afb0d53b98","sha512":"41bc14af32bc4d7e971ee1e41f8f4f1dd0cc78b28a76cf63d98d27da579a6ec743afb543c5fbd0d5fdf79ab822a8d0b458ca509be973ab50da8f072435d8517d","ssdeep":"192:zJcu0LcqX5OSfUg/+WvPQnHOmumDcCadYhXnJNALs86v2FG6bMh4:DKz5pRhm1aduJ6T6QMh4","tlshash":"8302bf60e97b69a9f15142320f1bb1e23fa5baa08340c008ed1a9fb4f51db568c4f94e","first_seen":"2025-10-07T13:13:54.843678Z","last_seen":"2026-03-29T08:51:51.123812Z","times_seen":8,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2018/06/avatar1528170635.png","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2018/06/avatar1528170635.png HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:06 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TG89xWpZRRNpSfby9d13FuJT4OjSxLpIM%2BJ2OysMVIJMbGEukQOp6DTYzalecvH9wRjf9GQjW7DvLBHscsW%2BP0%2FmBnjPX85oQ5A%2BaIbo6zJFWMtygy%2FFMZM%3D\"}]}\r\nset-cookie: view=1; Max-Age=86400; Expires=Thu, 09 Oct 2025 10:27:06 GMT\nPHPSESSID=vm10riottnn9ffd0m2rvgst325; Path=/\r\npriority: u=4,i=?0\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f19a5d6b1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2576,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 325 x 260, 8-bit colormap, non-interlaced","md5":"2b03677e09e48757c36495425d72e439","sha1":"720f90657c723be4e751dd5bd7f23b11381ece81","sha256":"8c31431a32528b753dafe7e52460ede2056be9e64041284dd839539b59a6c1a9","sha512":"ef8c6a9add16679c2d845144c885e24e0f037b2943b720c89395c34dc9a40532a23eb91e08d972960fe87950016a5ec8c65ff43ea8756037ef03cc8873a99ac7","ssdeep":"","tlshash":"f4510a338624aa9b41ba5e4dc4770b026f6540eecdd8ce5163d609f54c8a78127363a3","first_seen":"2025-10-07T13:13:54.806384Z","last_seen":"2026-03-29T08:51:51.215307Z","times_seen":8,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"52.57.8.161","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:06 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://streamdreams.dirproxy.dev\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=1745697a-7a84-4ec8-a970-36191885505c:2:1; expires=Sat, 06 Oct 2035 10:27:06 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"5fe2f428eb3805b46104b0c0e374a104","sha1":"2db924d6758780cb7a3fc613004f7ad62a297e8b","sha256":"2ea37cb96d61da2525d883f947a2cec3461c137f31e46be91be535cdc1ba997e","sha512":"9d19e6b5cf06a6f9c69f4d397099b5465fe11ae1ed698dd9a9e2d832e20be15684e259dadddc7d21ea859ec06688f029fecd8693ffe180b975b8e9d7c75a71d4","ssdeep":"","tlshash":"8490008cc202c0a200cc0a80be2233888e002b3f0a023c8e8ec38c3a08200300e3f2a3","first_seen":"2025-10-08T10:27:40.346206Z","last_seen":"2025-10-08T10:27:40.346206Z","times_seen":1,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":-1,"dns":1,"connect":28,"send":0,"wait":21,"receive":0,"ssl":232},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/img/close.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/img/close.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 591\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"65aa84fe-24f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 373756\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fsEVEebtK4DZczMPLdIsLPrOjWNY8BgMw%2BOT5zev7Gd8yxcASgk8FPSQuEigFeVypRgtCO6B5pm85bX5TKf9kaHSqgN7iL%2BCSMW6s3knuyQ%3D\"}]}\r\ncf-ray: 98b4f1ac1f5dc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":591,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced","md5":"9fd5bcb6103d86e317bd1eb019bcbe71","sha1":"6b5a52ea669dcb74946f2bed4bdd7ec985026113","sha256":"0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae","sha512":"e244a8842c009fa83e8d9d1088ec5b76ca2a42660568b7886e01724977b9ebd4e43690e0c651e25287c64dcc4826391b34cae6a106e2148139450dd05fc5a562","ssdeep":"","tlshash":"b0f0414e7c5903a1874caf3b18dd00119c27898077c82e0db689eed20e008e215471da","first_seen":"2023-04-11T11:09:41Z","last_seen":"2026-06-10T12:47:42.300929Z","times_seen":5786,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/widget-options/assets/css/widget-options.css","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/widget-options/assets/css/widget-options.css HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qQfliSDxpSXBlVbnRKFgHMmPJwRkNCAvwT98sfIXjWJaWJKIl6IzpJbHmI6MWoNuaGDGQ8APpTvEBmVRhCmEBehaQ%2BjTSQiA%2BKEn9pitOXpA3YBVAnTmQL4%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1928aa31a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1005,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (1005), with no line terminators","md5":"a66942a0a055d560f51247e6c46dec99","sha1":"d3564ed18d1ecb0e6afc71936d6a84c3bccba6e7","sha256":"509339575ab7b4e06f0b37dfeb48fbcfad69c61156f69d6f4a07cff345fd8e50","sha512":"1e96ce231f915de8fab29fe33a34f755f5542c4ad6f30adc2d929f862696ceb4d637f2e726025d29fe71aff4efb3aaf4b2f8b48ce2b66dd0967df4f42254b2d3","ssdeep":"","tlshash":"751103434a66260b5435e93d47dea3a2c272794b5fca13e00ccc6c60afe9c44213c598","first_seen":"2025-05-11T13:11:50.516399Z","last_seen":"2026-03-29T08:51:51.160119Z","times_seen":14,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"stats.wp.com/e-201926.js","fqdn":"stats.wp.com","domain":"wp.com","tld":"com"},"ip":{"addr":"192.0.76.3","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wp.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 19:44:58 GMT","end":"Sat, 03 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"E9:63:7F:0C:6E:C3:A6:C6:27:94:43:17:2D:51:5E:E2:3E:DA:FB:16","sha256":"7A:94:BE:74:03:C4:90:D6:E8:ED:98:EB:0F:DC:60:BE:D8:2A:DF:82:3F:DC:85:70:4F:C1:10:52:E4:F5:75:81"}}},"request":{"raw":"GET /e-201926.js HTTP/1.1\r\nHost: stats.wp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nx-minify: t\r\nx-minify-cache: hit\r\netag: W/14421-1717166113530.9253\r\ncontent-encoding: br\r\nexpires: Tue, 19 May 2026 08:18:43 GMT\r\ncache-control: max-age=31536000\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-allow-origin: *\r\nx-nc: HIT arn\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7370,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7370), with no line terminators","md5":"12df00d326d9d7ca84ba60c0eca1f7db","sha1":"bc2af6354bdbe334c94b8a33d26357c5c3156925","sha256":"5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855","sha512":"9b4e38e6b3bd0ad3a494e62c56cf1c59e52272fb77d86d7a46a1f873078ff154cda9bcfd8a5983ea1c980f3d92cdd597a9728a03658e13951f773a2299f96429","ssdeep":"192:SZlmgfr24Se6MpTXapkyN8jcpypscqDciqtiPh71:SZlnrUwXapkyN8jcpyioyh71","tlshash":"84e196a93140b13916f720a2669f6307f0368f773e4b5041d67cc4207ab5e8b9927f9e","first_seen":"2024-06-03T05:08:03Z","last_seen":"2026-06-07T18:48:26.89593Z","times_seen":7818,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":1,"connect":7,"send":0,"wait":7,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/js/jquery.validate.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/themes/wp-movies-theme-1.0.23/assets/js/jquery.validate.js HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nCookie: PHPSESSID=ffki957an88r45irtce9n3sotl\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:06 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JGB2Q5Lf2ZtfvbEauwpnVl370gl3tUKxc79LkU%2BD4KexuaKnzsuWoc2xN04SqncPmW%2Fqxtq0at1P6gHvzZ%2BbuqCz%2BsxrJx1r3JQImYL4brU%2B7gw3CuoXl8M%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\nage: 1\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f19c3da01a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26745,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2796)","md5":"228560d0e4bc99264827a65878f87d39","sha1":"fc1314eac28ad95a9125bb13d83fec8dab4d1a9e","sha256":"75858d2ca3c90028c9bffc23292d3957f012a59057b4cb4f24b0ff101658ea0f","sha512":"8ade56f39902383e9a9dd05dbd44f1495f3897f841e4e71ae381370488e391c3d23cb7605aae2fb555db2e5ac8e70580547e7df5a5a5efd257b6dfdd54558c3c","ssdeep":"768:F2SnjS0Z6d9zPI03s++nTW3VnyVCPnQF1J4Ou:T+0Z6d9zPI032nTW3VnyVXM","tlshash":"09c2a7097241101e8ecf31fbb89b624f72ba95946005a069b4fc94d1bff9f81b196f78","first_seen":"2025-10-07T13:13:54.888869Z","last_seen":"2026-03-29T08:51:51.169316Z","times_seen":11,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/au/0c/54/07/0c54074632a811f9c5bb2811796fb090/1657098821.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:07.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 11:11:15 GMT","end":"Sat, 08 Nov 2025 12:08:40 GMT"},"fingerprint":{"sha1":"46:26:78:BD:18:7A:95:15:D4:B3:89:73:FE:7E:99:33:18:7F:21:3E","sha256":"AD:6B:6A:10:54:38:33:B9:BB:A6:FD:B7:B0:1B:2E:9D:62:B8:47:35:C4:E6:7B:F6:4A:92:AA:75:B0:29:F7:F3"}}},"request":{"raw":"GET /sb/au/0c/54/07/0c54074632a811f9c5bb2811796fb090/1657098821.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:08 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Wed, 06 Jul 2022 09:13:46 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PT0pihmT5jEfTUc39fjRsUmU8H80z28DJwAqKvskl6pyZ9Sqybn9j3k3I%2FDeUZc4oW8nXS2KezovHymCwxhS3EcAk1E7f0Fz0gtmVqqKgw%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98b4f1a58f631a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1070,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"91b896fd2cd0fa352f67f530c46d6e20","sha1":"a340ff41c252ea09b8d860fceade41479173d65d","sha256":"5801f40189ad7e25f99e146c400aeb53e0f2c4132a33fb22afc84f11f8b5f3e2","sha512":"b660a77cc291eaa58f5cc5e6f5d0997f96df6de1ad4f4887f910738cdc657a362733e80a466366d2c659b421f377f1d4a3531ad40750a6353b310dfc4fea4ac3","ssdeep":"","tlshash":"9111ecaa2ee586b311d350e5bb352f1bad92d6878c4f694173fc89618f81d92cd9300b","first_seen":"2025-10-06T11:07:14.980118Z","last_seen":"2025-10-08T18:42:08.194285Z","times_seen":84,"resource_available":false,"data":null}},"time_used":719,"timings":{"blocked":115,"dns":36,"connect":1,"send":0,"wait":479,"receive":0,"ssl":78},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:09.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"F3:C7:68:20:2E:52:7F:61:4B:43:46:72:CB:A9:29:91:40:A0:5A:96","sha256":"1A:0B:E2:45:70:7A:DB:88:E8:4C:4E:DF:ED:F5:08:2F:2B:2A:CA:33:09:72:DC:80:8B:D2:7B:C6:48:3D:CA:D1"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Oct 2025 12:56:02 GMT\r\nexpires: Fri, 02 Oct 2026 12:56:02 GMT\r\ncache-control: public, max-age=31536000\r\nage: 509467\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-06-11T01:56:42.938524Z","times_seen":877123,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/05/d/9/brightburn-587922-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/05/d/9/brightburn-587922-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xB72g4HUMCg16FFJ7f9N6g8DTtC%2BWO9KVTOBs%2F03WKVo6Jum8bCTAVzhVZapGiAD70pJB%2F%2ByMjIL%2FF%2B6wTP5EWci%2BLWzdimlFs2jGM4VZinGl3GGcbIuEAc%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f193aba41a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5810,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x221, components 3","md5":"63dd3a15640ba11d6f9dab1ea230324b","sha1":"76aa2407f9c41b6f9a56bd760959107340eeb916","sha256":"cce3e47fd0bfd7f5e9722a62ca48b6cc9a134ddbb4a790b534b1757d8f97c616","sha512":"2552808eb7b173b7be01874a650d7db05e98af50b6424cd9ee43be3637624382ebf825fd1249e1fe2cc006660be06f3fb8b339f41e3981179ea773873993aa97","ssdeep":"96:W+m2Qg0cG7w+jlWWtYzhUDuhtU3BnBns9zfWedPFLLfhZcK+TFx4q4BgoW:vQgePhWWtYCDtxBns5R7gK+Bxj2gl","tlshash":"6fc16bc38f22cd25f3982d32e1a8a4a2331c5c0a1a5357b439d77d2d956c1e04ef94ee","first_seen":"2025-10-07T13:13:54.938845Z","last_seen":"2026-03-29T08:51:51.210889Z","times_seen":8,"resource_available":false,"data":null}},"time_used":80,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/email-verification-on-signups/assets/js/verify-email.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/email-verification-on-signups/assets/js/verify-email.js HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=y02bVsQj5Mw%2F8wx1MhvXghpTTmPO9AArOCA1rMf7D7v4A%2FYfkS8xAFPRfrWCTGOHwJJUdjtqlMDfMj5%2BD36ioxNFiprTxc9rZWl6zBAjzH%2FE1faBsBX7GjM%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1945c0a1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":266,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"6ae52edfb2f9361cde39d84ed046c59e","sha1":"4935b2efb5daea19ae783f9a99ef7a70dc0f679b","sha256":"ad58bca769408630e44431b49b89a9a36af5ba945ad3d064d0b8b8884fe5a5ad","sha512":"adafe79e17f9a968501744087f7bc6f06b8b3a5bba1bd6e7f7caef323164a77bb6edff999f2215bd7668332b94878dc7216443241ef7bda5a0316ca6ba014b44","ssdeep":"","tlshash":"e1d0972eacc8384982fb31f9e81f1a397222008306ebd403f0658081ce76312ba31389","first_seen":"2025-10-07T13:13:54.744773Z","last_seen":"2026-03-29T08:51:51.100593Z","times_seen":11,"resource_available":true,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F0c%2F54%2F07%2F0c54074632a811f9c5bb2811796fb090%2F1657098821.html\u0026l=1070\u0026fd=638","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F0c%2F54%2F07%2F0c54074632a811f9c5bb2811796fb090%2F1657098821.html\u0026l=1070\u0026fd=638 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 08 Oct 2025 10:27:08 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.friendlyduck.com/pan/accounts/default1/52xzaxvzhby/6ab647e8.jpg","fqdn":"www.friendlyduck.com","domain":"friendlyduck.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"friendlyduck.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 Aug 2025 20:30:29 GMT","end":"Sun, 16 Nov 2025 21:29:02 GMT"},"fingerprint":{"sha1":"75:45:68:40:CF:30:20:CD:8B:A4:18:0C:C0:24:46:9E:CF:BF:21:B2","sha256":"C6:2F:A1:18:EC:4D:72:4E:24:EF:89:13:81:C5:91:36:AB:D6:B0:9D:5C:03:45:16:63:F0:95:92:09:DB:D7:78"}}},"request":{"raw":"GET /pan/accounts/default1/52xzaxvzhby/6ab647e8.jpg HTTP/1.1\r\nHost: www.friendlyduck.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-powered-by: PHP/8.4.3\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CBj789VS0iLHYybLGMQFy7SYY5OSDaK6USn3S7S7CFC7HvTR%2BLQ1bpoEJ6PObI37CxjmmsB%2B2Yl96iU6yOdk76NCHpbWdbgOCSAHuIWLMNSyQw%3D%3D\"}]}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 98b4f1980ad656bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"PHP:8.4.3","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":594,"timings":{"blocked":487,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"amt3.com/5/9914495/?oo=1\u0026js_build=iclick-v1.1586.2\u0026userId=08025ca037c64efbf1eeff7c33193628\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=0","fqdn":"amt3.com","domain":"amt3.com","tld":"com"},"ip":{"addr":"139.45.195.9","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"amt3.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Sep 2025 05:18:13 GMT","end":"Sun, 28 Dec 2025 05:18:12 GMT"},"fingerprint":{"sha1":"07:CE:BC:65:68:14:E9:3D:A9:36:B2:F9:9B:EA:24:70:92:ED:15:21","sha256":"7E:B5:03:72:AF:6E:A6:99:87:96:AD:4D:D5:AA:4C:88:B3:63:32:D8:27:9F:0C:82:05:6A:40:FC:4F:1F:87:51"}}},"request":{"raw":"POST /5/9914495/?oo=1\u0026js_build=iclick-v1.1586.2\u0026userId=08025ca037c64efbf1eeff7c33193628\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=0 HTTP/1.1\r\nHost: amt3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2594\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 10:27:08 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://streamdreams.dirproxy.dev\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":261,"timings":{"blocked":114,"dns":13,"connect":29,"send":0,"wait":30,"receive":1,"ssl":66},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"amt3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/bootstrap-3.3.5/glyphicons/glyphicons/css/glyphicons.css","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/themes/wp-movies-theme-1.0.23/assets/bootstrap-3.3.5/glyphicons/glyphicons/css/glyphicons.css HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TmTtG26C1hnyh%2Bliu47oSl2r4UtqY8I32UopHc%2FiEEasZO7pe4B3KVCFlS50gVqwiUQ6eY%2Ff0CR5%2FJGLswb8455mLUkR%2FrRt6AClcGYgM5WpxxmNXH%2F6L%2Fk%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1926a911a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":51175,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (51072)","md5":"45713ecd7278e13d3b7987860f5f4967","sha1":"2c7874a4cba3d00423274b868626491ca732cf08","sha256":"f3ee7176ef2330e5b8fad47481964eaf9c124726925e3128dfb2c67c80c34d91","sha512":"33f5444f3118976a14c6a3ace1d7689c90283d8c673f3baba3dd51329c35bcac6befe7333145b47ea60d853bec01419e01c76816824ab774802f8db9a22d3609","ssdeep":"192:zT9L3Nmuz6n6wywAcB8tgb2MxRulXGWSdLegaZjouPwX7xUb8VwQLU/43QFbUaUV:/9jwuZmy6ly/JgTXuHGHDE38DMI41cL","tlshash":"a3339191b48710d7b723d933a650278610aef3d0cc218eacf22f6d6d66f19b4446bab5","first_seen":"2025-10-07T13:13:54.710193Z","last_seen":"2026-03-29T08:51:51.207128Z","times_seen":11,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/css/offcanvas.css","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.784Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/themes/wp-movies-theme-1.0.23/assets/css/offcanvas.css HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q%2BODvavuQwMWs90IDnWw8nwAXDz0SaL6QfYmZoSFhRXYkeGxoFo8NoMXbly%2BX6U4bTkaBZhqjMRjNL3NENU1JgC71f9W%2BI%2Bg29H3zm8SBXsaR45Pz%2BQkSa8%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1926a931a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":463,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (463), with no line terminators","md5":"c2d3ceeaca6bbb8546003b4617dffdd7","sha1":"e3f022d0dbc40463a4245eb12221b2c8c2b92326","sha256":"b0637116213f9e07872e2678a44f003f8b813c40a36170e3610647dcb576bee6","sha512":"2184a8b28ef4884d8e87650fa97b3e200018ab174d3b510772ee66215347491257cdca993bcee83eb72703427cc89c8e3251ac16f6d18b4fc195ce51bdfa7484","ssdeep":"","tlshash":"06f0a7152aa138d8982786d6d98002e08738adce6f730cc9e5fd6b065f2a957003be8c","first_seen":"2025-10-07T13:13:54.868958Z","last_seen":"2026-03-29T08:51:51.193472Z","times_seen":11,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2017/03/6/9/logan-74792-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2017/03/6/9/logan-74792-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IpO5KFm8EaXgGwi6NZrgtDowWKPF1wrvdFF6nGzsU4hHZ4fOdks89H0jALx%2FrrQYQbg%2F0lQg5DTMNrTI17ltfsRmyUfolhgL4T9l4Xm8sp3V755Evqn%2FSiA%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1934b5b1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8199,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"d064ea510a5d43c4acd47e110a31e602","sha1":"43ecd1b4aeae964f0f7ee22bb73b0d0b7547a4a7","sha256":"663216512f5c1285ce2a02cd2c54e4777615749233e496246795de28cac2c34b","sha512":"7a94a86689d04dec89fe0a9ec1756dfc07f35f3b55c04124c140aa8a572182fad9ff23d230a795f5e4391c01e2473e6e82eafd02eeed97d9b654a0da2efa0c19","ssdeep":"192:uBomskzVo1ofqeqkHXoyXeTLiPp0zCPblQiv:uqmLVioSeqkHYyXefihYybO4","tlshash":"f9029fd901197c4dd94cd13d366e3932d99e7e583a750f2fa8f36a006f4453d97a8087","first_seen":"2025-10-07T13:13:54.86274Z","last_seen":"2026-03-29T08:51:51.163804Z","times_seen":8,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/c/4/the-way-we-werent-593352-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/c/4/the-way-we-werent-593352-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4RLRi0%2FdgcMon3dfkdwP9UAphGSracHHJbTUIqwjRpXznv6dibm2kYsK0llXm2kC66asrSRSBFZJkECTmyaYanQyZ7RDJLvwyf5gHqJZGB%2FPzirQYsU5YvI%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f193bba91a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9390,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"19e3bd63fc38528c7098873bbdd81402","sha1":"804f3b0092846d5079a3c62a23cd546b48c7b598","sha256":"0e8d10eea4032306770d33a59a5da900ef094f70beb75589168ebda2fbb9f7d5","sha512":"517a43472e07d78340e848ae236d2d4ac76a8a7d092d72c5e3af743bbaaf7193aa832923d130ac4707030e75ef6148ea64f50352591b89a94b1e09b3223b0394","ssdeep":"192:M62MAk6IlEWFfj/BbgJ0t5ZSzV3KPZNcilj1BL:dmW/2JWjGVYljv","tlshash":"2612b010376b1fc3c7641cb88806d426916ead114d23eb496a73e60af7591fc38e96ce","first_seen":"2025-10-07T13:13:54.896936Z","last_seen":"2026-03-29T08:51:51.106026Z","times_seen":8,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":90,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/b/3/strange-events-2-593273-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/b/3/strange-events-2-593273-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sLadAPR%2BsnI%2BS%2FqyyxtbQ%2B0Cux9HwGQuvymRpq4nHmZ%2Bf%2BBRswBo0R8S2v4bvQxXKGwPJhINB0tmtCUkglpA5U8gw%2F3i0c7h%2BZEjXCgJL4%2B5RqEf77IkrZU%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f193cbc81a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9198,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"4f16ad6cde604c4f46dd13b275298f3f","sha1":"7b718f1288cdf3e82807253fa3edd00eb106e806","sha256":"42709184c0833f61248034e3de0f6f0b59d017cc93a23f2cc629def4e61fd4c5","sha512":"3cb7486fb86192948a5e0a648db9f604981417d9ed7f1d1ca1373db81ee92d2c2604beba1b716a576c447b08a15f668952e44d552f95de53c1d274c358876963","ssdeep":"192:Mfj5uU/Puv4jhdAbEVwkCOBZ5ymMTrrADCbwy44Ep8Traxn:yICPuv4j7mEGk9Z5nQ6Nytqh","tlshash":"8f12beb03a96c9a1c22adf31a7593c38617d1840f43524ee6672dcf756a80ed88e71d8","first_seen":"2025-10-07T13:13:54.788949Z","last_seen":"2026-03-29T08:51:51.093885Z","times_seen":8,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/b/?https://streamdreams.dirproxy.dev/wp-content/uploads/2017/02/cropped-cropped-fullmoon-192x192.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /b/?https://streamdreams.dirproxy.dev/wp-content/uploads/2017/02/cropped-cropped-fullmoon-192x192.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nCookie: PHPSESSID=ffki957an88r45irtce9n3sotl; dom3ic8zudi28v8lr6fgphwffqoz0j6c=1745697a-7a84-4ec8-a970-36191885505c%3A2%3A1; sb_main_a286902791a7f4c98bcb1e812322cd78=1; sb_count_a286902791a7f4c98bcb1e812322cd78=1; sb_main_a032b4d33c8aea68a4f9b84235614bff=1; sb_count_a032b4d33c8aea68a4f9b84235614bff=2; pp_main_2200540f09f939738419313a1a090c32=1; cf_clearance=MkXyfpEjGapPFsef0CJJaw.Rwv2Qfa5WxIBWBNvpAGY-1759919227-1.2.1.1-1DicwaxqgBPOwCdQVkxf8T.I76pDJ1aj7.FM8G4mwOwtNcJFuqdktzr8djdvWDqJrUoOy2BqQPIqmGNc0rrDJHWiI1bm0a.U2Ive6dwhPGeQvkN9TvUJ6l.q71bjGyqOvWbBTl8ANMvoJHkGrsLcQe6M.k9baLOPmU1553DlOALRrJy1nB1Rg6fTN7yDGrH97yufKn8DRh.9tVR_dyipYlDjrFBopxN2Xi9oW7yG6dA; pbpr0tpuw4isk85t8yg3jb2lj5vqf=heartilyscales.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:08 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aANzFq5Gm8EtcMHEx5GxPuCzWMn7iN4HF6mp%2FXNn4a0mQjdCKoNbveyvwsWiaR8Rf5LPHYwlsZcs5rTYUQKLQtVwYYpiDEV9pvX3WCKLwDoEtMxKKGuPb%2BA%3D\"}]}\r\nlocation: https://streamdreams.dirproxy.dev/wp-content/uploads/2017/02/cropped-cropped-fullmoon-192x192.jpg\r\ncf-cache-status: BYPASS\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1a84f4d1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6771,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":75,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.3","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.3 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CHj7OoWF05LX2DWYrtnNpO5ZOijw0yzVp%2BqOKWEZJHq18%2B2j8NvUEOUUa4sfd%2FvggYzOPvjmZh6%2BxT485Aq3JcKXI784x%2F%2BgUh26rvx%2BqFp0TNYlKCsmOW4%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1945c091a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10901,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2236)","md5":"eb26aed7179698e6cc95f097b978df09","sha1":"e6cf8807ce558f00ce026f027241bff5a525685e","sha256":"32d9329d48ccd5a058fc1f4a6be8b010c4c9afb03d046ffe8a211ce474db2b6a","sha512":"5529925dc1feb9c5d3c9caadc0aa0e4eacfc4881cf9d1e5dea48a36d40085cd4a3a51e31d5ece13f38151b5ec00701fad6e05addf136c93b50852c48083a5f20","ssdeep":"192:msOm6DjUwqEZU4Idu2pY14s5EOnxk7qX1y+M8s6+gQNK:Im6DjUwrn2pY14svn+7qXPM8AgQNK","tlshash":"4922a29cf27266e96afb12f660cb17431b326867c8835395d09d84241dbcc86b527f0e","first_seen":"2023-03-09T23:01:43Z","last_seen":"2026-03-29T08:51:51.110448Z","times_seen":46,"resource_available":true,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-08T10:27:03.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/html;charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oVYD%2FX%2BvE1w1rtszt9R83G5JjJC9xlUcGDK90vBmSnTmZmZ%2BFpBX0Ymk8RokVg%2BBXbfRghHeP8tVrJVNwNH4djtREHOj%2BzDiOtA4RTG8KsD5KzY1tqbc\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 98b4f18ea89a568a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Glyphicons","description":"Glyphicons are icon fonts which you can use in your web projects.","website":"https://glyphicons.com","common_platform_enumeration":"","icon":"Glyphicons.png","categories":["Font scripts"]},{"name":"BuddyPress:4.3.0","description":"BuddyPress is designed to allow schools, companies, sports teams, or any other niche community to start their own social network or communication tool.","website":"https://buddypress.org","common_platform_enumeration":"","icon":"BuddyPress.svg","categories":["WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap:3.3.5","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Contact Form 7:5.1.3","description":"Contact Form 7 is an WordPress plugin which can manage multiple contact forms. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering.","website":"https://contactform7.com","common_platform_enumeration":"","icon":"Contact Form 7.png","categories":["WordPress plugins","Form builders"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Chosen:2.4.6","description":"Chosen is a jQuery plugin that makes long, unwieldy select boxes much more user-friendly.","website":"https://harvesthq.github.io/chosen/","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks"]},{"name":"Gravatar","description":"Gravatar is a service for providing globally unique avatars.","website":"https://gravatar.com","common_platform_enumeration":"","icon":"Gravatar.png","categories":["Miscellaneous"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]}],"data":{"size":115263,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1871), with CRLF, LF line terminators","md5":"b312c53aea440563ddbc8038bc0c1dd8","sha1":"d8708180868ea2131c1d1f627c9047c5f93cf869","sha256":"ff6c4d3b2e33e9efec05513e96099f3ad9b002ded8f557d389db4991a9073eb6","sha512":"586194b2b2393cc81551e5ea6fb77e0b063674fbd853224cf59bf5db4d5624684e8b262a3c1908e56565d75deb487b11c4d5fb20f058d4661151c324bf06d086","ssdeep":"3072:7unD8AenCVkGy7lVeqECMux5hKp6mQQzABdl0NzsWNVIIXPThOktW6yHWYjd+ztm:hMp6mQQzABdl0Nzfo","tlshash":"44b3c6b390c4a52f91b670c1b15a77afb0e39027e71ec876b3acca5cb395de09921705","first_seen":"2025-10-08T10:27:40.359566Z","last_seen":"2025-10-08T10:27:40.359566Z","times_seen":1,"resource_available":false,"data":null}},"time_used":733,"timings":{"blocked":217,"dns":30,"connect":1,"send":0,"wait":300,"receive":0,"ssl":182},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/loomisoft-button-widget/css/style.css?ver=1.2.1","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/loomisoft-button-widget/css/style.css?ver=1.2.1 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K4QrikqD5pkHqeO69uJSD2%2BY0M3ZXClvg%2F7h0OpZhWrqc3ZIFRuaH5WSxphxUTkpMvJAFcI8Nto0c6CjlDU33JpIjgj5yO6nIOKb4hxR%2FMeZQ20qvEvYxAw%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1928a9e1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1537,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (1537), with no line terminators","md5":"d47fad4cd0e8023191b39dfbcac354ff","sha1":"b83da5b586a4c454c7ced86437b0eb9728cf09e5","sha256":"5755a44a67c15762975a28b05c31bcfbbf7c294a99ccb1d8b0c9cb217eac1859","sha512":"d76713403801964e5103e3f86ca82bad7cf3dae0152dbc55d024ad49c027710a81fa12e72389f9a78ffb8d7302d54074372bdde93659adaf3112abe414a18ba0","ssdeep":"","tlshash":"073145d3f2c8662832aac60c250337bcbf7c8496e7019d7ae894b7b04bca4c7012d529","first_seen":"2025-10-07T13:13:54.760108Z","last_seen":"2026-03-29T08:51:51.095795Z","times_seen":11,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@400\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"54:09:EF:2E:96:03:5C:86:DF:F0:DA:AC:A6:7A:0D:35:49:4E:68:90","sha256":"0E:84:83:07:1D:C1:46:17:EB:EA:2F:15:CE:88:56:D2:FF:9E:AE:31:D2:C3:FC:DA:00:24:46:48:43:CD:11:1F"}}},"request":{"raw":"GET /css2?family=Roboto:wght@400\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 08 Oct 2025 10:27:05 GMT\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5746,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"017672004526d49c616a83a1885ca6cb","sha1":"317c4a759af5149d1777a5c195c2030c842d4b70","sha256":"6ad67efe8c01a7f843a39344a43ca877e30726dd0cae6db3ce719a22a63bbc70","sha512":"f1dbb144b98e0a05fcaefd0367bb48be095ce28add6c7e8e8ac4d6b4b31dd76e2a7edaa4587bb78841aac8d679c53ba06e7a98775e9c6eaeee11c18c4f251ed7","ssdeep":"96:1OEbaNllOEbaNsFZKOEbaNWOEbaNVTOEbaNVy+aZjzBrgOEbaNIubqGIFuV4yOE6:2NlmNMNVNVkNVqbNfbqGIwV4BNdNzwNY","tlshash":"9bc1fd91041704409b835cd227ce7f34fe1f92116544d0b9abfc9b6beddbda6426836e","first_seen":"2025-09-08T23:56:02.073922Z","last_seen":"2026-03-05T16:22:21.514891Z","times_seen":5277,"resource_available":false,"data":null}},"time_used":727,"timings":{"blocked":283,"dns":1,"connect":8,"send":0,"wait":26,"receive":0,"ssl":405},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/gd-bbpress-toolbox/templates/default/css/widgets.min.css?ver=4.8.5.650","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/gd-bbpress-toolbox/templates/default/css/widgets.min.css?ver=4.8.5.650 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=etR1iQLbWJKRjdb12%2FYCxxYXpXCDeT1vAdmmdslilGAMuqa3Sctbbygw6SNIZmhs6Z846xmcjB8wm5WbxvJUgYtpbJYmnKwplIkd6Gjx%2F0ZymS8hfKYjmOA%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1925a8d1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1680,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (1679)","md5":"f898dbda1bc5f69e2fa745d9cfba83e4","sha1":"b3d8f87f84fdcb79feb359668962f248a1c8d6ae","sha256":"ece3df95defbdeb3481aa8eb86515361ce550395c985367a2564c9ea6100e64c","sha512":"e2bd0a2369068506b84a1aa5072d21215b9f553c342af2652c10b2aec874be5d0e99308796353168a608529123200ce5eebeb38869044389473653fce2b8a5d5","ssdeep":"","tlshash":"e3312412c7cf71a95126a8a2bbc4b724371dc4adf5968de38c06b35acb1f4d081bd60d","first_seen":"2025-10-07T13:13:54.891543Z","last_seen":"2026-03-29T08:51:51.128776Z","times_seen":11,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pixel.wp.com/g.gif?v=ext\u0026j=1%3A7.4.1\u0026blog=112548243\u0026post=0\u0026tz=-5\u0026srv=streamdreams.dirproxy.dev\u0026host=streamdreams.dirproxy.dev\u0026ref=\u0026fcp=2069\u0026rand=0.38545142733695326","fqdn":"pixel.wp.com","domain":"wp.com","tld":"com"},"ip":{"addr":"192.0.76.3","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wp.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 19:44:58 GMT","end":"Sat, 03 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"E9:63:7F:0C:6E:C3:A6:C6:27:94:43:17:2D:51:5E:E2:3E:DA:FB:16","sha256":"7A:94:BE:74:03:C4:90:D6:E8:ED:98:EB:0F:DC:60:BE:D8:2A:DF:82:3F:DC:85:70:4F:C1:10:52:E4:F5:75:81"}}},"request":{"raw":"GET /g.gif?v=ext\u0026j=1%3A7.4.1\u0026blog=112548243\u0026post=0\u0026tz=-5\u0026srv=streamdreams.dirproxy.dev\u0026host=streamdreams.dirproxy.dev\u0026ref=\u0026fcp=2069\u0026rand=0.38545142733695326 HTTP/1.1\r\nHost: pixel.wp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 10:27:06 GMT\r\ncontent-type: image/gif\r\ncontent-length: 50\r\ncache-control: no-cache\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 6 x 5","md5":"e4d673a55c5656f19ef81563fb10884c","sha1":"1f2d8ed221d39329251ad3a6ff1edb20b7219443","sha256":"f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1","sha512":"e0b03411282a979cf772f700d9e5634b0c25c612e380ad33c0d59059b1b479d027016d5beb148403ef185430db35f5faed362f36ce2c8ecad0e6d8e30cea97b4","ssdeep":"","tlshash":"69900201f9a08180c1206535091a035c62049256490443062255751c5d546650616254","first_seen":"2023-04-05T23:53:38Z","last_seen":"2026-06-11T01:44:06.889042Z","times_seen":104867,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":5,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/buddypress/bp-templates/bp-legacy/css/buddypress.min.css?ver=4.3.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/buddypress/bp-templates/bp-legacy/css/buddypress.min.css?ver=4.3.0 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wixEt1ulQhMh%2FihcuglffRyi1HkrJn4SVEB0bKIJLClLTYgmXtGaf4KLO7HklzNyKEROEjPgS2cOhE8Sh%2BrdKO%2BZxSCLcKfTgaKaKwiK1iJw%2FkXGooU5tsI%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1927a9a1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36793,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (36793), with no line terminators","md5":"efb3eda6a3c6e4a916f9b1eacc042065","sha1":"88e255f48003b33ef35d6400af25cee0304e1193","sha256":"ecd09340b7937920d7e979a960587a4d4731ffa823202da44b14720d4fd7fbd3","sha512":"8912454f038133ba49f48e5261f022c75a6b79222dc293eea48881774adb548648c315ceb85663fdde9509075bc8b3967bb015e7980a0d9eaf1e99b6ccb18c3e","ssdeep":"384:Z+nDnQHn4dHeK2SbJZJpToVqGpOEntmPt/k4N19:wnDnQYtZbs5pjtot/kk9","tlshash":"85f242f34155b11c7ed7807b7881b1e162e65040e75ee2feae69433c83fda912e32a49","first_seen":"2023-05-25T17:41:00Z","last_seen":"2026-06-04T15:29:21.8975Z","times_seen":27,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/search-filter-pro/public/assets/css/search-filter.min.css?ver=2.4.6","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.861Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/search-filter-pro/public/assets/css/search-filter.min.css?ver=2.4.6 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=J6pgy3nIkXa5HoW0zZfPX7yftlChqs8I1f250zZF8A74sNTYZi0bzzrJXcgDYNNgrjjnNe1VkUee3uWx8DLnrYM5psZTDKeLr%2F8vf5VRBw1h51Bi2DM6pgU%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1929aa91a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37477,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (37107)","md5":"24cdd4f8c69ea55cdcd2abffe80e9e02","sha1":"466c29f4634fbd8267991dd1b17dc2f274215637","sha256":"bbdee6a5cee7911ffed204b01e8798ff1ab500d754e0db2ae6be306c3567a37b","sha512":"84734e0930dccca75e10fd522391f562f9fa3e1f6fe879ae86662e9ad7587eddea5709d70a204f4f1e59fdaa4aada181b8c8a60bc12cb0ac63c81b845f20c2c8","ssdeep":"384:hd3Da6EbL0/TfXx0HtpItWr0jqcdEJuvDhm61vd54L:7su54L","tlshash":"58f251316edc1639b0bf89ae9cf038d92329c99fc5111f9ebe7ae051cac9855018794f","first_seen":"2023-04-17T10:58:13Z","last_seen":"2026-06-04T14:21:49.300866Z","times_seen":384,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":135,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/buddypress/bp-templates/bp-legacy/js/buddypress.min.js?ver=4.3.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/buddypress/bp-templates/bp-legacy/js/buddypress.min.js?ver=4.3.0 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KEwR86IjT1o724WetJokjAm%2F5NcZ6D7zK6stbRRvXmPM6SAoRIR1e%2FTsj1%2Ffx4YKTWtDb7EE3%2B5kJTbKa4dcKx%2F6hemq87lzUlPdpAVmHK7GQtTyuE8ZW9o%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f192caca1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":33791,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (33791), with no line terminators","md5":"95c4a2107ddf6d533647560883fd1ed3","sha1":"da437c7aff0c4f8997e458b33aebac48de31df53","sha256":"44169086accb3bd2db46a98ba09529585133609847bd72ecd5f85f346a243697","sha512":"85744cfb0b246200b0d189274bd97c957f9f4587747ffdda63897b3f3542f2f83d3814ad0a01b9ecf9277fc5b879b595249ac2984b82cf2b475d3abf39e2aae0","ssdeep":"768:Hdt2JDsQMbRiXiyCUFG/+RuKx9Pi7WSpPf557jQN7IRFaF:Hdt2JsQMb8XFulpPf554NEF2","tlshash":"c5e2f964b65478fa16bf21d72c26721320226ac7cb1d45797b5801ac679cfc9a333e1f","first_seen":"2025-10-07T13:13:54.834777Z","last_seen":"2026-03-29T08:51:51.134245Z","times_seen":11,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/0/1/burn-your-maps-593397-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/0/1/burn-your-maps-593397-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LKYT4kJnEv1XzzgbIFpfCcKLwHLgLlqWXm0STEmTeZX1Ot%2FhgHc%2FxRHFIA4CKy%2FXZ8lMagkskXXJ661e2MPNofiysy8Vzbs6fsvNtHWrU6jRV1pziYMogIk%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1937b6f1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8014,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"920f298a5ca5c3ecdbafe502af8e8a60","sha1":"77d31eee4d593ec364b4529e48f54341c62a14f8","sha256":"65f0cc9d289c94f5d96967dabb2b6f0240ee43db06d6e4078b38f53d19830ae3","sha512":"688bd2aa3745e78d059ef60bfcc1ea99e9a5a7808c65f5651557c2f48af0fdc139aacea5ef730ab3b312d37e29bac4de090dcced392e6ca6d263ef15de57ad96","ssdeep":"192:MKGwhH9mX9HM7RNe7R2fCJJ69jEQv0l055Exw:8wr0u7Ob69jEY0l0ga","tlshash":"ebf1bf1d8b10761ef805cdf4aa51b80b07ece650732a5b19d2b9e0ea9c94ff82f46184","first_seen":"2025-10-07T13:13:54.74265Z","last_seen":"2026-03-29T08:51:51.214627Z","times_seen":8,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/js/rJS.js?ver=1","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/themes/wp-movies-theme-1.0.23/assets/js/rJS.js?ver=1 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JrwnL5UeUQ4dpfdbJl49vFHTGmN2z80J41VTycDORWpNNoUs76xPWr7WTzToiA5FtUtCmv4%2BorOy3XH6LJffd0eHOTssIGkX9NbRTdh3YijTafV01jEVz24%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1942bfe1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1474,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"d831390d20a51c6db4cac25b11837b8c","sha1":"03dc0b94226c6a39dbfa419f8e05c309ee9b8cdf","sha256":"0d0de37d1895402a9f85056478d43d7aaf51590247a07c6f569a9751f46a72bf","sha512":"dd5428a53717ed3f6a2821805c971917c4fba2ae1e5bdbcf3d25da985e674e4598c36b1063bd356e8fe08d26c5629e19fc24d22657cd203b05cb6e0e162cc45c","ssdeep":"","tlshash":"3b314b49a0a010bdc3e631592d3f583a60e71de2535aa28da23fd072bdb69144fb6d0e","first_seen":"2025-10-07T13:13:55.020715Z","last_seen":"2026-03-29T08:51:51.148573Z","times_seen":11,"resource_available":true,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMawCUBGEe.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"F3:C7:68:20:2E:52:7F:61:4B:43:46:72:CB:A9:29:91:40:A0:5A:96","sha256":"1A:0B:E2:45:70:7A:DB:88:E8:4C:4E:DF:ED:F5:08:2F:2B:2A:CA:33:09:72:DC:80:8B:D2:7B:C6:48:3D:CA:D1"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMawCUBGEe.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40572\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Oct 2025 12:42:13 GMT\r\nexpires: Fri, 02 Oct 2026 12:42:13 GMT\r\ncache-control: public, max-age=31536000\r\nage: 510293\r\nlast-modified: Mon, 08 Sep 2025 18:08:18 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40572,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40572, version 1.0","md5":"c127ab3cd3cd07eb1105370e70d67d76","sha1":"82677e46b52b8d93d5f34c9bbef71032d1cfee3c","sha256":"d758e85352971dffe51a5992405eb8f9b316b1bed82495445c328699ee400830","sha512":"a1fcbe9ac0f9aef7c40681f781a068450953e5cce43070a968b090f9cbd5902bf922e4bce422cb7ceb41c0641f2dd3ecb578d98f4b2852a9f41e9e296a76796e","ssdeep":"768:D0ueU3Qk/Vm6R/b2xzvCaMAqrnKE04AmmeFJlUPbksYiy3EGJIVoGnnq:D0s3QkNm6z6vkrnKEBAmLfUodjJIVRq","tlshash":"c803f1e09e226abcf137c171ac74cc2c94e2606bfa1b393d61316403ebd80f7e1a5956","first_seen":"2025-01-09T19:55:13.017129Z","last_seen":"2026-06-11T01:41:46.333416Z","times_seen":9791,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1817\u0026rd=1817\u0026fd=1010\u0026bv=25.10.6722\u0026tmpl=70","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.624Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1817\u0026rd=1817\u0026fd=1010\u0026bv=25.10.6722\u0026tmpl=70 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 08 Oct 2025 10:27:06 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":657,"timings":{"blocked":272,"dns":2,"connect":96,"send":0,"wait":94,"receive":0,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.gravatar.com/avatar/2bfbcb624ba23214b3d5bd32ec62896f?s=14\u0026d=wavatar\u0026forcedefault=1","fqdn":"secure.gravatar.com","domain":"gravatar.com","tld":"com"},"ip":{"addr":"192.0.73.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gravatar.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Wed, 13 Aug 2025 19:44:00 GMT","end":"Tue, 11 Nov 2025 19:43:59 GMT"},"fingerprint":{"sha1":"74:C6:11:97:72:6C:AD:3D:C4:B8:07:B9:71:B0:52:7D:5C:EB:20:23","sha256":"0C:AA:22:E1:81:4D:7A:6C:A4:5D:C6:37:89:F7:40:15:1A:3C:86:FB:89:C4:F0:EB:1A:74:4B:32:C1:CD:2E:A0"}}},"request":{"raw":"GET /avatar/2bfbcb624ba23214b3d5bd32ec62896f?s=14\u0026d=wavatar\u0026forcedefault=1 HTTP/1.1\r\nHost: secure.gravatar.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 10:27:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 607\r\nlast-modified: Wed, 11 Jan 1984 08:00:00 GMT\r\nlink: \u003chttps://gravatar.com/avatar/2bfbcb624ba23214b3d5bd32ec62896f?s=14\u0026d=wavatar\u0026forcedefault=1\u003e; rel=\"canonical\"\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nexpires: Wed, 08 Oct 2025 10:32:08 GMT\r\ncache-control: max-age=300\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: HIT arn 4\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=HIT;dur=0.0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":607,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 14 x 14, 8-bit/color RGB, non-interlaced","md5":"b21ab80b5939b76ebea63a1d874124fb","sha1":"dff3389cfc7a7bf34b0d661f5415e135d01183da","sha256":"6432a439d95b10df07ac3077718f73986544f00ad7fc9d429adc285fcb76b3c8","sha512":"eb8fa0eccf23c593022b0ebd1e7e7f727817d44ca9e9094dc93a5c8ebf7df0bcac8bfcdf455cc7a4865c3b75955dd2d4226b75247828fe400748d33f3d313d0c","ssdeep":"","tlshash":"28f047fb33f327ca71128532e959a1e1e32f15f11e85ec15153fed4449564488083188","first_seen":"2025-10-07T13:13:54.747164Z","last_seen":"2026-03-29T08:51:51.208886Z","times_seen":9,"resource_available":false,"data":null}},"time_used":326,"timings":{"blocked":59,"dns":196,"connect":10,"send":0,"wait":8,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/rCSS.css","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/themes/wp-movies-theme-1.0.23/rCSS.css HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F1%2FF28XTEiUJyXxsL%2BX0%2Fz%2BY1egoMv9IZ1KlFJDBtrAkxwZ8lwYdJqxwF334dZJb5p6JTH0lpFgJEitRAGlbRzacosJPA5SKQB7E2agUlxZk%2BhlJOixHrhg%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1927a951a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9591,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (9591), with no line terminators","md5":"8a5e74575ce74f1499b5863a2d387741","sha1":"35ec48f085593e877147d0e4d5bae2d48b957186","sha256":"b8803044b1cd7715c66ea1b7bdc8f427f02a8374f12dfbf72e1e1ac5316052c4","sha512":"b9de2f2a46d4095a83ccc7e8de20f9efdd9e7109d38c67bee84550a1934cb88b9a47a9143e8ec98a4a4a57327cb056d304eb8ab9bba5b34d4e62973f5873bc9f","ssdeep":"192:RNT22s7DXCPDZ4tDneRDrunDxc9DrWXDBc/DtMTvDFIL7D1wrD985D7uTDVQZDvq:o77CPt4tbeRPunFc9PWXVc/xMTv5IL7q","tlshash":"9012f31879d9aabf779f4774684a02353267c0c0c2814f1e257f1886f9e9bae0373e19","first_seen":"2025-10-07T13:13:54.98518Z","last_seen":"2026-03-29T08:51:51.120903Z","times_seen":11,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":183,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/buddypress/bp-friends/js/widget-friends.min.js?ver=4.3.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/buddypress/bp-friends/js/widget-friends.min.js?ver=4.3.0 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=el3GkRc6d5tbxqONBFzevAuvNQgxGToT0XWl7piUE4SOq6iSPbRoyY%2B9gEzkGadyfMhr1o6vDQoIZAtp0g8QTWV5P8Q0Iq%2F%2FUARAU4LcqAWVHOST6D8%2FeyI%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f192cacb1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1214,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1214), with no line terminators","md5":"832901075750636871430b2e944528b3","sha1":"da960c718c631017f0783d7e8e754ac8076b284a","sha256":"0c9ac108bc69994e4452dbd80bdcb074a2543676d082ca979935ba59d9e8e408","sha512":"6693f9fbda380af0fe318e9241f7a4e80c7ce893aade2c6afe11f80189221a716fc6788515c131f068d29119a9ab4e9186c70dd39d6c05b50e2d09f63d7a7bf9","ssdeep":"","tlshash":"db21211c354460ec27b695a2e53b6273307796edf3558e80a721348126f8adc113b507","first_seen":"2025-10-07T13:13:54.93623Z","last_seen":"2026-05-09T17:12:01.34217Z","times_seen":16,"resource_available":true,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVnoiArmlw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"F3:C7:68:20:2E:52:7F:61:4B:43:46:72:CB:A9:29:91:40:A0:5A:96","sha256":"1A:0B:E2:45:70:7A:DB:88:E8:4C:4E:DF:ED:F5:08:2F:2B:2A:CA:33:09:72:DC:80:8B:D2:7B:C6:48:3D:CA:D1"}}},"request":{"raw":"GET /s/roboto/v49/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVnoiArmlw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 19660\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Oct 2025 12:58:30 GMT\r\nexpires: Fri, 02 Oct 2026 12:58:30 GMT\r\ncache-control: public, max-age=31536000\r\nage: 509316\r\nlast-modified: Mon, 08 Sep 2025 18:10:17 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19660,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 19660, version 1.0","md5":"819bbfbefdc5869939993f262df71cba","sha1":"8e6ab75be2b7c378c11b3b4fcb6402b7bac21338","sha256":"a08aab97ea21fc5299645d12e3ef57bfb5e86e524e1a59ea86bfe4bc1afe2f6a","sha512":"f0ef79cbccb860f6fa5c7355a9cf67f4855e553a1d51abcc6d2c95102792c8c3921d766ed243896e3f50ee32a4bcfdc248b5f14b9004010f9e5f88334a8bd52e","ssdeep":"384:bCi6QSDz71y9YJnFk918ftG/seIIALY1TkaV4/8Al5K0:GISDzeSq9Cf8zTIflj","tlshash":"f992e1c483c30995f8122db0c502824caa89d95adb9e7cbed58cd771d4ac250c2dbd92","first_seen":"2025-01-10T09:34:54.732754Z","last_seen":"2026-06-10T11:10:41.406133Z","times_seen":1787,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.622Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:09 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa84fe-13361\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yngfAzb0FET8TB0UhzP%2BELnu8LwJmq68ff5Ay%2FrYqutVMpsJ8YEWJ1jGxHELnOTgMq%2FgD7thWF6fsagw1gfp%2FUBgN8imLUiilKOlGUnwV3E%3D\"}]}\r\ncf-ray: 98b4f1ab8df6c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78689,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3d4123dbfb33d27a5cfdfcfa91df6783","sha1":"e7d0eeeec54b848f0bc3da8685fa3bc88429d660","sha256":"cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887","sha512":"75c8a48dc207595e201b50b87ff68782112a21aded9f15f14185c07d40f0151d6afe74a2b278aa575caf12ac422e8166316296ed7b6573ea24e667cca4af51dd","ssdeep":"384:jvuAuF81dghu3ublZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uLu7uNKwZiMUL6Vpaj7F","tlshash":"22731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-01-20T06:37:31Z","last_seen":"2026-06-10T22:35:45.528014Z","times_seen":11907,"resource_available":false,"data":null}},"time_used":719,"timings":{"blocked":107,"dns":21,"connect":1,"send":0,"wait":504,"receive":0,"ssl":80},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/notifications/ios/new/2/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/notifications/ios/new/2/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:09 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 05 Mar 2024 12:38:39 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65e7124f-1244\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Id7kpfLeNEOcRqq2spFBJF6FgCxaQ0QdOAsGE5jCoilEvHQZKGV%2B4NncusHt5cOL%2BnuEnrZfF7Hc5hEOruMrKWX8PiOxIgXC3YInEa5QdVY%3D\"}]}\r\ncf-ray: 98b4f1ab8dfbc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4676,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"98c9d48f7ba1ca323c6e69254de7b1d7","sha1":"126eb0a561a817df7c5cd704dd6a1254f33a5e4c","sha256":"c42a942f5fe9b94de1915abf5d07682c3d3e6bf568e4bc75d56cf18b4695471c","sha512":"d97a4655c23f49c98c53b6e48f90a94c0ea5184b4d160a7d2b714f95735ab9f7d3850e7cba3de61c3f5ba163b4c9966bed431c6f1d9e85550ddbbb69195e1e82","ssdeep":"96:iTMXkGMlzT+JzCyKbmJxMX5eiBTMXptuNCBxkBJUZQM0bYrW7M9yt1VPEVYlI0MS:IMXyJT+3JxMX5zMXptuN0xoJeB0bZHt5","tlshash":"3fa1fd566b671a44b50bc56a3f6a2707231540038a0bed787fc9660c8fca298d6e37cf","first_seen":"2025-10-06T11:07:14.959022Z","last_seen":"2025-10-08T18:42:08.253833Z","times_seen":76,"resource_available":false,"data":null}},"time_used":499,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":479,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=622","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:09.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=622 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 08 Oct 2025 10:27:09 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":141,"timings":{"blocked":49,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2016/06/2/a/attack-of-the-giant-leeches-18888-150x225.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2016/06/2/a/attack-of-the-giant-leeches-18888-150x225.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qGtz6JNA%2BzNEhZjTnxKtM0XlSkdKyd5nsWEDYoYwF%2BYP%2Fjl%2B%2BjKJPHgY3hT6b%2BrMw9sbbCuvvLj7oaXhuwk5sLz47RvM4tXsrVzUMt0j4Ozsldq2kUgQRZc%3D\"}]}\r\ncf-cache-status: BYPASS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f193bbb51a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":206,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"47e655a40d6414e2e20fb7200ebbb7d5","sha1":"f44ae996e01976eae4466ad0f261fa20ee051631","sha256":"09362f9ae36eee33a1f619f0af1a68d29d7d57d85fe34fc766566c8625c306d3","sha512":"e847ff20884dcd3ceb57028993d9263f98191a241d8f308aa01f080b6a243e84a56b8104834c78e6092010610ab53e9ab8e42989326a78e281bbbffa122e4b8e","ssdeep":"","tlshash":"9bd012e739413d6dd4e3717d28836a98f29595dc10f8651045e11f6332cb2966bc3b13","first_seen":"2023-09-14T05:49:03Z","last_seen":"2026-06-10T02:02:14.288053Z","times_seen":792,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/8/b/winterskin-593276-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/8/b/winterskin-593276-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0KK7zRWVy3kqRvzhI0L7jXgnGAeAJes88jZwpY0Cz41VySs2T9LqHoEM8Ymn72RH6uGoz%2F5UyrT8VTJqfjOXx%2FRX%2BizUWsas93Alhvvvwdi9yCzcmT4lKNA%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f193bbb61a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13683,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x221, components 3","md5":"6ebda0968b18a2e7683bfe1fb38ca36b","sha1":"c986d89472e8f677741f6a6d2acfe47c73d3acde","sha256":"9c50f198cdd1ea84c77c409f84a2728b48fcaf5cad26000358af624020a8d4f8","sha512":"cf959cd396e797eec764d9a0a21d00ecc04feded56b1151e08dbc017283acbee8b08d6d8ddbc9dd4348a3594f073661289606bf3702dbd23898d517429f4890b","ssdeep":"384:YAKD+ac9w9p49VQL4JVFnHCAdjYb77/ZXC:XQCgu3QMJVZiAdjS79C","tlshash":"3252cf84132271d9ffaf067a00239a42e9091de520615e0f38cdb76c6f952e95eec06c","first_seen":"2025-10-07T13:13:54.872525Z","last_seen":"2026-03-29T08:51:51.232987Z","times_seen":8,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":195,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 08 Oct 2025 10:27:06 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3430\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: c95f52a0f0b404da30a134f7dab97d41\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6293,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6293), with no line terminators","md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"resource_available":true,"data":null}},"time_used":604,"timings":{"blocked":320,"dns":0,"connect":0,"send":0,"wait":95,"receive":2,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure.gravatar.com/avatar/68655ff92bfc4458454327364840e58d?s=14\u0026d=wavatar\u0026forcedefault=1","fqdn":"secure.gravatar.com","domain":"gravatar.com","tld":"com"},"ip":{"addr":"192.0.73.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gravatar.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Wed, 13 Aug 2025 19:44:00 GMT","end":"Tue, 11 Nov 2025 19:43:59 GMT"},"fingerprint":{"sha1":"74:C6:11:97:72:6C:AD:3D:C4:B8:07:B9:71:B0:52:7D:5C:EB:20:23","sha256":"0C:AA:22:E1:81:4D:7A:6C:A4:5D:C6:37:89:F7:40:15:1A:3C:86:FB:89:C4:F0:EB:1A:74:4B:32:C1:CD:2E:A0"}}},"request":{"raw":"GET /avatar/68655ff92bfc4458454327364840e58d?s=14\u0026d=wavatar\u0026forcedefault=1 HTTP/1.1\r\nHost: secure.gravatar.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 10:27:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 616\r\nlast-modified: Wed, 11 Jan 1984 08:00:00 GMT\r\nlink: \u003chttps://gravatar.com/avatar/68655ff92bfc4458454327364840e58d?s=14\u0026d=wavatar\u0026forcedefault=1\u003e; rel=\"canonical\"\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nexpires: Wed, 08 Oct 2025 10:32:08 GMT\r\ncache-control: max-age=300\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: HIT arn 4\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=HIT;dur=1.0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":616,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 14 x 14, 8-bit/color RGB, non-interlaced","md5":"dbb478d9d2d3f704ae9af17c81ea9fe5","sha1":"4ad3be692367d8c65e343f5c9a2adcb3d6602d42","sha256":"a86249e62ce50728af5c060dc3ad6663a87fa3baa3c6b8dfadf36ba45d38a01b","sha512":"36a55aa1bef580391be1fc6166c388a38578a11a5524cb0e9ee5e91f426a8b91bec3c9eb801f33a048a9c4bf71a24f9647fe80aa585ae4157743d8686056a6a1","ssdeep":"","tlshash":"06f0b78f3b1039bdf684023901193872a1b083895362fc5a2a39d02107451b0c0a4321","first_seen":"2025-10-07T13:13:54.958869Z","last_seen":"2026-03-29T08:51:51.194774Z","times_seen":8,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":56,"dns":206,"connect":9,"send":0,"wait":8,"receive":1,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/pixel/sbs?c=1","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:09.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"directlycascade.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Sep 2025 11:12:27 GMT","end":"Tue, 09 Dec 2025 11:12:26 GMT"},"fingerprint":{"sha1":"76:17:4A:20:73:64:94:52:3B:6A:50:E2:7C:F7:F5:73:52:38:47:A4","sha256":"66:CD:95:7F:5E:D7:56:27:7A:6F:3B:80:CB:84:DC:89:A0:F0:BB:44:49:55:B4:81:76:24:2E:38:E3:FC:78:29"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: directlycascade.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[6220621]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 08 Oct 2025 10:27:09 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: directlycascade.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/bootstrap-3.3.5/glyphicons/glyphicons_halflings/css/halflings.css","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/themes/wp-movies-theme-1.0.23/assets/bootstrap-3.3.5/glyphicons/glyphicons_halflings/css/halflings.css HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KbgCRyWbrxRsx4mjg9jFyBTp1gL%2FVd0fMRwZ31zT3az15eEO8tS4a3vTUX7yxnV3IyGficpL5scVLpTB%2B7BE4yb45hbgZoGF9UvhzLmibZro4X3lZVJdroE%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1926a921a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22094,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (21991)","md5":"3970feaa350975c485086ecaa8ed3ea0","sha1":"3353b5e5fbf5105b7467b9652d8529c4ad5b5744","sha256":"525d33655ff6efdbdcd1ef225af024bad61b73965b1e2153298b9203cb598021","sha512":"afe40210c69513e6ecf8e5a1434fb93d9c0d7ff9ecc5a68d8637e9326a8c964f29cbff2406cc71f489e78a36930343e823fae73cb9006e641ebbbb49638f8bf3","ssdeep":"192:HulFEJmi5ZneiXfvCWWBpZceexoYCabbnnjj+QyMdVmG+aSOcZv4/ytp:Ol635BeiXfvCW0Zdyc1r","tlshash":"6ba211dc748514dab727c629da92235d90e7a3d0c9323f29e43e6eac27d13988067d73","first_seen":"2025-10-07T13:13:54.77634Z","last_seen":"2026-03-29T08:51:51.102754Z","times_seen":11,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/3/9/the-last-bridesmaid-593599-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/3/9/the-last-bridesmaid-593599-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JdypMBI9yTgglsQuahkUyke3O3GQyCXBqDRSce9YFnHxHshP1b9L2KBnjZ%2F9S29%2FWHWmdx6a398eFS2kmpswc%2FSlu2STmEvdbiyvcjQgRxpSbrfSQp9s4oA%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1933b511a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11676,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x221, components 3","md5":"169b3257058ead5e3c692dfef7f11e74","sha1":"1c64fe926b5fc8fafe9ffcfc32cd7e80f588d4c4","sha256":"047042712cea545b0402a6630a796dddcd4ea3dcf7ec714975785bae8fbcaa12","sha512":"3a25a3447c944fe652d77672c5428ec8693288daf7aa2f415f86a9c4a72277242b72cc4af7800bf28afc24f92f276a798e850399a32449ac0c38b38e091a1277","ssdeep":"192:McjjPX3vbaezDeo9hiFxTStHQQIvCyMzsWA8+dkGtMSTuDG0B03AFNf/l:JnPHz5DL9UswQI0zsWqd1SMyG/Qzl","tlshash":"0c32bf145abf29addd883c3406ec6ec20955ab9971052f7234a0c477d93b3e61ce43ea","first_seen":"2025-10-07T13:13:54.861493Z","last_seen":"2026-03-29T08:51:51.220405Z","times_seen":8,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":184,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/03/d/6/five-feet-apart-584755-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/03/d/6/five-feet-apart-584755-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0kwiIZBMKC%2BLP%2BK0p%2F3ZzzURH0cfJ2BPsPPcDDOE19uRw2XnDXRyTtN%2BZCfGPo575n6xLZHazHx9nFZYPVpay%2BkmLuOD8yMGrrz6y%2Fe8zsin5mNkPRQJ7YM%3D\"}]}\r\ncf-cache-status: BYPASS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1936b671a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":206,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"47e655a40d6414e2e20fb7200ebbb7d5","sha1":"f44ae996e01976eae4466ad0f261fa20ee051631","sha256":"09362f9ae36eee33a1f619f0af1a68d29d7d57d85fe34fc766566c8625c306d3","sha512":"e847ff20884dcd3ceb57028993d9263f98191a241d8f308aa01f080b6a243e84a56b8104834c78e6092010610ab53e9ab8e42989326a78e281bbbffa122e4b8e","ssdeep":"","tlshash":"9bd012e739413d6dd4e3717d28836a98f29595dc10f8651045e11f6332cb2966bc3b13","first_seen":"2023-09-14T05:49:03Z","last_seen":"2026-06-10T02:02:14.288053Z","times_seen":792,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":140,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.372Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"directlycascade.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Sep 2025 11:12:27 GMT","end":"Tue, 09 Dec 2025 11:12:26 GMT"},"fingerprint":{"sha1":"76:17:4A:20:73:64:94:52:3B:6A:50:E2:7C:F7:F5:73:52:38:47:A4","sha256":"66:CD:95:7F:5E:D7:56:27:7A:6F:3B:80:CB:84:DC:89:A0:F0:BB:44:49:55:B4:81:76:24:2E:38:E3:FC:78:29"}}},"request":{"raw":"GET /a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js HTTP/1.1\r\nHost: directlycascade.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 08 Oct 2025 10:27:05 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 29955\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: directlycascade.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 8c3ffd7f9739ec1c779e37eea9eb215c\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":76517,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4d37e1e711fcea9e77eec4470ab5de6f","sha1":"e388ea690b6c20986d4c7c0a7a8cece16a5f4f26","sha256":"49295daae8e878850b299a494c57723c7049317f2c8e733d69876ace64876b42","sha512":"ab058dc3412ed1e375a91253a332bd8fe9dba909d0b0f53b157efedb600320c529fe25b5d9a2976d76cb874ab083e372c27e35bbd33fa6130a995c8245544ac0","ssdeep":"1536:ic4Bys1/N5gpvcZFr378CgGJWH1EaTmj2waOa:gmvcLkGJWH1ECmab","tlshash":"e073d9883f96b0a403a2b4b3261fd50ee13a4d52658cf4d8db1794d8ed6cf1bfa39914","first_seen":"2025-10-08T09:48:12.74485Z","last_seen":"2025-10-13T05:04:12.549137Z","times_seen":15,"resource_available":true,"data":null}},"time_used":638,"timings":{"blocked":60,"dns":15,"connect":183,"send":0,"wait":96,"receive":93,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:300,400,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"54:09:EF:2E:96:03:5C:86:DF:F0:DA:AC:A6:7A:0D:35:49:4E:68:90","sha256":"0E:84:83:07:1D:C1:46:17:EB:EA:2F:15:CE:88:56:D2:FF:9E:AE:31:D2:C3:FC:DA:00:24:46:48:43:CD:11:1F"}}},"request":{"raw":"GET /css?family=Roboto:300,400,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 08 Oct 2025 10:27:08 GMT\r\ndate: Wed, 08 Oct 2025 10:27:08 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"a90fc2bf15e304ef3fa4e7f75b6a8608","sha1":"0f8c2853b49a7c206d75af99117482d80a60f869","sha256":"6e10be4b6befecf6f3d1ae34b727939e6da334a1f2d815fd325ba9c455520772","sha512":"0d1a14e11c436dadf51cc489592867eaff3cae2c4a95748d2a25614c984560ad3588fb95e2aaafd4060d4954594951d09e71ab36e9859fb8590198811f156fc4","ssdeep":"384:pwf5wgwPwrwyUw/qY4+w4wYwpwfMw1wWw6wyhw/qY4XwNwtw4wfdwkwDw3wyQw/P:pc70afUQRptmJKBLfhQE8YTYHw+fQQVl","tlshash":"b472ed91041700009b835ce223cebf35fe5f92117141d0b9abfd9b6badcbc6652693ad","first_seen":"2025-09-08T23:24:40.129975Z","last_seen":"2025-11-18T23:33:55.863403Z","times_seen":3582,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/8/7/wretch-593383-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/8/7/wretch-593383-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WtcsaKg9RaK5YFL2oLzpzP%2F9mWJcq8MrwN1ctZOskffYMmV59SCCpDNvWFc0o1jLyzVCWaJEq7Rs%2FW0zPMYnD2q9iTuHuZwn1%2BVSFOg%2Be5iSYAjQ%2FkXc24Y%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1938b801a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6333,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"99b18c4ca57b756f754b71f8e2a71d7e","sha1":"9abe6a9ac88b48577c5e19bfb062df0afb141d7d","sha256":"85502e4b3b1c304cfc5148c3648a8babfee82eea0704b24fff9841b987e64185","sha512":"5b6ebfede135ef62014e9eca5e8f88e007df5a65ef29c6a1dbaa13dbb7c58bd0933b10a34e92e13356efb3b58482b1b796bc9d9c8a03f46d00548e7b19020f32","ssdeep":"192:M1iWq1c0qss40JcYuIueQcDVgs4k49R7Dl7Re:RtqIicYuInDVgnNBRe","tlshash":"2ed19d2d8192dc77f9a98cb5aa5093092340b2a06ad8837b41bfc9a07e580f87d1720f","first_seen":"2025-10-07T13:13:54.86619Z","last_seen":"2026-03-29T08:51:51.22123Z","times_seen":8,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2017/08/avatar1503969256.png","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.139Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2017/08/avatar1503969256.png HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/png\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XyMUUsbc0w%2F3a1RB1%2BTemA0R0gmd4hwWxQLwaABoBbX4fCWtwgtFzSdOpDoEb59OQGYxRQAPwcoMO5XI4%2FVtyrdPS5IFIq5DJL6H3y7uTKun03QKf1Gv81w%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f193ebef1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":76418,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 255 x 255, 8-bit/color RGB, non-interlaced","md5":"3f10090011dc7fb2f9e48ca956b093c4","sha1":"9bbb2772ac03d7d6035970de1677da4972fa44a7","sha256":"11fc885759f2b681b404427cc1a166b021ac8f88b63976a7c0d2b69bc9cff5a8","sha512":"524e9101e6f7a03af2e54e3299e7f43ab52ca737053e372a204867df884507818cc9a8d8c6c3862ca40ac5c7e67307b27ad4b23e215f3771a7fb4ae470c24aaf","ssdeep":"1536:WppH8oyatYxQlAPkClljxJqNWambtA7UgZ7slQS6Om:WLHL5tIHnllOGGIAI6Om","tlshash":"8b730265e538979c38777aed14041ad9f8e65c324a8b31ab2812fc72a0f1d9fe469cc4","first_seen":"2025-10-07T13:13:54.929793Z","last_seen":"2026-03-29T08:51:51.201275Z","times_seen":9,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/js/modernizr.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/themes/wp-movies-theme-1.0.23/assets/js/modernizr.js HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=piKGsJNOKV%2B5c6uVdomfVwylGKvvr5KZ%2FSs7pv5blxqm67qtHYuxrARX9NTMllLX%2BHKhQOWN5ANOS1G%2BkuSCUmKgvbcIXNCOu0TW2t%2BepyrcBxqmVvunvoc%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1943c031a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5351,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5351), with no line terminators","md5":"3c59439b57abc8dba214cb8da9d0d8a0","sha1":"8f9565a5a59e99a46a34e17e5961b153fc1b9e21","sha256":"04f82722e68a5c02ccf55c02cce55da9492b15d1b76f5af1de52a97c422661b6","sha512":"02c635488720ba370097157b7233340df121b24c14e3fe778214cf4f1e5ac8c5dc831047eef8ff18db5ce140946e93a3c818426f2ad3804cc6c3a186fb139896","ssdeep":"96:ZuCpr7lkbYX8I18ivfCB8QGQ1CrulTOXPaJJccTMSeqdq9HVeMfXlY:JlkbK8qvKHv1OGaSJJzASeIUHVhi","tlshash":"f1b188c971a2f256879b1177143f9247f274957965184c60d089c8bcbd70cb4867bf3c","first_seen":"2024-08-19T18:51:12.936378Z","last_seen":"2026-03-29T08:51:51.10735Z","times_seen":14,"resource_available":true,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/sbar.json?key=a286902791a7f4c98bcb1e812322cd78\u0026uuid=d0e23d3a-c16f-461f-921d-bff10a6a9e6e%3A3%3A1","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:07.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 21:51:40 GMT","end":"Thu, 01 Jan 2026 21:51:39 GMT"},"fingerprint":{"sha1":"AC:0E:0A:1C:AA:E5:DB:3D:5E:08:F6:26:F1:1D:98:65:42:D8:4F:97","sha256":"24:D8:C8:0C:EB:CB:B6:51:7E:D6:F0:16:2A:4D:4C:93:AF:30:D4:E9:B0:FF:9D:5C:C7:9E:8F:A5:CE:E2:1A:E1"}}},"request":{"raw":"GET /sbar.json?key=a286902791a7f4c98bcb1e812322cd78\u0026uuid=d0e23d3a-c16f-461f-921d-bff10a6a9e6e%3A3%3A1 HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 08 Oct 2025 10:27:07 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4128\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://streamdreams.dirproxy.dev\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=d0e23d3a-c16f-461f-921d-bff10a6a9e6e:3:1; expires=Wed, 15 Oct 2025 10:27:07 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Thu, 09 Oct 2025 10:27:07 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Thu, 09 Oct 2025 10:27:07 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Thu, 09 Oct 2025 10:27:07 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Thu, 09 Oct 2025 10:27:07 GMT; path=/; secure; SameSite=None\nu_pl15816950=1; expires=Thu, 09 Oct 2025 10:27:07 GMT; path=/; secure; SameSite=None\nsleca286902791a7f4c98bcb1e812322cd78=[6220621]; expires=Wed, 08 Oct 2025 10:27:12 GMT; path=/; secure; SameSite=None\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: df27d70cd76c0a906a0b910a220f22b0\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5802,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"a30698d115b15b8bd22e4c0e115a7e24","sha1":"8527c33324695428ea975806c1d1135abef0476c","sha256":"3e281f58ba1230e795edd090404877be5b35ab3e29a61bb276f8948c4ee20de1","sha512":"4de64a9a5dfd3ed7c9df6293cadc9e6bd836f179fa2c042943b90a4fb2be9f7ab18ae79a66f74c999c5fbec058473707a40bc0435289f8d098a84b277456c364","ssdeep":"96:9znAPiMOSuMcEvkMrOlH3IW75g6JjsO+8iRcef5WUcTyLE/+YSGs8U3orLV:9zuiMplcEvkp4IXJ1ARcefgyLpYS+V","tlshash":"afc18d7f16dadb4d4507efa8184b7cf88d962c3ee4a88a91dca606dc70d40501a0e13d","first_seen":"2025-10-08T10:27:40.384742Z","last_seen":"2025-10-08T10:27:40.384742Z","times_seen":1,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":306,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/4/1/no-surrender-593581-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/4/1/no-surrender-593581-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3gIWBL3P2heZ7szslWjaqgHZCFmVhu641crbzufMHUou5JpUsd3HNHSApQxURTXCYtX10YFtzPQYRJ6jqzyBUfwBzM0JRVCmzXqwxZMKP35rru6wSy4yrzc%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1934b571a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10847,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x221, components 3","md5":"c451baf17e2841dbd1472470399d3ae0","sha1":"33c9223b4eebf6d246581ca5a829d65bb613de1a","sha256":"7184108536c08ff17ff6b8d1ef2b6a0238730da510632e351133dc5c07f10c98","sha512":"2cae0d40375e62e4064d69a7eb318ae7e13ec8f27e534d871c95353f3f6dab3c603009e2c064189da19b652e92c4fbcdf753d9539d236025c5080b2c0860c7d0","ssdeep":"192:MgMxxnjSLHhMemb7sYXa2HO0w9g6bPpJfTb8vGtOA5:oxxjSrmbLHHO0w9J18viF5","tlshash":"0f229d6973dab00af0e96f3c090ddb6149c799e3fb66bf1351a1efa884085c62d78485","first_seen":"2025-10-07T13:13:54.790938Z","last_seen":"2026-03-29T08:51:51.200326Z","times_seen":8,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/cdn-cgi/challenge-platform/h/b/jsd/r/0.06637939035015433:1759915304:7VssDncs1whSN3TGNmsPjM8jIPQllEo5GrjiS9nTVmA/98b4f18ea89a568a","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:07.360Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/jsd/r/0.06637939035015433:1759915304:7VssDncs1whSN3TGNmsPjM8jIPQllEo5GrjiS9nTVmA/98b4f18ea89a568a HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 12111\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nCookie: PHPSESSID=ffki957an88r45irtce9n3sotl; dom3ic8zudi28v8lr6fgphwffqoz0j6c=1745697a-7a84-4ec8-a970-36191885505c%3A2%3A1; sb_main_a286902791a7f4c98bcb1e812322cd78=1; sb_count_a286902791a7f4c98bcb1e812322cd78=1; sb_main_a032b4d33c8aea68a4f9b84235614bff=1; sb_count_a032b4d33c8aea68a4f9b84235614bff=2; pp_main_2200540f09f939738419313a1a090c32=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/plain; charset=UTF-8\r\ndate: Wed, 08 Oct 2025 10:27:07 GMT\r\ncontent-length: 0\r\nset-cookie: cf_clearance=MkXyfpEjGapPFsef0CJJaw.Rwv2Qfa5WxIBWBNvpAGY-1759919227-1.2.1.1-1DicwaxqgBPOwCdQVkxf8T.I76pDJ1aj7.FM8G4mwOwtNcJFuqdktzr8djdvWDqJrUoOy2BqQPIqmGNc0rrDJHWiI1bm0a.U2Ive6dwhPGeQvkN9TvUJ6l.q71bjGyqOvWbBTl8ANMvoJHkGrsLcQe6M.k9baLOPmU1553DlOALRrJy1nB1Rg6fTN7yDGrH97yufKn8DRh.9tVR_dyipYlDjrFBopxN2Xi9oW7yG6dA; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=dirproxy.dev; Expires=Thu, 08 Oct 2026 10:27:07 GMT\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncf-ray: 98b4f1a30e7d1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fnotifications%2Fios%2Fnew%2F2%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=581","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:09.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fnotifications%2Fios%2Fnew%2F2%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=581 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 08 Oct 2025 10:27:09 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":164,"timings":{"blocked":58,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/js/responsive-paginate.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/themes/wp-movies-theme-1.0.23/assets/js/responsive-paginate.js HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tRN%2FfYO11tp1LP%2Fvv4L7jJBhbZzE6dFJIOhWuIyAbyaz0EvZu16%2F%2FHMPAWnCDnfVgVmywnFfOgsBLprDRYeHiPP1hQnVW1MkTfA5D%2Bvp2K9OIBJTf8nCtcs%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1944c061a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3049,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"a0bc9051193b18cdcc3b139b8d144a5b","sha1":"17f248cf169fca426d055641fa5415dfc4efb6e6","sha256":"e37e5bf7b94631fb9870bf48be68c71fdad0f4593f258555e41703364dc574a7","sha512":"6c4972b87e242eb6952235d17599166a05075218ebdd5446e8e70abd50937e60e3f475cd2bad92248be75984b79f8864e1993e57d4bae9a53985e2864ce84011","ssdeep":"","tlshash":"905175593a05a378e4f680bd002f2f54e7bbaf15460dd68df909c0aa78f8c85452ef75","first_seen":"2025-10-07T13:13:54.953693Z","last_seen":"2026-03-29T08:51:51.166539Z","times_seen":11,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/style.css","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/themes/wp-movies-theme-1.0.23/style.css HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ocsMZCJG3bEBEitKaxQR%2FFNgFQUfdaEVciTyKsRAwp%2FBuu4YmGyys0j%2FbdDA1fcn0U2UgzRfCOkk1f561XYM0AxDhvcw%2BNAnjDO7fUSlSvfkrIfVpUvt1CA%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1927a971a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10021,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (10021), with no line terminators","md5":"28f0eb8393c75d1efbbbec868bbb04ac","sha1":"5894b2f060f9269e2f30e6e6aa3ba75f99c86859","sha256":"a1f3c0d2d8ecc367cc123812bd50cb0764a05cff6c79f36bfe73cacebcbef566","sha512":"accb44a3f353d6c73841ef8075309c46c79448e8e17d0b4ec6d99488229365471cc3d22dccf1e4b13cd89340d7e9f4570406dca2bf19401d8256e8aeecaf02d9","ssdeep":"192:qLZ9BaH50+Ntqpzh3kNkmAmfRU+Ykoxcd2lXH:gZ9eapkNPol3","tlshash":"2f22c832b6c4202e792bc563f5c12ad97031c51be53a59bee691f930e5c36f2123279d","first_seen":"2025-10-07T13:13:54.690389Z","last_seen":"2026-03-29T08:51:51.133415Z","times_seen":11,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":184,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/0/1/care-593588-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/0/1/care-593588-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cQt1J6h%2Bz2O6E1C3n9ZNaPyJt01WAeYqyQBKdSy8q7D7m9vN1DQSq958OL%2BIToeOT95pvNKdXrdpuleri32GQ3nnqjv5nTSoVK9BD8zL%2Bozb6Fi%2BnpiCr0k%3D\"}]}\r\ncf-cache-status: BYPASS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1934b561a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":206,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"47e655a40d6414e2e20fb7200ebbb7d5","sha1":"f44ae996e01976eae4466ad0f261fa20ee051631","sha256":"09362f9ae36eee33a1f619f0af1a68d29d7d57d85fe34fc766566c8625c306d3","sha512":"e847ff20884dcd3ceb57028993d9263f98191a241d8f308aa01f080b6a243e84a56b8104834c78e6092010610ab53e9ab8e42989326a78e281bbbffa122e4b8e","ssdeep":"","tlshash":"9bd012e739413d6dd4e3717d28836a98f29595dc10f8651045e11f6332cb2966bc3b13","first_seen":"2023-09-14T05:49:03Z","last_seen":"2026-06-10T02:02:14.288053Z","times_seen":792,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/js/rating2.js?ver=1","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/themes/wp-movies-theme-1.0.23/assets/js/rating2.js?ver=1 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FDVnh4x1DUX6gvk38mgZLd09H8iejlCeCyLMK925xtof0GGM9ooi5FrzKtiSmYMBzaQ8mbcy07SwAkBCjhUaeyQEv56Lfcep2blhXZ7mJVjtwJbYyhaKsmI%3D\"}]}\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1943bff1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":206,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"47e655a40d6414e2e20fb7200ebbb7d5","sha1":"f44ae996e01976eae4466ad0f261fa20ee051631","sha256":"09362f9ae36eee33a1f619f0af1a68d29d7d57d85fe34fc766566c8625c306d3","sha512":"e847ff20884dcd3ceb57028993d9263f98191a241d8f308aa01f080b6a243e84a56b8104834c78e6092010610ab53e9ab8e42989326a78e281bbbffa122e4b8e","ssdeep":"","tlshash":"9bd012e739413d6dd4e3717d28836a98f29595dc10f8651045e11f6332cb2966bc3b13","first_seen":"2023-09-14T05:49:03Z","last_seen":"2026-06-10T02:02:14.288053Z","times_seen":792,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":140,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"F3:C7:68:20:2E:52:7F:61:4B:43:46:72:CB:A9:29:91:40:A0:5A:96","sha256":"1A:0B:E2:45:70:7A:DB:88:E8:4C:4E:DF:ED:F5:08:2F:2B:2A:CA:33:09:72:DC:80:8B:D2:7B:C6:48:3D:CA:D1"}}},"request":{"raw":"GET /s/roboto/v49/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 20612\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Oct 2025 12:47:39 GMT\r\nexpires: Fri, 02 Oct 2026 12:47:39 GMT\r\ncache-control: public, max-age=31536000\r\nage: 509967\r\nlast-modified: Mon, 08 Sep 2025 18:08:15 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20612,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20612, version 1.0","md5":"b07da7aa3e4f363c5cdbc11312239e8c","sha1":"47bf5b2f24ea4a4caafccc89b9d2a6677ef9e3b8","sha256":"e44c11f4834bdd4d6b6da7b8ee5eaebc8acb41250cd6bce5cc82ea8262140eaa","sha512":"420729406b315d8af34b62b78f39e763f5cf33cbf94467457b393fde0573dd7ffc6a23f25680988f9b82a4a3b719876ff76f3e1db047ce82615f544fc3a82532","ssdeep":"384:k5Eu+yl5Y9RpwjjmD/8Qu+POP9w+oB7rezldH9W4EMs8qCr9WvS80M8T4PTEXPFw:YEu+/Jw3FF+WP9DC/ez79jcCrb8BK4Eq","tlshash":"8192df6bce71497ac711262c773917addb8b44f627f91f2ba0562411c7b8e015c2cc7a","first_seen":"2025-01-09T06:25:34.419113Z","last_seen":"2026-06-11T01:49:27.073907Z","times_seen":47029,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":141,"dns":1,"connect":7,"send":0,"wait":8,"receive":3,"ssl":143},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/c/d/madhouse-mecca-593585-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/c/d/madhouse-mecca-593585-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fRct5%2BiHgLXjlYfHuq9Bw07StZnKH5fzmMvGZVzKdmJ5ZJKmntMnchEPB93jWKeqDMAQ7beOu%2ByATxHl8NH%2FAcOrXq80iTlea6ByZgbjQqqQIqNbAW6RdZg%3D\"}]}\r\ncf-cache-status: BYPASS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1934b551a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":206,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"47e655a40d6414e2e20fb7200ebbb7d5","sha1":"f44ae996e01976eae4466ad0f261fa20ee051631","sha256":"09362f9ae36eee33a1f619f0af1a68d29d7d57d85fe34fc766566c8625c306d3","sha512":"e847ff20884dcd3ceb57028993d9263f98191a241d8f308aa01f080b6a243e84a56b8104834c78e6092010610ab53e9ab8e42989326a78e281bbbffa122e4b8e","ssdeep":"","tlshash":"9bd012e739413d6dd4e3717d28836a98f29595dc10f8651045e11f6332cb2966bc3b13","first_seen":"2023-09-14T05:49:03Z","last_seen":"2026-06-10T02:02:14.288053Z","times_seen":792,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/wp-movies/js/common.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/wp-movies/js/common.js HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N%2BEvoYteRaWY%2BvaY46vrvLjZIIThkgzsRCT9Iv8w20T1dBlY3bx1Kc4%2FlHtY%2B7xQaD4Sidqwi5zU8jns9v%2B0SwAhBqV4lVpUAa1L%2BKWiqAqiHz7AOQhkR%2Fw%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1943c021a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4425,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1619)","md5":"60815785ae931c55e4896529d88d6eb9","sha1":"c06471c09a857d04d2df2182ec1e0a272dbf5232","sha256":"a874710db02e2f425060b222dbe5cc8a10070a32c09a23ab59f95f9072258e1c","sha512":"4a1f1199dbbba5b49569a5f4d292541efe7a5c908ce59264f84fb6075f85c3c4323ceeeb28c1617e030542cf5ab296236bdf39a6fd628679019366a791546307","ssdeep":"96:0VP0tCnRnlPHvvhbL9vODYveMXxac0O44oF:6fnRndHvvhbLgMhXv0O44oF","tlshash":"3f91936e7187145b88e32df72daf3017e87a5e140a1ce4f4da00d9aa2a74549da3bf0d","first_seen":"2025-10-07T13:13:54.864407Z","last_seen":"2026-03-29T08:51:51.152236Z","times_seen":11,"resource_available":true,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/notifications/ios/new/2/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/notifications/ios/new/2/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:09 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:44 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2tRpqu8VdzgthyH%2Bq6JIyHyFHl0SpQAiGuGG72mqmL9spgVgrKgbaDf7%2FnWxPOMPYVjQR9qMImu4a2sPXRg1gfAKCH8erPgX5MOwP9WvzkE%3D\"}]}\r\ncf-cache-status: MISS\r\netag: W/\"65aa8500-192\"\r\ncontent-encoding: br\r\ncf-ray: 98b4f1ab8dfdc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":402,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"6c79c4a8192bda9f7e048ade9b899624","sha1":"92b56f253a3a9712d3ab229aec1e59dfe74aca68","sha256":"befe2cddc27c0ec91a024958231f8697375844a2ffe9be6ae810ebcfaa476a20","sha512":"e068277cb5dbef5449a37ea61f7364cbff38050795efbdbd47891d1bb36879cf2627254afb2e3cdaca205e52a52ea0797a6d25f55969a41c2fda80c1f8ede407","ssdeep":"","tlshash":"01e023346168517497b7d291628f5bdf2630425fd006065db02c574e1de1f7612d1d57","first_seen":"2025-10-06T11:07:14.967456Z","last_seen":"2025-10-08T18:42:08.272196Z","times_seen":76,"resource_available":false,"data":null}},"time_used":498,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":497,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/6b/5f/51/6b5f51f516fbeb6fcb6762310652834310c8a10f56526b3997ddeed95180cb53.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.895Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/6b/5f/51/6b5f51f516fbeb6fcb6762310652834310c8a10f56526b3997ddeed95180cb53.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 6475\r\nserver: nginx/1.21.6\r\nlast-modified: Mon, 06 Oct 2025 08:30:05 GMT\r\netag: \"68e37e0d-194b\"\r\nexpires: Fri, 10 Oct 2025 10:27:08 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6475,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3","md5":"44505b65168e9ab56e91b273890c789f","sha1":"73e328c8e9abdd15f2978bffe76724c0965e66c4","sha256":"ba66f0725153ff5802f1b1f88393dc249e7c10d97c6f20cb5c13c679a097bce3","sha512":"ffab1c2c7520c0b3e7925ad4fc95a955d2c15da95460a1cf6175f4ec5a9f4ac62c4e5270aa60f1b835bf5f36d42cbb7e8c55c1917b5eb253646e8432362cc47d","ssdeep":"192:9wAfvDCqw3yImM+8+3C31PdjznOk0Uj1LZcnXhzJvRNqaQ:9wAfrCqwivMMC31PBKdUj1GnxzTNBQ","tlshash":"22d18e3b967b315ed82a1b3c5910477cf12e23233aca1a35c6f326ed81d0889891eb52","first_seen":"2025-10-06T11:07:14.969548Z","last_seen":"2025-10-08T18:42:08.188656Z","times_seen":83,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":0,"dns":0,"connect":22,"send":0,"wait":31,"receive":1,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/0/1/care-593588-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/0/1/care-593588-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3ch8xSND4XRnkI4MjjX31YkFGfN1vClG2q5CKkdyrmj0MJ%2BvCjYab%2FZGZ2nG2NXGLckkk5XcyB1jQUPr7eHl0DPOVx6jQZ%2FXffp3NKQp7IMObfk%2BJ22J9iQ%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f199fd5b1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8834,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"cf76bd60e4d3127caea0a3d6bc21f0f6","sha1":"5fdc092da199d47fecea43df8ade36747bfbce4a","sha256":"5693592c39161f5f900ac63f40f9df815be1654a20f1a04b47a9c4ffd268aafc","sha512":"29cf16f7f664b7ccc1fe789330a205762b01041c9960b9e8a9928380d0c90c2b3b7a9df54e01f9b6c572906ad315a5f690e0b83ad9fc063bfcebc36d6c1c9419","ssdeep":"192:MGuzJ08Xm18VNmqHTfibi2xnX13a3bfnVfeA/PRnd0JXC1fK40+J:ONtXm1gmeJCVarfnnHT4Xz2","tlshash":"3402ae6cbaa235b5aa232e321b3f3dfa0755e6943c5dcd4ee176c30826b05c95f93049","first_seen":"2025-10-07T13:13:54.894903Z","last_seen":"2026-03-29T08:51:51.238789Z","times_seen":8,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.583Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 08 Oct 2025 10:27:06 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 8bb10e0911f56733c0db08473d62e976\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":127,"timings":{"blocked":19,"dns":1,"connect":18,"send":0,"wait":24,"receive":21,"ssl":41},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/notifications/ios/new/2/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/notifications/ios/new/2/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:09 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:44 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HqKSLZgH1c0r7e923N88SHSFFC66U1jEUvqohtRCZ3iImFiG2BlZaFncQzgzahZMJzgHRE7uDF0IBM036fWgbLQaQ5p%2FXB0NvQIcIQUq6qk%3D\"}]}\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"65aa8500-192\"\r\ncontent-encoding: br\r\ncf-ray: 98b4f1abbe82c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":402,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"6c79c4a8192bda9f7e048ade9b899624","sha1":"92b56f253a3a9712d3ab229aec1e59dfe74aca68","sha256":"befe2cddc27c0ec91a024958231f8697375844a2ffe9be6ae810ebcfaa476a20","sha512":"e068277cb5dbef5449a37ea61f7364cbff38050795efbdbd47891d1bb36879cf2627254afb2e3cdaca205e52a52ea0797a6d25f55969a41c2fda80c1f8ede407","ssdeep":"","tlshash":"01e023346168517497b7d291628f5bdf2630425fd006065db02c574e1de1f7612d1d57","first_seen":"2025-10-06T11:07:14.967456Z","last_seen":"2025-10-08T18:42:08.272196Z","times_seen":76,"resource_available":false,"data":null}},"time_used":592,"timings":{"blocked":71,"dns":6,"connect":6,"send":0,"wait":472,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/6b/5f/51/6b5f51f516fbeb6fcb6762310652834310c8a10f56526b3997ddeed95180cb53.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/6b/5f/51/6b5f51f516fbeb6fcb6762310652834310c8a10f56526b3997ddeed95180cb53.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 6475\r\nserver: nginx/1.21.6\r\nlast-modified: Mon, 06 Oct 2025 08:30:05 GMT\r\netag: \"68e37e0d-194b\"\r\nexpires: Fri, 10 Oct 2025 10:27:08 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6475,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3","md5":"44505b65168e9ab56e91b273890c789f","sha1":"73e328c8e9abdd15f2978bffe76724c0965e66c4","sha256":"ba66f0725153ff5802f1b1f88393dc249e7c10d97c6f20cb5c13c679a097bce3","sha512":"ffab1c2c7520c0b3e7925ad4fc95a955d2c15da95460a1cf6175f4ec5a9f4ac62c4e5270aa60f1b835bf5f36d42cbb7e8c55c1917b5eb253646e8432362cc47d","ssdeep":"192:9wAfvDCqw3yImM+8+3C31PdjznOk0Uj1LZcnXhzJvRNqaQ:9wAfrCqwivMMC31PBKdUj1GnxzTNBQ","tlshash":"22d18e3b967b315ed82a1b3c5910477cf12e23233aca1a35c6f326ed81d0889891eb52","first_seen":"2025-10-06T11:07:14.969548Z","last_seen":"2025-10-08T18:42:08.188656Z","times_seen":83,"resource_available":false,"data":null}},"time_used":139,"timings":{"blocked":45,"dns":22,"connect":19,"send":0,"wait":20,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fnotifications%2Fios%2Fnew%2F2%2Fcss%2Fstyle.css\u0026l=4676\u0026fd=519","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:09.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fnotifications%2Fios%2Fnew%2F2%2Fcss%2Fstyle.css\u0026l=4676\u0026fd=519 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 08 Oct 2025 10:27:09 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/2/e/the-white-crow-593712-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.958Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/2/e/the-white-crow-593712-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Gyuh8Sh4iSAK1pkFlTMQvwDZ82yCQXuqRHjfXF8xzUrFoHiF%2FRFRf5gZK346TBTbBL%2BJa6iFchCHV2PSQa7rReNQqsnxbfFm%2Bhhi4D9v%2Fq4Zt6XUi5vrZ1U%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1933b3e1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7055,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"7bcd0ba0982d4c228d9b58b4de377caa","sha1":"12ba9f7fa5439517286b797c870592f5abe101cf","sha256":"a82f0a6f052015d74fdf8913061688cf22daaac3b5da4b1cea1388e41f5bcea6","sha512":"f82ec6bedad10cc52bf97ae00029a5597ec22b9ff90bfd985a043dc204928e0433aeda43e5b734c488c5d86700da75a4eeaa4bac2fbdfd5322478bed0b9695a3","ssdeep":"192:MxLLJ3xl5UbB5IOntJ3j58L+mV8EkVT8KG0wCHTb3W:QQ0OXhQ9GpGlCHPm","tlshash":"0be1ae068cc0501184c11dee506745656f07abe089c72bba8cfae59fa40a2dfa3464ff","first_seen":"2025-10-07T13:13:54.97343Z","last_seen":"2026-03-29T08:51:51.230445Z","times_seen":8,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/2/b/acceptable-damage-593591-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/2/b/acceptable-damage-593591-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Yf2MBKCNB9BSFzHJ7Xd6INKYYmwXUuzGiKXBTzF1GwfdGdqHJ188s0T8r3KcaEJS5GrMFq1Sz%2FSJqHaB2sIltUcijGa%2BlSEd8ZZNV0qumb83GGJge3zXKqw%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1933b521a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9475,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"480a5008d23b93e3a4ba908bd7b50007","sha1":"0e35aace2455baaad8bb1c4b5f6fd80f92892a92","sha256":"f741fccd1dc8741e37406de15e4c25bb0f3dee565e12683ad9a722b65aa61911","sha512":"e04ae6bc3988b76f493c40081e9a32a2eb6ed2279e9f41cbf8c10a476697a76ec323df71ac710582a9181b49cb183254e23c312f70029083db82fd5491123783","ssdeep":"192:MoMyfdFhV7lqk5Nnn1mf63fKLJKUTEKtuNQaSjOEtq3oatm1E8sy7Zw8Zc:Wyj7lJ1mkytpAKySjOQ4d0q8smZRa","tlshash":"d412be263ad47070c04abe975291fb8c65e233b0e6b5c2e058f4c1b97877cc65fa7484","first_seen":"2025-10-07T13:13:54.805135Z","last_seen":"2026-03-29T08:51:51.104708Z","times_seen":8,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:400,700","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"54:09:EF:2E:96:03:5C:86:DF:F0:DA:AC:A6:7A:0D:35:49:4E:68:90","sha256":"0E:84:83:07:1D:C1:46:17:EB:EA:2F:15:CE:88:56:D2:FF:9E:AE:31:D2:C3:FC:DA:00:24:46:48:43:CD:11:1F"}}},"request":{"raw":"GET /css?family=Roboto:400,700 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 08 Oct 2025 10:27:05 GMT\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10774,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"f365932ccfe94966d848f97c8c825c1c","sha1":"4d711e2a7b63f52d289d6f026e39034e0e9a05cb","sha256":"ca422b117f2dff079a62b34442408c7e0d5e759f87ff60f5f8cd38ebcdf5e1f7","sha512":"df811f9da66fb4a3d633fea7e184b83fcc4da84c7cbfb022c2dfaabbedeec2d4b36f505a1b9a4a51052b9046805994e057aa139a0d53dd585c1cfeb4f8308df3","ssdeep":"192:cNwfsNwNNwKNwfWNw/q5NwDbqGIwV4DNwlNwuyNwoNwf1NwENwPNwfLNw/qgNwDx:qwfawDwwwkwyfw/qY45wLwrwmwf7wCwW","tlshash":"8f22fba108174000978358e223cebf30fe4f92507141d0b5abfd9b6bedcbca652693ad","first_seen":"2025-09-09T02:48:24.947221Z","last_seen":"2025-11-18T23:31:30.642875Z","times_seen":1067,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"52.57.8.161","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:06 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://streamdreams.dirproxy.dev\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=13319d04-cdad-4b95-aa15-04f1c0af3a65:3:1; expires=Sat, 06 Oct 2035 10:27:06 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"8ef34eb53e26a2bfcbdc585556c05b4c","sha1":"bd48155ae1240af5819b3f0039e686616a6ece89","sha256":"c7b6d6c032580ec38d4567065cc4588fca0c1f79168e419df77123d1d5aefe48","sha512":"de41f1ad2e1415cf869f04cd17e05f1b1975595684262924f3d0e5bc9abe759ffdd92bd14445dabb5ff0fa167e83cf24d4500a52b93deb2d094cfa7d1c7dbe76","ssdeep":"","tlshash":"9a9004d100c1d145c54140055c50c1c5400011cc177dfd510771d4111155c570ff4573","first_seen":"2025-10-08T10:27:40.395713Z","last_seen":"2025-10-08T10:27:40.395713Z","times_seen":1,"resource_available":false,"data":null}},"time_used":538,"timings":{"blocked":249,"dns":1,"connect":25,"send":0,"wait":21,"receive":0,"ssl":237},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/avatar1561159093.png","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/avatar1561159093.png HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/png\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=STo5BVMdLWnCgLSWyCEi%2Fi3LjyGm3tLutMVNs3emO47jv1VOrE0kkbLCy27ojcYtNncN7sUERZ578f%2FUWYsBerYG6xver%2FmcndegrvJgjKfroLkx4%2FL%2B18w%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f193ebe91a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36989,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGB, non-interlaced","md5":"1ad7c9f30772b73298897700405d065b","sha1":"dcfbc03709cefe16239a9e58361d66a8feccba6d","sha256":"6f804c0624d26e9b9f9524ad3569c95098cb9f2c2c5356ff41f23c64e2a6e1ef","sha512":"4b74310de9abc8396f532dd6fb04d3abec917713b0c498d34ce0dff3fb77537824b7e3b4b76bcd8d82b9080b081c51ada3e67b01a553757821238e1d8889d8e8","ssdeep":"768:VQVeaDYCjriSQVI5zO019mqiL/MGVIs0jKO+QpScF7/3:SVeo+SQVIBOg9qJy3jh1pRF73","tlshash":"2bf2f1c6fe57f27162cf239b21e210127a8c7723b321cd5387171a205b36ad592f096b","first_seen":"2025-10-07T13:13:54.773072Z","last_seen":"2026-03-29T08:51:51.175172Z","times_seen":10,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"F3:C7:68:20:2E:52:7F:61:4B:43:46:72:CB:A9:29:91:40:A0:5A:96","sha256":"1A:0B:E2:45:70:7A:DB:88:E8:4C:4E:DF:ED:F5:08:2F:2B:2A:CA:33:09:72:DC:80:8B:D2:7B:C6:48:3D:CA:D1"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 20408\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Oct 2025 12:57:40 GMT\r\nexpires: Fri, 02 Oct 2026 12:57:40 GMT\r\ncache-control: public, max-age=31536000\r\nage: 509366\r\nlast-modified: Mon, 08 Sep 2025 18:08:08 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20408,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20408, version 1.0","md5":"e8730678d4610fa908d3cba1ef0b4ddf","sha1":"1efcbee909ce74bf04878d74867f12a1e41ae7a4","sha256":"e921785496ed2d98c2257c88a6f838afa6acbee05cb8467048501bfe2a301461","sha512":"d7c3f81ad11ac5b3e6f454fbbb9be0940b3e8da93cde0b80f9a91a8259966be466b4d6a0fd5527fcc6c8f218aad8ffd0124bb29dfa08f6ca658ce49fe9e37e6c","ssdeep":"384:D+h1xN53scre+kLtT5+wpcR98ffVvdSMyNaHAUvLFNPBtn2aotFn9mTCAKDi055c:Ss/XRT5+wpM98ffxd6uZZRXnemWDj5WL","tlshash":"fa92d1cdfc0e5797a8e14ee93c0a7a4dd76f438af366a94b25e66122e67a55c040320c","first_seen":"2025-01-09T02:30:28.977279Z","last_seen":"2026-06-11T01:48:27.61156Z","times_seen":58695,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/e/0/nightmare-cinema-593400-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/e/0/nightmare-cinema-593400-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2AgNXSrZsqNseW59I%2F4ToQnJu6uZo48lDmYw%2FB8TXM0XXIZEMj8d4jeFWUAa3Nhfp1alTbuuOlGneJnuDAmZ1wkIPZ4YE3dE9VAFHQJ1wSuIC%2Fk7bKqjt8I%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1937b701a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9987,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"eddcbbc41103b9a0a5a18a3684c42e79","sha1":"00cbcb6e5916e94461b82595844e3948385145a7","sha256":"8af4ab5567734a900e2af0ed92dffd173984c0b19449213bbd5a8d7683bfaf8b","sha512":"63dd9b2a91a67bd1629634f2f1a8b73333ef0269790758d8e1045638f39a8fcbf340cc39cb65accd7949db6c6f91f4a42d5402f2b7953b624120e56123bcca04","ssdeep":"192:MxbBAxo474V9f0Xpbt45nPFpaZnb1fWjJfb6/eUoDaoa8pACka:INAO47TXpbtkPFQ9b1Ofb6mU0arCka","tlshash":"2322ae039f70c6a2cae83e2472745b097a91449d509a64acb3b3f7fc05652e788152f3","first_seen":"2025-10-07T13:13:55.015985Z","last_seen":"2026-03-29T08:51:51.103436Z","times_seen":8,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23%20-child/style.css?ver=5.2.2","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/themes/wp-movies-theme-1.0.23%20-child/style.css?ver=5.2.2 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qCp7AqDJut40X4Iz36d9MFbeF8q2%2BQK%2BX07%2BpDInxyzab2p55FMy0rOVpjJicJUVVyuqT%2BilsymOvIGVWQO1MVwaD5v9Wuk%2Fv3bfZS%2B2D9i9OPSWYt0V6SI%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1929aaa1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/e/2/edging-593380-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/e/2/edging-593380-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6aZSh0yHOhIiTp1oGsldSGehjy5m%2BJgrtOKQFsUnz17O%2F4v6N4yGeCauAwmlpnjAUnu%2F4jcIUriRl6X6yiVtbgJqQWZR9fmodAn9c%2BEzDBOdjB8gv%2Ff%2Fp78%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f193ab981a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9219,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"3a44f00f25ddc8d4ba5ea92bf7235419","sha1":"a250ccb925e70e2cd931fc8bc51b1d80d62fd2f7","sha256":"39724376a7e9cba34b6dd70d2ae292edd56e1071e3b5076e6e00b8a18b102c0e","sha512":"76d04684ccf66c1c53fba948abba914850ce49996ebcee7fd0dc55dd24487723793c55e26b8f117e85e2c2e9bd3d4aa7ed43c7392f9d6f5914cdb6245f215659","ssdeep":"192:MTQA1VGf9QLPxrF1m0jcDxOzc4glvIldgTaBYc6xBqN+ae4d:eQcVy9QLpQDxOzc4g6ldsaBbEMN+aN","tlshash":"6d129fe51b42ee79d9050eb75917acbf9c09061026e49b338eb5e7308669cf71e0e471","first_seen":"2025-10-07T13:13:54.698609Z","last_seen":"2026-03-29T08:51:51.24342Z","times_seen":8,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":193,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/0/7/childs-play-593707-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/0/7/childs-play-593707-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zZarwjqLvumyBIodq9fjxxbIRY9hVmYhh3gOSCTmmMIG7HDDOBa3ydOjQPUCrIx7dJ61saBpZzhmuZvlLIO0WNlkz76SElnZYTdnON16VTqWFaFk2zGhNvo%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1930b151a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7584,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"9213fe7d7c3af87ca3242ed337752a4d","sha1":"d2412c5ba051ad6b967212746713550e8b3564ea","sha256":"5736ed58858752f04d11cf1b830d76c6d7d7c14c16ebe5de4185592779160ab4","sha512":"011111f3c11629248f5b09553c42fbe946b6f022b040e54ed579f1b338b46031aa0eff001ac20f208b2922f2719cd00eddde90a19be4a73818c54868b1c18cf3","ssdeep":"192:Mf+PJkF3A6BdhgwX94HgIFfx62DL7tFIeyZHYWOBwxk1g:7hk9hgu7IFfxrLpFD+YtB1g","tlshash":"29f1bfbc4bb6985c6947be3d57c70418cb442b42e376b1868072dc40931a4ef5fc2e0e","first_seen":"2025-10-07T13:13:54.765789Z","last_seen":"2026-03-29T08:51:51.251944Z","times_seen":9,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/4/f/clickbait-593493-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/4/f/clickbait-593493-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BAvPe1bbJIRUFEqA3K47JhNBMh4JkNUQZgguj9F3anHtMrCkBTtk0wuWDXuMut%2FGUS7zHG806sXNnQAUzKXosnfO81fgBqYtvc%2FH%2FXtf%2FrmpKn1%2F2KueSv0%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1935b601a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10877,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x221, components 3","md5":"0671d0fe7f2f7cc61185a841a2818d9e","sha1":"3998038aaf1e4564d46477b3c97a8dd3f3aee10d","sha256":"bd35e0a77a828ff29be86a175d7a78965bd76205d00af645c5a831e60140af2a","sha512":"1133253615a8d966dfbeac13b0ec334acddce17f5b2dc3675ad31165c48d8c2370ac22a2617feeab4795067d51b19563c05c91a117cacdadfbad09559f4157db","ssdeep":"192:MuxXVt81e1hTfs/Vjn7I9XYcJF79095SGcFcGE4tm0brs13dFJgfbFUMpffbipzB:FkGCD7YJF79u5S5F2Ers1bJgzFUKfbdW","tlshash":"db22bf307af4626bc5e44ef1cf829d7e1b447d217762a61af6f0eec983443d50680e65","first_seen":"2025-10-07T13:13:54.750276Z","last_seen":"2026-03-29T08:51:51.173959Z","times_seen":8,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201926","fqdn":"s0.wp.com","domain":"wp.com","tld":"com"},"ip":{"addr":"192.0.77.32","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wp.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 19:44:58 GMT","end":"Sat, 03 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"E9:63:7F:0C:6E:C3:A6:C6:27:94:43:17:2D:51:5E:E2:3E:DA:FB:16","sha256":"7A:94:BE:74:03:C4:90:D6:E8:ED:98:EB:0F:DC:60:BE:D8:2A:DF:82:3F:DC:85:70:4F:C1:10:52:E4:F5:75:81"}}},"request":{"raw":"GET /wp-content/js/devicepx-jetpack.js?ver=201926 HTTP/1.1\r\nHost: s0.wp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nx-minify: t\r\nx-minify-cache: hit\r\netag: W/21174-1684460857472.3708\r\ncontent-encoding: br\r\nexpires: Fri, 15 May 2026 10:01:19 GMT\r\ncache-control: max-age=31536000\r\nx-ac: 4.arn _dca MISS\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: HIT arn 1\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=HIT;dur=0.0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7820,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7820), with no line terminators","md5":"6e445ebe164621b7116b62ba8b1d642b","sha1":"b8d42e983993b6ecba34852218862cdf8630d550","sha256":"e93e9f28c6e8c3ed7f642e1a7a67a4a294ffabbc49909ae5d8bbaa48238ba3e9","sha512":"4d8884561f2492162a229f039f8f97e7b02c9068e8e76a67c088df5c29fb4649fc3a1286afb52f4c6f9f3501c73dd70b99c434585565e856df80cb48900b0547","ssdeep":"192:Bav/CHEaTmfctyoWc4g6R+68i29JNtDPlwH//7RzStFpow:BaSkaCfctyncSR+JJNBPC/dzStFaw","tlshash":"def183be31da323bca9230e1805f6618b67399615f0f8b66d318e45174bcd47a93af18","first_seen":"2023-05-15T07:11:39Z","last_seen":"2026-06-10T22:55:38.874166Z","times_seen":1956,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":13,"connect":7,"send":0,"wait":8,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2018/05/avatar1526856863.png","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2018/05/avatar1526856863.png HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:06 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RKiCwCSmcS3i7Iu6RrnM5S6AnaY81pgBLnHzr2dxW6fknW8%2Bjuhkw1Tf%2BO1OdZCiLoeBusSkpWutwt%2FepOMS22FLZHWc%2BYNJRJDfWMafddmXt5SxGXaKyns%3D\"}]}\r\nset-cookie: view=1; Max-Age=86400; Expires=Thu, 09 Oct 2025 10:27:06 GMT\nPHPSESSID=ffki957an88r45irtce9n3sotl; Path=/\r\npriority: u=4,i=?0\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f19a5d6a1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":83159,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 470 x 470, 8-bit colormap, non-interlaced","md5":"50483bf8b88ab7cbdc071ea678220db1","sha1":"4db80ff85d0bc73dfd3c70cee80d80cca2b3e65b","sha256":"c12b4d043928a54b9ce2e51413fce384b950c8bf8c64a5a4937cddf13bf6e53f","sha512":"8b825077677921d948902d12552aa387d7208f909b421a89d8bc8a454287e384776bb51a46492337337ae0da70667047f685dabd30d6337406840c508b98f816","ssdeep":"1536:8no8IxxpPpdcAr9n8T1PZxqWzN4ayaGL384E2dyD7Zhnrm6++NiWZ:cCph2AST1hxqWJTpGL384BdynmAn","tlshash":"09830250cb443bb710208521a1175192f9b5c297b1ad4c7c3df6ecfd9d5faea52884f8","first_seen":"2025-10-07T13:13:54.947925Z","last_seen":"2026-03-29T08:51:51.205995Z","times_seen":8,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/02/avatar1550462390.png","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/02/avatar1550462390.png HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:06 GMT\r\ncontent-type: image/png\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1cjk7zHmROo9OXd%2Fiw8mgsHcYxKGcEMU5%2F%2BCzaGU%2BZjG0fZ6cIQAkFWges8FmmeIRpD3ApV%2F1005Rxt8yIUJoUHE6aTe6LK%2F1ZgQJ0ZK%2B%2FoJof%2BXxzqNgEY%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f19a5d6c1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32785,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 367 x 367, 8-bit colormap, non-interlaced","md5":"b5e4c963a87b8b01d7ebef37ed92c7ea","sha1":"ac01a5ad38305d0b1107f7cc6583fe78b26ddc96","sha256":"d36529052c13c9d813d5fc9f1be13986806a151a749c49a54fdea0e32abc011e","sha512":"f4f1bfb6cd1416f5b1a13a2b93edad3509ffd061d55deafcc08a1d21282caeb69b49f8978af15a2b5d9cc6d1092eb5e9a4a582fa51a9cf6f56f0c007b564bd2e","ssdeep":"768:k5c5t+9nkc9+uanQXyq+RXqAzXyyyrnUSdGxCRxSN9c5:F+BH+uWQXyq+RaAziyan5SNk","tlshash":"f6e2f1e1de2c7205f38613f68b26ed2ec6b863ab95131a0f15d7dcec4f74190918a85e","first_seen":"2025-10-07T13:13:54.873954Z","last_seen":"2026-03-29T08:51:51.226345Z","times_seen":8,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/cdn-cgi/challenge-platform/h/b/scripts/jsd/16f9cd2f90a6/main.js?","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:07.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/16f9cd2f90a6/main.js? HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=ffki957an88r45irtce9n3sotl; dom3ic8zudi28v8lr6fgphwffqoz0j6c=ce3230e3-9dd0-4a33-86cc-15ebf398c827%3A3%3A1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\npriority: u=3,i=?0\r\ndate: Wed, 08 Oct 2025 10:27:07 GMT\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 98b4f1a11e3d1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10181,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10181), with no line terminators","md5":"2be9f896fc2333236c81e64047ff6bd0","sha1":"3f68b48389ad70ecf2ccdf913c4807769b4c181c","sha256":"f90478dd3e852d3c615893f35d3cab1d7c1bbb94afe0e7160d1b830841ef2f78","sha512":"aa7f8216dda82bf3b67987a035b662fa15fb715e32486acd5836e0f70170323b3cbe160c7e6273aa57c5ba957581da1545643982d33a0211badd25b6c2fc088e","ssdeep":"96:hFznifT5BF4SVlHNref0PNrJmRzIcfK/3e7jlroUmjkSqSnI+uqqZDJfTLTuqvYs:/zYgMtEEq4xK99TLSqkpWLgZfBYjf","tlshash":"8c22198f3dcb281e995e644150af30c326aeadf818825e4ac7a85cf4ff5275d918ed0c","first_seen":"2025-10-08T10:27:40.405668Z","last_seen":"2025-10-08T10:28:04.593176Z","times_seen":2,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.822Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:08 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5i9OuBOXAv4YzwjhwX9nNiydh2y66jQAGeyY56aHj6bQd31Em1I5bBMTN0Y09hDB5st2gLtDcdZkz8FkCRrDeEj%2B1qePgGI73bznyZkRYmA%3D\"}]}\r\nage: 896862\r\ncf-cache-status: HIT\r\netag: W/\"65aa84fe-1499c\"\r\ncontent-encoding: br\r\ncf-ray: 98b4f1ac1f66c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84380,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32025)","md5":"4a356126b9573eb7bd1e9a7494737410","sha1":"8258d046f17dd3c15a5d3984e1868b7b5d1db329","sha256":"22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5","sha512":"005c3102459dbf145df6a858629d6a6de4598fafe24cd989d86170731b0c3b3c304da470cf66bfd935f6db911b723df0857b5ed561906f7f1c5c4e63ed9430de","ssdeep":"1536:/P10iSi65U/dXXeyhzeBuG+HYE0mdkuJO1z6Oy4sh3J1A72BjmN7TwpDKba98HrZ:++414Jiz6fh6lTqya98HrZ","tlshash":"dc83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-06-11T00:44:36.514925Z","times_seen":18845,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-includes/js/jquery/jquery.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery.js HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qF4djFHKkuKTyJWMgoGX4Owbtv3f6tls9jIlMStZULMi6Bt8Li7uxRIHy8390tYJ664iaN%2BscfDkAIAfHaxgHArF%2FGGR%2F%2BwQcjFkTFzKP1JqdCdrhu4faJA%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f192aab21a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":81259,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"bf9791e6fae3e896eef58219d2477cab","sha1":"7905f6bd8c66de3ec4a13865dc7c416d52563f85","sha256":"ab68d13a1e68131f57fb23f1879de43bedbf18cbf8ee31124c75c8104f694288","sha512":"9a2414bd30980f43b9ab8c47ed6bba6e58bb3fb72ee74918ee50743c9a3d322f34ea8a1f2e43ad46f317720c3812bd4bc71c7d30f9bcb8a54db68ae8ae4feba6","ssdeep":"1536:hYE1fGBiByJsbfXXeRJ/shgWCeLLccndZVHk04ssx+/mvaSIFSgt43tpXJIGVyY:JsAgkpsxTva/FSgKj","tlshash":"f483d7d9b3d6716297b730a850bf510bf17a98dab80c4d60e058d8e47e78e89507bf2c","first_seen":"2023-03-11T11:46:47Z","last_seen":"2026-03-29T08:51:51.241883Z","times_seen":30,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/buddypress/bp-core/js/jquery-query.min.js?ver=4.3.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/buddypress/bp-core/js/jquery-query.min.js?ver=4.3.0 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QU2wQ8BLDVOQWuYmTPUX4CQWQHtZqw6HzOrOM%2FCQBc7dUH5uXNSI97X0G8v%2B9B2slM72BDQAtITNA87dlbUD61CSRUU4k5eiDafHIRkTMYqLg4TTEFpk4Cs%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f192babf1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":119,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"c36eed91beaff12ee36e5c012872faf0","sha1":"080b6b24a6ca224dfd4fc178c54195c712fcfe83","sha256":"046b1a95c139aeaef8f2e3c321041ba7d00e80e4fb96da4e783ff519bd06070a","sha512":"040e7bf8fc59ef7046ff89ee23a16cfdf30e83806bd9afd595bc324554202f95f800ee8ccc6125fe583371ea1d8c57c7ac3d34ce4daf2cfecd915554c4fd6aa5","ssdeep":"","tlshash":"5ab092c161868d9c8baaa849464e25cde27c8b0a99df161494a3f28097b836a8772130","first_seen":"2023-03-07T12:11:17Z","last_seen":"2026-06-08T22:29:26.594268Z","times_seen":239,"resource_available":true,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.624Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:09 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa84fe-d1b\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YMW%2F4PpB5Qz6b6wthmTso8qpH0EQEsAMcoJBFTK5cweKg7cBI3REe47jB2e7YbFhIZro9axFq4%2FS9LAeQlWpEMqFHDfidKdndKtqX80ozgQ%3D\"}]}\r\ncf-ray: 98b4f1abae53c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3355,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"039a6734d79ed9aa51cf81c52479c5fe","sha1":"9cf29c4ea1a3880681d50c7228374f8073b7778b","sha256":"a15bad73fc8907795285b78a4a1a1bf5e7f68b4d39988b9bb165444819cf9eb1","sha512":"879f067d02f582c2ff8f9c0308cbb44b24964136c4d8074f1a1b200169b520bb49fdd2b290772dfbc3ca432fba2ce9d5b1a398eb14746613cc942dd7567fa1d9","ssdeep":"","tlshash":"3a61ba966b670a04b51ad0ab3f667b4723084007995fed757fc8620ccfc92a8d6d378e","first_seen":"2024-02-12T03:25:01Z","last_seen":"2026-06-10T12:47:42.195011Z","times_seen":2982,"resource_available":false,"data":null}},"time_used":742,"timings":{"blocked":122,"dns":20,"connect":1,"send":0,"wait":496,"receive":0,"ssl":87},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.friendlyduck.com/pan/scripts/52xzaxvzhiy?a_aid=11279\u0026a_bid=6ab647e8","fqdn":"www.friendlyduck.com","domain":"friendlyduck.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"friendlyduck.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 Aug 2025 20:30:29 GMT","end":"Sun, 16 Nov 2025 21:29:02 GMT"},"fingerprint":{"sha1":"75:45:68:40:CF:30:20:CD:8B:A4:18:0C:C0:24:46:9E:CF:BF:21:B2","sha256":"C6:2F:A1:18:EC:4D:72:4E:24:EF:89:13:81:C5:91:36:AB:D6:B0:9D:5C:03:45:16:63:F0:95:92:09:DB:D7:78"}}},"request":{"raw":"GET /pan/scripts/52xzaxvzhiy?a_aid=11279\u0026a_bid=6ab647e8 HTTP/1.1\r\nHost: www.friendlyduck.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-powered-by: PHP/8.4.3\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mkp13eEVVa2N6E7hl8ADS4uCPafgMPSyGFk7P6IWe3Iixiim9gdQXUPDjygGdfxLM2MPhAwe6%2FY%2BIHwR0RsjIslLGt1%2Fi8eqPjvAE8n6umayEg%3D%3D\"}]}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 98b4f1980ad156bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"PHP:8.4.3","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":1255,"timings":{"blocked":480,"dns":29,"connect":1,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2018/06/avatar1530261886.png","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2018/06/avatar1530261886.png HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/png\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cDE33fsr9XRd6gk2Tu8HXLtbpKObX0gjor7UvRZ4CDGVcPLt93INaPpMau6Ks5mv1Gk03LUu%2BmLpThMMsHbFNrmR2LYVcKyexKk3U1O00nGUPAvvAYl9H2A%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f193dbe21a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":94616,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 470 x 313, 8-bit colormap, non-interlaced","md5":"421caf1ff13e627d9b76344f941a4357","sha1":"f832d0028c06fdd1c884ebe29f94c4b1961b0208","sha256":"143a97df41246915c8d0088f3c8d3d9def56090aa8f6bd1acbd1dfe7bf26bff0","sha512":"d47ffb061350ff08a0af9813859ce1b56b1fd8736d435e72224dbbe54464db5ce1be5e06ad09549570498e29676edcf59a7763935e21cc9e72f57e9bec4a1763","ssdeep":"1536:26PEvtG3ZagFoQqMj7eFoYmheWFLC0WNHvB+gOfDwBItVjC4sUvsSou4JOFGp6:+vtGLFoI7eqJhemLetp52GIPC3/TJOUY","tlshash":"a393120bc8ef2da5a53f628b027bf2783fca4df50a00794f5a0d9d740c85c75ac1aa25","first_seen":"2025-10-08T10:27:40.408822Z","last_seen":"2025-10-13T23:21:24.330638Z","times_seen":2,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bvtpk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Sep 2025 16:15:33 GMT","end":"Mon, 08 Dec 2025 17:13:51 GMT"},"fingerprint":{"sha1":"57:53:1B:12:8D:B5:A7:B6:96:E2:B4:FE:90:A1:D8:FA:24:94:9A:B9","sha256":"4E:2A:10:4F:06:F6:4E:34:B3:5A:E6:9B:A2:C7:FC:B2:A4:7D:55:44:3D:06:2B:38:35:A7:52:1D:F2:4E:80:5E"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: bvtpk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:07 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-trace-id: d4e688654285b50321b2ff59c080869a\r\ncache-control: public, max-age=600, s-maxage=1800\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1014\r\ncf-cache-status: HIT\r\nlast-modified: Wed, 08 Oct 2025 10:10:12 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yzdWRqtgZUQRFeiDX7wY9%2FcKToyI52nZNef657Fdbj%2BSOY5jYCVGgQ6Rm2Frg2XF6LcloHismgdAIXwUk%2BzHopEvvkqofi%2BDgw%3D%3D\"}]}\r\ncf-ray: 98b4f1a0f8e1a41f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109923,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6c87711a5d2974cd9ee1f91fdf13c865","sha1":"f8ed5f464bf5e473cf28b326f462df2ee5698b70","sha256":"d3f84084e3f7c148c636dc35fe87fc64580db8a3fafdf07ebf6174fa089d2398","sha512":"8da04dcbdb746b2810bee89cd945e4d09a0fa7838ab960b05d5227aadd59759d76a7385f83a58abde5ee52665e4f735e554651b2dda1e70ada87ede0cd3a3be1","ssdeep":"1536:I8zmHlk4JQ9aO4kD9VaZ06GUqo54Az0SBYQ4+DIVV3BWw:jzsJkaO44I06GUb0S6z3xWw","tlshash":"96b33bc6226a241612bf8034445bed0eb5aecd8104cdcdb8e1e5b8662d78b16d3f7fd9","first_seen":"2025-10-08T09:14:17.976464Z","last_seen":"2025-10-12T16:00:36.826808Z","times_seen":68,"resource_available":true,"data":null}},"time_used":418,"timings":{"blocked":-1,"dns":55,"connect":2,"send":0,"wait":8,"receive":0,"ssl":353},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/au/0c/54/07/0c54074632a811f9c5bb2811796fb090/1657098821.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:07.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 11:11:15 GMT","end":"Sat, 08 Nov 2025 12:08:40 GMT"},"fingerprint":{"sha1":"46:26:78:BD:18:7A:95:15:D4:B3:89:73:FE:7E:99:33:18:7F:21:3E","sha256":"AD:6B:6A:10:54:38:33:B9:BB:A6:FD:B7:B0:1B:2E:9D:62:B8:47:35:C4:E6:7B:F6:4A:92:AA:75:B0:29:F7:F3"}}},"request":{"raw":"GET /sb/au/0c/54/07/0c54074632a811f9c5bb2811796fb090/1657098821.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:08 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Wed, 06 Jul 2022 09:13:46 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LCM4JIkl8NP22BXRwvgHkwNL2P6LA7TWuIHzkSZSrjFNjb8PbXCgzlPgUORm0IGjlyYfpJNMG%2F12XgyucZYIUe7ZZwDm9bVp1QDyr%2B6n0g%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98b4f1a59f851a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1070,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"91b896fd2cd0fa352f67f530c46d6e20","sha1":"a340ff41c252ea09b8d860fceade41479173d65d","sha256":"5801f40189ad7e25f99e146c400aeb53e0f2c4132a33fb22afc84f11f8b5f3e2","sha512":"b660a77cc291eaa58f5cc5e6f5d0997f96df6de1ad4f4887f910738cdc657a362733e80a466366d2c659b421f377f1d4a3531ad40750a6353b310dfc4fea4ac3","ssdeep":"","tlshash":"9111ecaa2ee586b311d350e5bb352f1bad92d6878c4f694173fc89618f81d92cd9300b","first_seen":"2025-10-06T11:07:14.980118Z","last_seen":"2025-10-08T18:42:08.194285Z","times_seen":84,"resource_available":false,"data":null}},"time_used":719,"timings":{"blocked":119,"dns":32,"connect":9,"send":0,"wait":470,"receive":0,"ssl":79},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/a/5/marriage-killer-593270-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/a/5/marriage-killer-593270-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hfDsjBWPAS5K8gC5%2FZpxPquJV0U0fEJfL10Vr3QV7Ug98h1G8REIsjUWAjXxFQTRU3ClGgU0kf7lIqia%2B2%2FWkkGQU1u4dADCX4eX0Tapk8f8ik4I223N8j0%3D\"}]}\r\ncf-cache-status: BYPASS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f193cbca1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":206,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"47e655a40d6414e2e20fb7200ebbb7d5","sha1":"f44ae996e01976eae4466ad0f261fa20ee051631","sha256":"09362f9ae36eee33a1f619f0af1a68d29d7d57d85fe34fc766566c8625c306d3","sha512":"e847ff20884dcd3ceb57028993d9263f98191a241d8f308aa01f080b6a243e84a56b8104834c78e6092010610ab53e9ab8e42989326a78e281bbbffa122e4b8e","ssdeep":"","tlshash":"9bd012e739413d6dd4e3717d28836a98f29595dc10f8651045e11f6332cb2966bc3b13","first_seen":"2023-09-14T05:49:03Z","last_seen":"2026-06-10T02:02:14.288053Z","times_seen":792,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":137,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/02/avatar1550462390.png","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/02/avatar1550462390.png HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rWDpemuC9OlmMaw0GGhojPa5c3VqWxUWgJTIwW%2BEycbMnfJoHrDjh0JtQMfLwiQ%2BEji9S%2BxQ34AzhIFGItUHqFzAd0epa8h5vdCMb2Zh%2FljjTT%2FrqoyG9dY%3D\"}]}\r\ncf-cache-status: BYPASS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1940bf51a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":206,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"47e655a40d6414e2e20fb7200ebbb7d5","sha1":"f44ae996e01976eae4466ad0f261fa20ee051631","sha256":"09362f9ae36eee33a1f619f0af1a68d29d7d57d85fe34fc766566c8625c306d3","sha512":"e847ff20884dcd3ceb57028993d9263f98191a241d8f308aa01f080b6a243e84a56b8104834c78e6092010610ab53e9ab8e42989326a78e281bbbffa122e4b8e","ssdeep":"","tlshash":"9bd012e739413d6dd4e3717d28836a98f29595dc10f8651045e11f6332cb2966bc3b13","first_seen":"2023-09-14T05:49:03Z","last_seen":"2026-06-10T02:02:14.288053Z","times_seen":792,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/bootstrap-3.3.5/js/bootstrap.js","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/themes/wp-movies-theme-1.0.23/assets/bootstrap-3.3.5/js/bootstrap.js HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OtraH4pg%2FfXO%2B%2FQCASzaOQEjSmwczRibiuVK7mmBZsOJzY3NzTSMTjZuL2D3%2Bdtovnnae%2FZrPtc3iB6MOr8lE800OZrhnDnNERAEGV3aSPcguub0dEMST5c%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1941bfb1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":46884,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (444)","md5":"1f57084dd4489eb4b77c8f850177a787","sha1":"bf0c3cf5d9a9775a5c6a73576e2be1e00cab6e33","sha256":"3684b7cd203df98651f804f801a62884755d1bc1af449778e5a51cff1f563852","sha512":"1570700c4620463cf824ba988ec60ccf6e9814cf6e459504915a57f0f360cea9a645a946c307bdb76f070ba02413dca615e4882a83d8dcceaf4de639cd34cefe","ssdeep":"768:1LBtidRanpFkpHpb76uYdvytNqbdK+KSIEhYAPl641:XIcPhKh+KSZPR","tlshash":"5723b7067630316202ffa1a7805b234d733da629940ad0bcb8799bd43e75d45b26bf7e","first_seen":"2023-03-07T01:26:29Z","last_seen":"2026-03-29T08:51:51.168763Z","times_seen":13,"resource_available":true,"data":null}},"time_used":277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":252,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"52.57.8.161","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:06 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://streamdreams.dirproxy.dev\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=d0e23d3a-c16f-461f-921d-bff10a6a9e6e:3:1; expires=Sat, 06 Oct 2035 10:27:06 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"9a42599c4ed7bb26ccb7258a0f3aa15f","sha1":"70d05406123cebedd90b77ed4281b2a36b11b4ba","sha256":"c5ea641ae440d9ad8f56d80240b28ca44a74c7d156948f1d0f4e1bacf1983b76","sha512":"83178ffc813076fc46d1944bf1388dbfd8ab6cb017bdecce83aaae2de3c55af7f2565a9864205b64010da6219b44a72e8f969ec9c96838d5f49b6059db2ddb05","ssdeep":"","tlshash":"2b90047c0f3541c5510041144c30cd400144c4d74130045d4075c033d4053070f7c577","first_seen":"2025-10-08T10:27:40.411728Z","last_seen":"2025-10-08T10:27:40.411728Z","times_seen":1,"resource_available":false,"data":null}},"time_used":481,"timings":{"blocked":224,"dns":1,"connect":22,"send":0,"wait":23,"receive":1,"ssl":207},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:07.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 11:11:15 GMT","end":"Sat, 08 Nov 2025 12:08:40 GMT"},"fingerprint":{"sha1":"46:26:78:BD:18:7A:95:15:D4:B3:89:73:FE:7E:99:33:18:7F:21:3E","sha256":"AD:6B:6A:10:54:38:33:B9:BB:A6:FD:B7:B0:1B:2E:9D:62:B8:47:35:C4:E6:7B:F6:4A:92:AA:75:B0:29:F7:F3"}}},"request":{"raw":"GET /sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:07 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Mon, 27 Sep 2021 07:43:24 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h7rBVQJHf2tpN%2F0lrBXgdfv4VWuQkGC7UPnkmzVWjEDAM2sz8T0y07CyLE1VleYFCNr%2FY03HVcUf%2BISW7EJyP9QlAVU2kckPPKPgr8kh7Q%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98b4f1a57f3e1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1325,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"f6990569c7ffeac1f4a3f6d9eee5da44","sha1":"e7d5e37acf89a8faee252c36fc2c9d6615501d76","sha256":"cc2a9756c81bd570fff8b32e48a413687c33f8abe9c934e743a0769178b4f690","sha512":"be3ebced9d65b29fef8caab46e95f54f1ca645ea5942331c84c964ec033fb7c78506d14eda131948b7f664f1635deaa8d82a63169f9214f72035b087ea104bda","ssdeep":"","tlshash":"a52105692df9c97311e750947b352f1bed92ea87c80a6e0173bc9d684f9ad84cd23407","first_seen":"2023-06-26T22:59:31Z","last_seen":"2026-06-10T12:47:42.208707Z","times_seen":3214,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":86,"dns":23,"connect":1,"send":0,"wait":119,"receive":0,"ssl":69},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/notifications/ios/new/2/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/notifications/ios/new/2/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:09 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 05 Mar 2024 12:38:39 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65e7124f-1244\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wthUx3FB8LK7DtY%2FFOXGOu1phFCjV2%2FrvIo1uH9U6LJjLjN1XrsnYOjeZnQa7T55vnuwXyl%2FnWZFBOHPBD7Gz9e3XOgSlDeo1Dd8Ru%2B9keo%3D\"}]}\r\ncf-ray: 98b4f1abae68c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4676,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"98c9d48f7ba1ca323c6e69254de7b1d7","sha1":"126eb0a561a817df7c5cd704dd6a1254f33a5e4c","sha256":"c42a942f5fe9b94de1915abf5d07682c3d3e6bf568e4bc75d56cf18b4695471c","sha512":"d97a4655c23f49c98c53b6e48f90a94c0ea5184b4d160a7d2b714f95735ab9f7d3850e7cba3de61c3f5ba163b4c9966bed431c6f1d9e85550ddbbb69195e1e82","ssdeep":"96:iTMXkGMlzT+JzCyKbmJxMX5eiBTMXptuNCBxkBJUZQM0bYrW7M9yt1VPEVYlI0MS:IMXyJT+3JxMX5zMXptuN0xoJeB0bZHt5","tlshash":"3fa1fd566b671a44b50bc56a3f6a2707231540038a0bed787fc9660c8fca298d6e37cf","first_seen":"2025-10-06T11:07:14.959022Z","last_seen":"2025-10-08T18:42:08.253833Z","times_seen":76,"resource_available":false,"data":null}},"time_used":608,"timings":{"blocked":70,"dns":19,"connect":1,"send":0,"wait":460,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:09.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:09 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KdrvODqWbvvX7vK70wMt%2Bgl4y71%2BiUq1mArU5SzCOhxd%2Bq8JM8FKH%2FoiVsQvuxGH3DnbI9WQB6yfKJKgddjIQtfUpvX4XRPKmGuX3TQdxiY%3D\"}]}\r\ncf-cache-status: MISS\r\netag: W/\"65aa84fe-3c2\"\r\ncontent-encoding: br\r\ncf-ray: 98b4f1ad3a5ac759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":962,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"0013fbb3bd9e7300fa1bc9f62501dcf0","sha1":"447e4a8994979e2e158b9beff79b94e7d1b29508","sha256":"4cf18df81115ddab6967dc82096077ee024223dac3c6ffc9b810bffb7780a20e","sha512":"288a5e82fdbfdadf11f5a15ed40b54b67dd43fd83f0666abf85ebc0f14ef3b6e5e9104c3491fdb85b40e5556b252d933ee8cbe6e381e96e01170e76c60003dc6","ssdeep":"","tlshash":"e7117d37156882f06257f027a15729d6ee32029ee81a5707721c06cd0ec47b913fa6e7","first_seen":"2023-06-25T06:36:24Z","last_seen":"2026-06-10T12:47:42.146661Z","times_seen":3079,"resource_available":false,"data":null}},"time_used":477,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":477,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/7/b/miss-dali-593285-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/7/b/miss-dali-593285-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wazULi%2B9JSzpIsEL1i7zfG7c%2BbkwB8R5UHjAlFXog9nrARUYRk50U9B4XcjbSMNJFEAIfkhGX69jT0mZNAoK2TT0f2NkLJDInqyWdI%2BWcv8B7JX4Ql2MqNE%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f193bbbc1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7483,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"7d8c7d8972d1419b168a0b435c10aaf0","sha1":"1a74d8eb513cdf55e92ec8adec2f7c3412cb15c1","sha256":"a4bdc2354c92fbe7c2662852b47bea1b23bb524de3d3f87d706b0c703624fdb2","sha512":"a02f1b2d8a99b0a0e16a8e50ccbf0cf39927608878406e704a1da7139e5f3669fa810efef29290d94104a21a28d277d08fdcfc70a09dc2c93fed851d5147b574","ssdeep":"192:MriJ1+7qyLvW6Qv9XHo9BvDUnfGZwEzYU/r6YypcTF04wmi5D:OiG76tgwnfTEU+r6YySKmaD","tlshash":"1cf19fab56a2c5d5e00d8e7e28f561bd2400a19e4223ca5e8434d52acfbdddd3378be4","first_seen":"2025-10-07T13:13:54.774779Z","last_seen":"2026-03-29T08:51:51.109738Z","times_seen":8,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/iflychat/js/iflychat-popup.js?ver=5.2.2","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/iflychat/js/iflychat-popup.js?ver=5.2.2 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 503 Service Unavailable\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lNPrikR%2FVBqgRL3dnCJ9rLkqibXtfkPpUEHZst5wdxGkLFjf8oid21rAX0XMsKGg%2FsdfvOFjt5N7jVNaMUMrgxxpnIRRfEh2XA37g9nynI88AsMypbJzxsA%3D\"}]}\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1941bf91a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":206,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"47e655a40d6414e2e20fb7200ebbb7d5","sha1":"f44ae996e01976eae4466ad0f261fa20ee051631","sha256":"09362f9ae36eee33a1f619f0af1a68d29d7d57d85fe34fc766566c8625c306d3","sha512":"e847ff20884dcd3ceb57028993d9263f98191a241d8f308aa01f080b6a243e84a56b8104834c78e6092010610ab53e9ab8e42989326a78e281bbbffa122e4b8e","ssdeep":"","tlshash":"9bd012e739413d6dd4e3717d28836a98f29595dc10f8651045e11f6332cb2966bc3b13","first_seen":"2023-09-14T05:49:03Z","last_seen":"2026-06-10T02:02:14.288053Z","times_seen":792,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":160,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lpazXCuONxwxSsraBHOvrVIwPqm2LZLreiEbps5Lp1%2BUgT2ifen4KzT6GKnF2OhF%2B87v6HJ39O0gt35wR7OF%2BhMx5Kwe4Odkv9cWIP7DxayRNUgA7%2Bln%2B%2B0%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1946c0e1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36508,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32023)","md5":"cfb63dc18fde53fef4d4fdc19ddfdcd6","sha1":"07e1e6f3160f3f3539f2ac7ceb69c7686c2051f9","sha256":"fe5d09013cdf89dd17c511c908bee2628e4c0f9b4550f802fdb1fd5086999c8d","sha512":"ef8cc04bb9ca987e5d528b8893300c2d053fb12c94777c8535dcc29e425cefacc046d9751ee73b2ceb8e8c7ba5699719427604b12815d72525b7130202279870","ssdeep":"768:mxhQEJv2lLCZJqqubYtrgcxw1OKqMZiEoVGMuCGv2C+ggYhh7z:mxXv2lLCZJqqub+EkKquf1gYnP","tlshash":"69f2c45e50413d1b923b02a6027a2603a237955fed44c928bc5d67ce6b7cc8672fefb1","first_seen":"2023-03-07T12:07:29Z","last_seen":"2026-06-10T06:55:40.62928Z","times_seen":494,"resource_available":true,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.friendlyduck.com/pan/accounts/default1/52xzaxvzhby/6ab647e8.jpg","fqdn":"www.friendlyduck.com","domain":"friendlyduck.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"friendlyduck.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 Aug 2025 20:30:29 GMT","end":"Sun, 16 Nov 2025 21:29:02 GMT"},"fingerprint":{"sha1":"75:45:68:40:CF:30:20:CD:8B:A4:18:0C:C0:24:46:9E:CF:BF:21:B2","sha256":"C6:2F:A1:18:EC:4D:72:4E:24:EF:89:13:81:C5:91:36:AB:D6:B0:9D:5C:03:45:16:63:F0:95:92:09:DB:D7:78"}}},"request":{"raw":"GET /pan/accounts/default1/52xzaxvzhby/6ab647e8.jpg HTTP/1.1\r\nHost: www.friendlyduck.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-powered-by: PHP/8.4.3\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8bmeXeV%2FZWW7jCTulhfp1Hn%2BTsF2RaDKafv%2FAsmil7t3m1J6Jf8saEE5jHwuFLhHsk0IMUdq81Z2QGntZWDoYcCJeTxRHZg%2FjUEtQixpHxIC%2Bw%3D%3D\"}]}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 98b4f19a4d0656bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.4.3","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/ren.gif?sid=H4sIAAAAAAAC_1SST2gkxRfHq7N7-MEefqiLB0EYxIOCmfS_mUy7QjCukWA2CdlIFgShuqp6Uk5PV1vVPT0ZPQQDsjdnbx4730k2qEH04FFcJl4kIOwIYg6bi-BFBEXIWWYyEHyH917Vtw6f9633yX5-Tjzk9Gz9jurJOKZztapdeWlLJlwVprK6WXHsqn2rsiWTun-r0h0n3XnV8fyq_XLlLcFaas61Hdt2bKeyJLWIVHduokKmx4FTDeyq71admo-u_u_Z5BYMtcA75-RpSD76_2_Ru5BsiKT99W1hWplKX3mzncc0UxodfvRO0kpUkaB91UbaQpQcTV9DmREhn81AJUfTCaA6B-MJEMoRmXn2CcLkaIqJsHN4SRrGEAlCfgNFZwgRDyHpEEztQfLHBGAcq2tI2g9XlS7ozqVKx-qIXL_4B7IYketPbiJpf7UYy27lrorzTKrEoBuVkN0hZHOIND9B1puBLE7Aso8h-U9k7mIFSftgzcQKkp-9yG3hetyjs8ypR7N-3YlmA9fhs2EUOTat00DUxcQiGQ1BzTXkxkIuLeSRhTy10OZnFd9u-MyhXj0KOJu3fer7XIR20HBtmwZsHjkbs_eRpX2wuA-md5HqXbRkHzp_BLNdwnALJiPo8BKFICgMQUEJCklQZARFpzzksXFN-ZDHJg-daXWn1SsHKmvu00OVNUVCQHUfmpcHMv3A7IFl1wa9yPCBGicaZuWAhrzcT8_JUxNb_753gZY4q1C3UQ9sdz5w6Hzks6ARstARDcf1XJfx-QaMLCHNDKix0JMjYpXnSOWIkE9_RUhPYOITMPkCaP48aFGCbpfoJcd5EsaKtQSvSg6uSqTZdWQ71n58Tp4ZbGwuPppgvPfHHQh2SqYBpkukusT78geCZnx_sKEKcrChCkO-WUsz2ZY9Ov75uxnNhPXF22KnUJov3zb9z19nY2HcHm8Kk63QhMukaciXi5JzoZeUZoJ8t2y2RLiem-3FXCd5urL-xtJyO9XCGKmSIagckRv_uwcmR-Tmcz9Otrr2y2OwdBcmveI0iiBMLcSSIBZX9zQsYcTpwrcLH_35YNsgFKff_3Wp7Zv7aGoLNNtD0i7R0SU6cQka92Hya4Ms1acLP3uTQBhbgzDW1kEY6_jBpU9GnlVqbujVG426iOo88rjnejyo2SLwaVD3A7-GzIy2f3_tw38DAAD__9jetGF4BAAA","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:07.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 21:51:40 GMT","end":"Thu, 01 Jan 2026 21:51:39 GMT"},"fingerprint":{"sha1":"AC:0E:0A:1C:AA:E5:DB:3D:5E:08:F6:26:F1:1D:98:65:42:D8:4F:97","sha256":"24:D8:C8:0C:EB:CB:B6:51:7E:D6:F0:16:2A:4D:4C:93:AF:30:D4:E9:B0:FF:9D:5C:C7:9E:8F:A5:CE:E2:1A:E1"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1SST2gkxRfHq7N7-MEefqiLB0EYxIOCmfS_mUy7QjCukWA2CdlIFgShuqp6Uk5PV1vVPT0ZPQQDsjdnbx4730k2qEH04FFcJl4kIOwIYg6bi-BFBEXIWWYyEHyH917Vtw6f9633yX5-Tjzk9Gz9jurJOKZztapdeWlLJlwVprK6WXHsqn2rsiWTun-r0h0n3XnV8fyq_XLlLcFaas61Hdt2bKeyJLWIVHduokKmx4FTDeyq71admo-u_u_Z5BYMtcA75-RpSD76_2_Ru5BsiKT99W1hWplKX3mzncc0UxodfvRO0kpUkaB91UbaQpQcTV9DmREhn81AJUfTCaA6B-MJEMoRmXn2CcLkaIqJsHN4SRrGEAlCfgNFZwgRDyHpEEztQfLHBGAcq2tI2g9XlS7ozqVKx-qIXL_4B7IYketPbiJpf7UYy27lrorzTKrEoBuVkN0hZHOIND9B1puBLE7Aso8h-U9k7mIFSftgzcQKkp-9yG3hetyjs8ypR7N-3YlmA9fhs2EUOTat00DUxcQiGQ1BzTXkxkIuLeSRhTy10OZnFd9u-MyhXj0KOJu3fer7XIR20HBtmwZsHjkbs_eRpX2wuA-md5HqXbRkHzp_BLNdwnALJiPo8BKFICgMQUEJCklQZARFpzzksXFN-ZDHJg-daXWn1SsHKmvu00OVNUVCQHUfmpcHMv3A7IFl1wa9yPCBGicaZuWAhrzcT8_JUxNb_753gZY4q1C3UQ9sdz5w6Hzks6ARstARDcf1XJfx-QaMLCHNDKix0JMjYpXnSOWIkE9_RUhPYOITMPkCaP48aFGCbpfoJcd5EsaKtQSvSg6uSqTZdWQ71n58Tp4ZbGwuPppgvPfHHQh2SqYBpkukusT78geCZnx_sKEKcrChCkO-WUsz2ZY9Ov75uxnNhPXF22KnUJov3zb9z19nY2HcHm8Kk63QhMukaciXi5JzoZeUZoJ8t2y2RLiem-3FXCd5urL-xtJyO9XCGKmSIagckRv_uwcmR-Tmcz9Otrr2y2OwdBcmveI0iiBMLcSSIBZX9zQsYcTpwrcLH_35YNsgFKff_3Wp7Zv7aGoLNNtD0i7R0SU6cQka92Hya4Ms1acLP3uTQBhbgzDW1kEY6_jBpU9GnlVqbujVG426iOo88rjnejyo2SLwaVD3A7-GzIy2f3_tw38DAAD__9jetGF4BAAA HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nCookie: uid_id2=ce3230e3-9dd0-4a33-86cc-15ebf398c827:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl15816950=1; sleca286902791a7f4c98bcb1e812322cd78=[6220621]; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[4323733]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 08 Oct 2025 10:27:07 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: f34c3963f55d28c37079c22a54e35654\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/impr.gif?sid=H4sIAAAAAAAC_1RSQWgkRRStTnIQ9iBq8CAIc1SQSfd0ZzLjCsEYI8FsErORKIJQ3VU9KVPT1VZ1T0_GSzAgCx4cb97svEk2rAbRqyCuEw8uA8K2sJjD5iLoYS8Lwl4EIzMZkH1Q___i1eG99-uTg_ScuEjp2fo11RFS0pnZsl16YUtETGWmtLpZcuyyfbW0JaKqd7XUHhbdetlxvbL9YukNHuyomYrt2LZjO6UloXmo2jMjFiI-qTvlul32KmVn1kNbP343qQVDLbDWOXkaghVP_hG-BxH0ETW_XeRmJ1HxS683U0kTpdFix29HO5HKIjT_H0NtIYyOx6-hTEHIFxNQ0fHYAVTrcOgAvijIxLP34UfHY5nwW0eXSn0JHsFnV5C1-uCyD0H7CNQ-BLtLgIBhdQ1R8-aq0hndvWTpkC3I1KO_IbKCTN2fRtT8ZkGKdum6kmkiVGTQDnOIdh-i0UecniLpTEBkpwiSjyHYr2Tm0Qqi5uGakQqC5SP3IuyDGgvp8AgLaWghjS002VnJs2te4FC3GtZZMGd71PMY9-16rWLbtB7MIQ2GsrpI4i4C2UWg9xDrPeyILnR6G2Y7h2EWTFIQ6609tFiOjBNkhiCjBJkgyBKCrJUfMWkqJr_JpEl9Z9wr4-7mPZU0DuiRSho8IqC6C83yQxF_aPYRJJO9TmhYTw0L9ZO8R32WH8Tn5Klhata7_xrs8LMStd2K7zHXDWqU02qNemHdr3kVd7bqeH4YwogcwkyMAumIgswVdxCLgpDPfodPT2HkKQIxCZo-D5rloNs5OtEJEzrWqr1bDlQTTOWIkykku9aBPCfP9DY2F26Plvf-g2vgwYCMgUDniHWOD8TPBA15o7ehMnK4oTJDvluLE9EUHTpc7PWEJtz66k2-mynNlhdN99arwZAYjieb3CQrNGIiahjy9YJgjOslpQNOflg2W9xfT832QqqjNF5Zf21puRlrboxQUR9UFOTKE-8gEAWZfu7O6NPO3ruLIN6DiQfz98IRYBSBH1uQoiDu9C-QfDD_5cPvH1xcXID6OQwfzP9065-_5KeL8Pngx4eX_g7MDTS0BZrsI2rmaOkcLZmDyi5MOtlLYj2Y_80dAb60er7U1qEvtfz8MisjzkqhyyuBbdfmqo5bC7njeiwIZ2tenVWp7bociSm2_3zlo_8CAAD__359dXNbBAAA","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:09.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"directlycascade.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Sep 2025 11:12:27 GMT","end":"Tue, 09 Dec 2025 11:12:26 GMT"},"fingerprint":{"sha1":"76:17:4A:20:73:64:94:52:3B:6A:50:E2:7C:F7:F5:73:52:38:47:A4","sha256":"66:CD:95:7F:5E:D7:56:27:7A:6F:3B:80:CB:84:DC:89:A0:F0:BB:44:49:55:B4:81:76:24:2E:38:E3:FC:78:29"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSQWgkRRStTnIQ9iBq8CAIc1SQSfd0ZzLjCsEYI8FsErORKIJQ3VU9KVPT1VZ1T0_GSzAgCx4cb97svEk2rAbRqyCuEw8uA8K2sJjD5iLoYS8Lwl4EIzMZkH1Q___i1eG99-uTg_ScuEjp2fo11RFS0pnZsl16YUtETGWmtLpZcuyyfbW0JaKqd7XUHhbdetlxvbL9YukNHuyomYrt2LZjO6UloXmo2jMjFiI-qTvlul32KmVn1kNbP343qQVDLbDWOXkaghVP_hG-BxH0ETW_XeRmJ1HxS683U0kTpdFix29HO5HKIjT_H0NtIYyOx6-hTEHIFxNQ0fHYAVTrcOgAvijIxLP34UfHY5nwW0eXSn0JHsFnV5C1-uCyD0H7CNQ-BLtLgIBhdQ1R8-aq0hndvWTpkC3I1KO_IbKCTN2fRtT8ZkGKdum6kmkiVGTQDnOIdh-i0UecniLpTEBkpwiSjyHYr2Tm0Qqi5uGakQqC5SP3IuyDGgvp8AgLaWghjS002VnJs2te4FC3GtZZMGd71PMY9-16rWLbtB7MIQ2GsrpI4i4C2UWg9xDrPeyILnR6G2Y7h2EWTFIQ6609tFiOjBNkhiCjBJkgyBKCrJUfMWkqJr_JpEl9Z9wr4-7mPZU0DuiRSho8IqC6C83yQxF_aPYRJJO9TmhYTw0L9ZO8R32WH8Tn5Klhata7_xrs8LMStd2K7zHXDWqU02qNemHdr3kVd7bqeH4YwogcwkyMAumIgswVdxCLgpDPfodPT2HkKQIxCZo-D5rloNs5OtEJEzrWqr1bDlQTTOWIkykku9aBPCfP9DY2F26Plvf-g2vgwYCMgUDniHWOD8TPBA15o7ehMnK4oTJDvluLE9EUHTpc7PWEJtz66k2-mynNlhdN99arwZAYjieb3CQrNGIiahjy9YJgjOslpQNOflg2W9xfT832QqqjNF5Zf21puRlrboxQUR9UFOTKE-8gEAWZfu7O6NPO3ruLIN6DiQfz98IRYBSBH1uQoiDu9C-QfDD_5cPvH1xcXID6OQwfzP9065-_5KeL8Pngx4eX_g7MDTS0BZrsI2rmaOkcLZmDyi5MOtlLYj2Y_80dAb60er7U1qEvtfz8MisjzkqhyyuBbdfmqo5bC7njeiwIZ2tenVWp7bociSm2_3zlo_8CAAD__359dXNbBAAA HTTP/1.1\r\nHost: directlycascade.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[6220621]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 08 Oct 2025 10:27:09 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nVary: Origin\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nSet-Cookie: iprc_l+a9b03995509d8f6b18fc86ab6b9a7bc6=6220621; expires=Thu, 09 Oct 2025 10:27:09 GMT; path=/; secure; SameSite=None\niprc_l:6220621=1; expires=Thu, 09 Oct 2025 10:27:09 GMT; path=/; secure; SameSite=None\r\nHost: directlycascade.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 214a6f7b9fb6d4a30ebb1ea044e9a50e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/e/e/shaft-593003-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/e/e/shaft-593003-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZpgiSZa4eWLDMIJvYkIOsotqYLEfZDWqGqps%2FUA%2BRZPPlYK2jCXwYinMqosEpAKy9fq1kKOrJdRrdHM1CJYio6fzlZs5fB8bDrOVFjhoW3j7PPrpZMowS3Y%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1931b341a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7199,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"16c1a2f1c82001987eaad7cfc5ea3fe3","sha1":"bc778bbca2d15d44130e0288c0ea0b206d604064","sha256":"4f6388663981a51905e7d232c130e64ec6fbef0c8a4632c0c2e305ea3a6bfe4c","sha512":"bd7629688fc6f888e7163ade55b3c2d5438c10b55bdaa04656db39cc179543a3e9d0e3d4facb2dd213ab60d49204d38c7c39f5d99ff2c0f3c7bc30407e174c54","ssdeep":"192:MBfyIhgx1Pffjf3Z89yQLB9IxRfwFeG4m63cPExZcL:ifqPffjf3y9yQcxRfwQ3cPExeL","tlshash":"e3e19e019385ced2fd399d79842a4c783f6218341a2797ab2f33dd9538a64ca8154ecd","first_seen":"2025-10-07T13:13:54.795993Z","last_seen":"2026-03-29T08:51:51.204349Z","times_seen":9,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.284Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 21:51:40 GMT","end":"Thu, 01 Jan 2026 21:51:39 GMT"},"fingerprint":{"sha1":"AC:0E:0A:1C:AA:E5:DB:3D:5E:08:F6:26:F1:1D:98:65:42:D8:4F:97","sha256":"24:D8:C8:0C:EB:CB:B6:51:7E:D6:F0:16:2A:4D:4C:93:AF:30:D4:E9:B0:FF:9D:5C:C7:9E:8F:A5:CE:E2:1A:E1"}}},"request":{"raw":"GET /a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 08 Oct 2025 10:27:05 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 29955\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 18830daa0f75308006f05fe681031c04\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":76516,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"08d5b840d684128d363d9eab22dcfcbc","sha1":"23eb2c82a2cf37357ab6f20927dc99c248a2faae","sha256":"119f29cd5a878dd6515956ef6571e03d3fcd4a91ffa53a929bf8b2b65684c510","sha512":"b99b2e67b9570a55979e47ec386a7c7394b5f68f8ef8f59d87f4e9407663613b887d54c1c4388083fbcf2633e546590ec5b8495ef4290ad1bef0b37bead06d09","ssdeep":"1536:ic4Bys1/N5gpvcZFr378CgGJWH1EaTmj2wa/a:gmvcLkGJWH1ECmaI","tlshash":"d173d9883f96b0a403a2b4b3261fd50ee13a4d52658cf4d8db1794d8ed6cf1bfa39914","first_seen":"2025-10-08T09:45:31.160347Z","last_seen":"2025-10-11T07:10:57.019542Z","times_seen":11,"resource_available":true,"data":null}},"time_used":612,"timings":{"blocked":90,"dns":53,"connect":93,"send":0,"wait":95,"receive":92,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/notifications/ios/new/2/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/notifications/ios/new/2/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:09 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:44 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa8500-13361\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xaPHuSUKjkyUIhE9QFZGD8h0l8d5xLrJSzWzEsJgC0Z8cycP2C9e0RQ%2BgsNu4KnQmo5oY4VDZggqWAAuRMxr0vNEU1K0FVn%2B3kIHJH4umv8%3D\"}]}\r\ncf-ray: 98b4f1abae60c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78689,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3d4123dbfb33d27a5cfdfcfa91df6783","sha1":"e7d0eeeec54b848f0bc3da8685fa3bc88429d660","sha256":"cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887","sha512":"75c8a48dc207595e201b50b87ff68782112a21aded9f15f14185c07d40f0151d6afe74a2b278aa575caf12ac422e8166316296ed7b6573ea24e667cca4af51dd","ssdeep":"384:jvuAuF81dghu3ublZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uLu7uNKwZiMUL6Vpaj7F","tlshash":"22731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-01-20T06:37:31Z","last_seen":"2026-06-10T22:35:45.528014Z","times_seen":11907,"resource_available":false,"data":null}},"time_used":646,"timings":{"blocked":75,"dns":28,"connect":1,"send":0,"wait":484,"receive":0,"ssl":50},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"msdoj.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8","fqdn":"msdoj.com","domain":"msdoj.com","tld":"com"},"ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"msdoj.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 00:32:12 GMT","end":"Fri, 28 Nov 2025 00:32:11 GMT"},"fingerprint":{"sha1":"A8:56:C4:4B:26:AD:D5:72:31:67:E8:75:28:D7:6C:F5:D6:A1:E2:B5","sha256":"65:DA:95:54:55:5B:C8:18:65:43:99:33:52:5B:EF:99:EF:5E:0F:AC:FB:6E:F7:6A:27:0B:3B:6A:69:3C:78:C7"}}},"request":{"raw":"GET /sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8 HTTP/1.1\r\nHost: msdoj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://streamdreams.dirproxy.dev/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 08 Oct 2025 10:27:05 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 64136\r\nConnection: keep-alive\r\nCache-Control: no-store, max-age=0\r\nAccept-Ch: Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64136,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (64136), with no line terminators","md5":"30a0b788015a461388ee933269a01023","sha1":"9f85954413fd92f68b06441c7b6146d74da3ce29","sha256":"c006492ec1d2657810938a3fb78531c142cf1ab3fd925dffe4518a2f3d4952b2","sha512":"18819d657a33ed742429df499abdb513ae4a945e1e14df6196c650ce8ab119cce0c4470fa560fede0a52befaf83edf66d79b6093b1bf082a76a460291bc7d4f4","ssdeep":"768:hCflSCRC850RCX+4D+R8WyX+86wA6C8CflJu4sTJ+zaXeXgtA9zk4sTJ+HXJpZ6G:qvV50gPowAzJfTqGF","tlshash":"6b53d698b5d2f1a102c370b8543f6106b2366929248dc098f7b5ded5ad78d6ea633f3c","first_seen":"2025-10-08T10:27:40.418722Z","last_seen":"2025-10-08T10:28:20.541066Z","times_seen":2,"resource_available":true,"data":null}},"time_used":375,"timings":{"blocked":133,"dns":37,"connect":31,"send":0,"wait":69,"receive":37,"ssl":66},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.friendlyduck.com/pan/scripts/52xzaxvzhiy?a_aid=11279\u0026a_bid=6ab647e8","fqdn":"www.friendlyduck.com","domain":"friendlyduck.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.988Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"friendlyduck.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 Aug 2025 20:30:29 GMT","end":"Sun, 16 Nov 2025 21:29:02 GMT"},"fingerprint":{"sha1":"75:45:68:40:CF:30:20:CD:8B:A4:18:0C:C0:24:46:9E:CF:BF:21:B2","sha256":"C6:2F:A1:18:EC:4D:72:4E:24:EF:89:13:81:C5:91:36:AB:D6:B0:9D:5C:03:45:16:63:F0:95:92:09:DB:D7:78"}}},"request":{"raw":"GET /pan/scripts/52xzaxvzhiy?a_aid=11279\u0026a_bid=6ab647e8 HTTP/1.1\r\nHost: www.friendlyduck.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Wed, 08 Oct 2025 10:27:06 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-powered-by: PHP/8.4.3\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ByclUxMoQY5vVeaBFLyE75pC4p5wNG%2FeGWKdYHz1WwpitG7zCDVt6FI24IvD8mwFLsoF0AXJNzMOfKX5ghlCWHt93aO%2FkYHv1HBMovPsqy8o3A%3D%3D\"}]}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 98b4f19a5d0c56bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"PHP:8.4.3","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/impr.gif?sid=H4sIAAAAAAAC_1RSQWgkRRStTnJTEHXxJsxhDwpm0j3dmcy4Qti4G4nGJGQjQTxVV1VPynR3tVXd05PZSzCge3M8CN7svEk2qEH0KgjLxIMSFGxBzGFzEbx4EYQFL0ZmMhD2Hf5_xavD--__D_azc-Iio2drb6quDEM6M1u1Ky9sypir3FRWNiqOXbVvVDZlXPduVDrDotsvO65XtV-svCbYtpqp2Y5tO7ZTWZRaBKozM1Ihk-OmU23aVa9WdWY9dPTjb5NZMNQCb5-TZyB5-dQfwTuQbIA4-vqWMNupSl66HWUhTZVGmx-9FW_HKo8RXdFAWwjio_FvKFMS8ukEVHw0ngCqfTCcAL4sycRzD-HHR2Ob8NuHl079ECKGz59A3h5AhANIOgBTe5D8FwIwjpVVxNH9FaVzunOp0qFakqlH_0DmJZl6eA1x9NVCKDuVOyrMUqlig05QQHYGkK0BkuwEaXcCMj8BS9-H5D-TmUfLiKODVRMqSH52nQm35trCnW5ybk971HWnG3XGpp1Z4Qdus8EatblRRDIYgJpJZMZCJi1kgYUssRDxs4pnNzzmULceNDmbsz3qeVz4drNRs23aZHPI2NB7D2nSAwt7YHoXid7FtuxBZw9gtgoYbsGkBG1eIBcEuSHIKUEuCfKUIG8Xhzw0NVPc56HJfGfca-PuFn2VtvbpoUpbIiagugfNiwOZvGf2wNLJfjcwvK-Ghfpp0ac-L_aTc_L0MFbr7f8MtsVZhdpuzfe467IGFbTeoF7Q9BtezZ2tO54fBDCygDQToMZCV5ZkrvwRiSwJ-eh3-PQEJjwBk5Og2fOgeQG6VaAbH3OpE606O1WmInBVIEmnkO5Y--E5eba_vrHwYLTdm_9-AsFO538LRgDTBRJd4F35PUErvNdfVzk5WFe5Id-sJqmMZJcON38npamY_OINsZMrzZdumd7nN9lQGNLjDWHSZRpzGbcM-XJBci70otJMkO-WzKbw1zKztZDpOEuW115dXIoSLYyRKh6AypJYd38CkyV58vXbo6u-vvQhWLILk1z5NIrATyyEsiTutR8QitP5z_7-9q-LiwtQv4ARp2QM-Fd839xDS1ug6R7iqEBbF2iHBWjYg8km-2miT-d_dUeAH1p9P9TWgR_q8OPLrIw8qwSuqDHbbszVHbcRCMf1OAtmG16T16ntugKpKbf-fOXu_wEAAP__Ew35BXwEAAA=","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:09.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 21:51:40 GMT","end":"Thu, 01 Jan 2026 21:51:39 GMT"},"fingerprint":{"sha1":"AC:0E:0A:1C:AA:E5:DB:3D:5E:08:F6:26:F1:1D:98:65:42:D8:4F:97","sha256":"24:D8:C8:0C:EB:CB:B6:51:7E:D6:F0:16:2A:4D:4C:93:AF:30:D4:E9:B0:FF:9D:5C:C7:9E:8F:A5:CE:E2:1A:E1"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSQWgkRRStTnJTEHXxJsxhDwpm0j3dmcy4Qti4G4nGJGQjQTxVV1VPynR3tVXd05PZSzCge3M8CN7svEk2qEH0KgjLxIMSFGxBzGFzEbx4EYQFL0ZmMhD2Hf5_xavD--__D_azc-Iio2drb6quDEM6M1u1Ky9sypir3FRWNiqOXbVvVDZlXPduVDrDotsvO65XtV-svCbYtpqp2Y5tO7ZTWZRaBKozM1Ihk-OmU23aVa9WdWY9dPTjb5NZMNQCb5-TZyB5-dQfwTuQbIA4-vqWMNupSl66HWUhTZVGmx-9FW_HKo8RXdFAWwjio_FvKFMS8ukEVHw0ngCqfTCcAL4sycRzD-HHR2Ob8NuHl079ECKGz59A3h5AhANIOgBTe5D8FwIwjpVVxNH9FaVzunOp0qFakqlH_0DmJZl6eA1x9NVCKDuVOyrMUqlig05QQHYGkK0BkuwEaXcCMj8BS9-H5D-TmUfLiKODVRMqSH52nQm35trCnW5ybk971HWnG3XGpp1Z4Qdus8EatblRRDIYgJpJZMZCJi1kgYUssRDxs4pnNzzmULceNDmbsz3qeVz4drNRs23aZHPI2NB7D2nSAwt7YHoXid7FtuxBZw9gtgoYbsGkBG1eIBcEuSHIKUEuCfKUIG8Xhzw0NVPc56HJfGfca-PuFn2VtvbpoUpbIiagugfNiwOZvGf2wNLJfjcwvK-Ghfpp0ac-L_aTc_L0MFbr7f8MtsVZhdpuzfe467IGFbTeoF7Q9BtezZ2tO54fBDCygDQToMZCV5ZkrvwRiSwJ-eh3-PQEJjwBk5Og2fOgeQG6VaAbH3OpE606O1WmInBVIEmnkO5Y--E5eba_vrHwYLTdm_9-AsFO538LRgDTBRJd4F35PUErvNdfVzk5WFe5Id-sJqmMZJcON38npamY_OINsZMrzZdumd7nN9lQGNLjDWHSZRpzGbcM-XJBci70otJMkO-WzKbw1zKztZDpOEuW115dXIoSLYyRKh6AypJYd38CkyV58vXbo6u-vvQhWLILk1z5NIrATyyEsiTutR8QitP5z_7-9q-LiwtQv4ARp2QM-Fd839xDS1ug6R7iqEBbF2iHBWjYg8km-2miT-d_dUeAH1p9P9TWgR_q8OPLrIw8qwSuqDHbbszVHbcRCMf1OAtmG16T16ntugKpKbf-fOXu_wEAAP__Ew35BXwEAAA= HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nCookie: uid_id2=ce3230e3-9dd0-4a33-86cc-15ebf398c827:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl15816950=1; sleca286902791a7f4c98bcb1e812322cd78=[6220621]; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[4323733]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 08 Oct 2025 10:27:09 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nSet-Cookie: iprc_l+4d43b112c1945f944008c7a91253ce04=4323733; expires=Thu, 09 Oct 2025 10:27:09 GMT; path=/; secure; SameSite=None\niprc_l:4323733=1; expires=Thu, 09 Oct 2025 10:27:09 GMT; path=/; secure; SameSite=None\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9b9fa951733bd599cf50d7c6a1b28fbe\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/buddypress/bp-core/js/widget-members.min.js?ver=4.3.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/buddypress/bp-core/js/widget-members.min.js?ver=4.3.0 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BzytlT46ZjIMdKi8i0%2Fxzpks6%2FV2a3jXDfdkL%2FnzQJa7SLgnRU9ixxHNKmCQaYEkCxCbGZ4%2BRiwSNqVfwHq5tJIbBTQ20RikqD7O%2Boc%2BphA4HrYbF%2FOcU0E%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f192bac01a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1214,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1214), with no line terminators","md5":"50485c32a5ecbf9efeed5bf12981d9ee","sha1":"c9a64a424d2dd002b21764ff054c5ae50ba80619","sha256":"535df7aecbed2bae12e73a5588988e0a33cb30f7ffce1535fcdf055700e67f26","sha512":"d5de047b8137ce45b34497c0aa1cac13e8d6ea2627a92b8ea3592a2cba237447e39f6484df0f3e8afc70eccfec78f0e92a777a8c7c72785650b46df59d3911b6","ssdeep":"","tlshash":"f62128183904a9ec2ab354e2bd3a7e33306a479ef1518d88d5313c5726ac6dc21b7617","first_seen":"2023-03-07T12:11:17Z","last_seen":"2026-06-08T22:29:26.575043Z","times_seen":242,"resource_available":true,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":196,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.255Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ywV87gCOUfqsH1L7lhLo%2B60cQaG4Kbiu%2FynjOicSk3g108Vv88CwMROUkWa0AEBC1YGbqlvBnHPKcCVFS%2F136%2BEu0XaVkKxJsf%2FbLWEVmeA1%2FGRQzyXimC4%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1945c0c1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4000,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3775)","md5":"9ce4e157448487d4efe0ca538f656a71","sha1":"45d22de723a97ca19cddd4fb792e339b5fab5c50","sha256":"936567bc744e199e02bfc3c33fe2bc9c862999e0d479e2a694aa7485460a3960","sha512":"a28ea8c489ee99b0127217429933b84a07cd0b53e4a566754d7bb3e6c762bf7909052cee4de5ef3fcd1f8263ca88c2821a7590cd7cb3a1bdb54599c79c6ab5ae","ssdeep":"","tlshash":"c18163ecf1837420c3eb3b75507f594bb2bba896194d0468b09884d46db2e19907bf7d","first_seen":"2023-03-07T01:31:36Z","last_seen":"2026-06-10T06:55:40.654639Z","times_seen":1847,"resource_available":true,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-includes/css/dashicons.min.css?ver=5.2.2","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-includes/css/dashicons.min.css?ver=5.2.2 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zw%2Bbz6CcVZE6vEymJuECg9nSqD1M2cXJUuNd8j%2BjZXYg2WYff1Xm0LpH7iSxar3ZIgKFFTpSzihYIpy%2BurxMgYLtzET8vD%2Fau0B1Khosd2qbYx1%2BfXaqHaA%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1928aa01a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47558,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (47523)","md5":"c8956481e00463f838b45364f45756df","sha1":"256d7293ac07bb9b43a9757ba11057cad148818c","sha256":"18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a","sha512":"a5ca2f34206accb5f22ec0b4c4a7e050bd572f70a29f5f395c2c7890fd0841b3b2d21538aceefd7e66a039609cb88878fe4ae4f399b94eea456fc3f27ce55580","ssdeep":"768:iaj/12BlXSHjlgdrctD7zjVIbL0ZSoIJLnletc/oYW/vxKOO0KYdf2vyfgn3c30V:iKyliHjlYWDjCIzIBDQvxWYdf2aonK0V","tlshash":"4e23c2b4e68c08c633f1c853bf21b2aa1586b929b8118ddff41b501d1af363906dcb79","first_seen":"2023-04-07T02:57:01Z","last_seen":"2026-06-10T01:39:52.339228Z","times_seen":551,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/wp-user-avatar-pro/assets/js/wpua-imgloader.js?ver=5.0.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/wp-user-avatar-pro/assets/js/wpua-imgloader.js?ver=5.0.0 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aJoCQCqeWDHHAxipeqPQ9iPM%2FjaE0uur87qVuCnkNLNiF7B8wdhmKspp0ks5Cwd%2BGZeyttfWtOKlEO20VMxKOvHbFFp%2Fq0cARKPVLCROVYEz%2F1k7nf558g8%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f192eafb1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19325,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1382)","md5":"f9b0317909ad7f19a025cc81e43b80e3","sha1":"0710df2c1bf38fa20456be0d2e3489c316c58414","sha256":"1ae69442281fb1657a41ffd74b56db6d17fdceacf913c775b0f8c67d80389461","sha512":"728ea146b095583903445bd4ff27a235380ba8d2d24a035a9c6933a15e79f353dac1f4091de829e9c76a836d9775529471305b19b130d32f55725b2362799e29","ssdeep":"384:Ib1mrFrSLAjLdz3djLOOtD11IoUFUCIidFVVS9c7T:y1mbwDT","tlshash":"1d92d71cf7a578bf0172d26b614fde0c14a1c8978750e524e9218a9f88f9d0da237db7","first_seen":"2025-10-07T13:13:55.001772Z","last_seen":"2026-03-29T08:51:51.203801Z","times_seen":11,"resource_available":true,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/1/c/baby-girl-593724-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/1/c/baby-girl-593724-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QuPmoppe8nkVG3FtdXopLIDKDREeZJw0oGKmlAwz49reyNCPhjzEVZY%2BpEu%2BeBPpRgAoh8UkErEy0kldSjpNBPstyeDgezR9ZYVIouVcuHJPt%2Bw%2BwUeFgU4%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1932b3b1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11871,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x221, components 3","md5":"0d0af112e546237090034d76fdbd45e6","sha1":"e21cf8a8e5be87455ae621c2edf3a89b7e66dfff","sha256":"5878393cee9970a5140fcbca702806a64e8a8e2901c039278eb5eec787f55d39","sha512":"f68fc5184d48d86beedf5f41e7a4b652e0a602d12fff0fe8f1003ecf562321ae7ccc6ea6fcf19dba243390a86eb6d23e886e20ee8e68287f612857d2e14298c7","ssdeep":"192:M+OEXjeuuG87182uHc7XTIViQrf9nvMffESGuQqFJZg79OG/Fg7XALMUBX:7rfN8hrGwT+XnvM33tHZW9O1XWHV","tlshash":"e732d01cf940f06cf92bad7a213da651ba446d5a640faa1f1a3ae03c1f3a4c1dc5a974","first_seen":"2025-10-07T13:13:54.813826Z","last_seen":"2026-03-29T08:51:51.189219Z","times_seen":8,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":191,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/7/6/outlaws-dont-get-funerals-593440-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.999Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/7/6/outlaws-dont-get-funerals-593440-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KE5Ph859h0mnBnasNlews4t3hksTnz%2BSdfAMrq1as5Ju1mUhF2A8FmLDB54PRzoA%2FYJpPLZLp6Gf06oOWz1Rl1bMFVydt4uGbcjXwT%2B%2Bs4NIeT1btfNGYYQ%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1937b691a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6414,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"98ccee76ee7c53e3b294581c686a1cf0","sha1":"8620efbcaebdcb8f3e0db177c1d8197797affdc0","sha256":"effbb7776dbb6aea0f5fea567df586e71bbb4802f91fcaf3b77db2afaf19bcca","sha512":"ad8ae24ea6a801610149fba13b6c6c0d8aacdbd5e1c033aa65ae58b46b85b60fc54d8f5337c51fa1a5807130fa84a2eec46af22c6b36620f8128b85b12afb723","ssdeep":"192:Mn62dAm3gdAqPXm/uaTZT7EoKNkjX6IJYcSqqnh:+62mkofmXTZTINkjX66iH","tlshash":"efd18e66de429dc1feb80de90e72d539c05c54d8c7cac7f1b038e9266a240f78695c1a","first_seen":"2025-10-07T13:13:54.683239Z","last_seen":"2026-03-29T08:51:51.234852Z","times_seen":8,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/bbpress/templates/default/js/editor.js?ver=2.5.14-6684","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.244Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/bbpress/templates/default/js/editor.js?ver=2.5.14-6684 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4Lzt6QgAxEF8%2Be0xKSugsFJPVHdDqrTIMMXemxRI52qHZbOokr%2BEpTh2yIZMdHRyakbH0xW3JRuAKC5Zc2YcpnL1wqlef%2BW0FXKnRj5OhknvOHW24HofzZQ%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1945c081a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1399,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"5b6ff29762cbc4e0fa17706e829d3b56","sha1":"5df46656ec675b27628e47f7ddc5717f50adb083","sha256":"d87177c71bcb4761c9f98d781832d583ba9e2ee7bd0d0cda2ad48e79e21418fb","sha512":"31f0ef0b7bad0d3d0294c3327fd78d2b22134b192e79956df4ad5d7c4d0e35f8b79dd9aee6f89a47d96a9ae1c04edda5e0cdd3fa413716e2d4858ed9a4da7367","ssdeep":"","tlshash":"5e21c2f1ef5d40d17172705c99a5d698260ec8b2b50156df7cc24a34d2d107ac3a9f25","first_seen":"2023-03-07T12:11:54Z","last_seen":"2026-06-07T12:44:51.495696Z","times_seen":287,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/22/00/54/2200540f09f939738419313a1a090c32.js","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"directlycascade.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Sep 2025 11:12:27 GMT","end":"Tue, 09 Dec 2025 11:12:26 GMT"},"fingerprint":{"sha1":"76:17:4A:20:73:64:94:52:3B:6A:50:E2:7C:F7:F5:73:52:38:47:A4","sha256":"66:CD:95:7F:5E:D7:56:27:7A:6F:3B:80:CB:84:DC:89:A0:F0:BB:44:49:55:B4:81:76:24:2E:38:E3:FC:78:29"}}},"request":{"raw":"GET /22/00/54/2200540f09f939738419313a1a090c32.js HTTP/1.1\r\nHost: directlycascade.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 08 Oct 2025 10:27:05 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 35551\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nSet-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_BS-1183=1; expires=Wed, 08 Oct 2025 10:27:05 GMT; secure; SameSite=None\r\nHost: directlycascade.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7ca57be08e6f3a19ca2c9c8c9456d7c5\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":98411,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"baf5c9c89f70bd4e8820c77be2db95b7","sha1":"5cbcdb6ee7a98619b984544f27a8a1f572cf2208","sha256":"8ec7cd4734f2eb03bed7a64db018511e2946fe9625af84dd533448210bf4e76b","sha512":"65b8c19561fcdb520a25a2c5e5ad6de2faf23d57294b9b252d1e09ed85579493b262188d09eafd8fa150416ba806e33ee4cd51813e32551c7e8bdacd1b9bb1dd","ssdeep":"1536:YD5oAnYHPQztET0oO9imwpmx+FxeCUz4uy5aP6GJtSvMjHISMho9gGg39gysYc48:o6ZoiW9fkUT5AMsSYo9YTJcSYK0","tlshash":"b0a3ea88bfb1f05e23625477123f900be69e0e41649cda7ce513f8a52f9871bd07d9a8","first_seen":"2025-10-03T09:47:43.653715Z","last_seen":"2025-10-10T00:59:32.936764Z","times_seen":25,"resource_available":true,"data":null}},"time_used":755,"timings":{"blocked":178,"dns":1,"connect":188,"send":0,"wait":103,"receive":93,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/assets/js/rating2.js?ver=1","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/themes/wp-movies-theme-1.0.23/assets/js/rating2.js?ver=1 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nCookie: PHPSESSID=ffki957an88r45irtce9n3sotl\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:06 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5Dc8Mk5iK9wG52tGAXmyRwSH7JXav5%2F5uVodFcD81%2FgCKQRf7xmfU%2Bptj7W8JrhvSF09ZvTd8KUVeBVB8VBaMHkOU%2Fpbz1SxA%2FwnqtvIIoXRvDnUkpHHaYA%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f19c7da81a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5062,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5062), with no line terminators","md5":"bf5d6fcddb2885c853ae758239195ce8","sha1":"9a5eb9fa5564ab8e0e277966d1ea259da393a73e","sha256":"ba66c2f5805848fa2eea4790af8dcc9ad3fbd424d50532a572be576ce9685861","sha512":"d930f6354516359b985bff4512779b54ff3f2124a9cab8c16e8a3c9799c7c1dd5e5129c9032f3205b17f8576e40779766e0b15c86e01e98c616c29e022d359fa","ssdeep":"96:e+wJ+s33dSKlTiL+SP54SwpykRr5/sWs1WEzdxfBsaxm6:C78KRSHwpywBZs1WExDHxR","tlshash":"9ba1328df199636c566321f11a5a550f5132a1b42047909cb07ecee9bebdc4c27abf3c","first_seen":"2025-10-07T13:13:55.005426Z","last_seen":"2026-03-29T08:51:51.222269Z","times_seen":11,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:07.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 28 Aug 2025 13:14:02 GMT","end":"Wed, 26 Nov 2025 14:13:48 GMT"},"fingerprint":{"sha1":"7A:B2:21:7F:72:E3:39:3E:95:5D:FB:ED:BB:1C:7E:88:C4:7A:B1:B3","sha256":"FB:1D:6D:AF:DA:57:8D:9A:8B:B2:CC:FF:A2:55:C8:F3:71:3D:49:77:06:FC:4D:6F:16:91:61:6F:89:1C:A3:CB"}}},"request":{"raw":"GET /gid.js HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:07 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://streamdreams.dirproxy.dev\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=08025ca037c64efbf1eeff7c33193628; expires=Thu, 08 Oct 2026 10:27:07 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 98b4f1a40f325687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"626136e88a910debec3edf4ae3d8b884","sha1":"46fd5053a436578c12cb25288f203d4b6a259829","sha256":"81dfd69bb8777390d2890210f0a0492bb2456573dd701e7d4dc2f2600226ba99","sha512":"7691ab0bac95dabc32d037577f38a205f6eab6c55fcc15f9f4ae228334c6abd3c989a740335253a733f441343a6356cf15bfbc9d7eaf1bf318500e3581212124","ssdeep":"","tlshash":"81a022f0800800c080c2c0200c8a8b8b0000000000022280c0c28802028b00cf08c280","first_seen":"2025-10-08T10:27:40.428415Z","last_seen":"2025-10-08T10:27:40.428415Z","times_seen":1,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":113,"dns":1,"connect":1,"send":0,"wait":47,"receive":0,"ssl":114},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-includes/js/jcrop/jquery.Jcrop.min.js?ver=0.9.12","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-includes/js/jcrop/jquery.Jcrop.min.js?ver=0.9.12 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=het04PLwbe68%2BcUteeIO05pG%2FYgw6GwNmgTkYBJO1FWjP83yx%2Fw%2Bo3foY3jn5tFB8jIyEXSFaxBLCzQRarXUOHDLPzNj6NTgIF0gVW9AKB4uaiA0CrK1uA8%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f192eaf21a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15893,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1039)","md5":"2f61ab984c177275c71e34ff1a17c102","sha1":"d75073bdc3f0ca640412f08d1ac59fdce33beb24","sha256":"1b5d8e503805edc311c26145312e1b0317052ecf89e8c353c9d239e795da956e","sha512":"94b54e2480e632124367d5a463f9c5f78cd1b94e06f7f5e883874f7ced0f8b671ccb2ed47c2d32aa84661d53193fe9c448d5347408ff1258354c35fef2d3ce30","ssdeep":"384:fD7jHOVL9nuj7OzaFZBFmuFMUIGZnobQJx2eQMhKVSR56yQa:fLHOh92izSbvFMOZyO2eQMhKVSlx","tlshash":"1462f9dc3591b41aa237a2f760af140f523689a0ba8f4560a054e7d87c788bc933be4d","first_seen":"2023-03-13T16:51:30Z","last_seen":"2026-06-04T15:29:21.719238Z","times_seen":20,"resource_available":true,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":192,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/wp-user-avatar-pro/assets/js/webcam.js?ver=5.0.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/wp-user-avatar-pro/assets/js/webcam.js?ver=5.0.0 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ewqsvYtQ1cWH%2BPO%2FSH4A8y29U7h8XittPfv8mC3o%2B1ovgEI39WSWu9HmTyLmebZiis%2F3DswO65JLZFPYgNjm3XPrtOF168C%2BbPEhD8BaUNPCzafF801eO7A%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f192eafa1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22754,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3431)","md5":"f239dc7a66275a632077d62bfb6a7baf","sha1":"217f7cac5e5b4c1140c73445f04620f30a003a14","sha256":"a622c545a356283fbb55ff8255488aaccf02f0b98f9b8df7ae3d68381a457a55","sha512":"d2875155101235fdea02c5792b44959aa6a1ec3aa3de40d156477b9f761703b48d26bd219713aff22a184556de898c99d3fa8b103e146f2f914be1a81ebea25f","ssdeep":"384:dVoIOFaz7ms10jQFkEST6lpM6L5U8KbSrcQ2dJTtC1W1twXTSkT7giTcEcbOFg1z:dVzH2sAQFkEST6lD1mtwpciFg1Z24uHs","tlshash":"6ca2e8bf97a2905b00d101572b8a5240627ed00f3b86daadba30ddda18fcc57b576f74","first_seen":"2025-10-07T13:13:54.782591Z","last_seen":"2026-03-29T08:51:51.092871Z","times_seen":11,"resource_available":true,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":199,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i.ibb.co/pyC2VvJ/alert-xxl.png","fqdn":"i.ibb.co","domain":"ibb.co","tld":"co"},"ip":{"addr":"45.43.142.6","port":443,"asn":215751,"as":"Mikhail Fedorov","country":"Israel","country_code":"IL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.937Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ibb.co","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 Aug 2025 07:17:47 GMT","end":"Sun, 16 Nov 2025 07:17:46 GMT"},"fingerprint":{"sha1":"30:62:E2:16:F0:8D:8F:C4:30:EF:67:44:60:2F:45:29:D1:5B:AF:94","sha256":"EE:AB:93:C9:6B:44:94:94:F6:EE:CA:98:DE:CE:BF:A6:25:9F:C8:76:A5:43:59:77:38:DD:D2:23:F7:9C:B1:70"}}},"request":{"raw":"GET /pyC2VvJ/alert-xxl.png HTTP/1.1\r\nHost: i.ibb.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 5554\r\nlast-modified: Mon, 07 Aug 2023 04:09:39 GMT\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, OPTIONS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5554,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced","md5":"8d0eed07b450044fdca282d1daf8a58c","sha1":"794e1284cdf81fd60154955c1805282ae21240cd","sha256":"baac89456a2d4dfdcdc14244fbe50a04ade7a401c82de605938a92e16f35c1af","sha512":"d1aab3205c8b00f207ea21f0996cbcfae1c9816fb73e749a4a85daf6eed19d5e40f90240c212bbe2ec17346b6e56132e467cb33c22aaf884efa910c482c304f3","ssdeep":"96:Pj88irwxhMv5KVO4+lcN+egT9cxF2gvPMdj80d7PJjOjSscgZ:PoWeGulq+eaSvUdXPFkc0","tlshash":"84b19e259de1cfcc6f774669d28af3f450520d90439276c83fdd8e710852288bc42724","first_seen":"2023-08-08T02:54:42Z","last_seen":"2026-05-08T23:58:18.071258Z","times_seen":3408,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":26,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 08 Oct 2025 10:27:06 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 79db3da0cac8ecb1d7069970179bd2ff\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":138,"timings":{"blocked":30,"dns":1,"connect":18,"send":0,"wait":22,"receive":19,"ssl":45},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/notifications/ios/new/2/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:08.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/notifications/ios/new/2/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:09 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:44 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa8500-13361\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RteSUHg%2BRZqDCWfC7F4KxuYxCkvMh2nxziLIC5TR7Fyjad46Td6tXkZmx2TJhh5%2Bpnxku97z715BGasy936Wvj5arlust1i1A7s5qRegHn4%3D\"}]}\r\ncf-ray: 98b4f1ab8df9c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78689,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3d4123dbfb33d27a5cfdfcfa91df6783","sha1":"e7d0eeeec54b848f0bc3da8685fa3bc88429d660","sha256":"cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887","sha512":"75c8a48dc207595e201b50b87ff68782112a21aded9f15f14185c07d40f0151d6afe74a2b278aa575caf12ac422e8166316296ed7b6573ea24e667cca4af51dd","ssdeep":"384:jvuAuF81dghu3ublZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uLu7uNKwZiMUL6Vpaj7F","tlshash":"22731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-01-20T06:37:31Z","last_seen":"2026-06-10T22:35:45.528014Z","times_seen":11907,"resource_available":false,"data":null}},"time_used":529,"timings":{"blocked":27,"dns":0,"connect":0,"send":0,"wait":502,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/buddypress-notifications-widget/notification.js?ver=5.2.2","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/buddypress-notifications-widget/notification.js?ver=5.2.2 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fjr6lXj5HTdue6cmV2OPnFQs3klNC2W9AaKZOjwombFPygmBVRXmVtSSX7i5A4nOxTuxLyqFEQb32N0v2B7AE66T28JTeZqmGnhxQ78wNOZCE9Ys9K7PluE%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f192babe1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":968,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (683)","md5":"4bb7c6c6145f0a931c1fb33f03a3ae37","sha1":"00cce813dc78ae4fb7109220a6cb9e640de8f8b5","sha256":"64a5c7e15d334cefaf02f751bd697e035697d5f83ec4f185bd7bb5d491e886a7","sha512":"b9f038b7c17194513f0e5774c3198c45132b82a804529b88aa89edcc681195da90fa2aae42f512e3372e168d8fea7b039706996c9c906a8d739ccb2616ff96f2","ssdeep":"","tlshash":"0e119eee7286ae49baf7097f482f41827233996d5d478c049aa7b0445b58349a3b3432","first_seen":"2025-10-07T13:13:54.841001Z","last_seen":"2026-03-29T08:51:51.195384Z","times_seen":11,"resource_available":true,"data":null}},"time_used":197,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":197,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/1/0/chopsticks-593377-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/1/0/chopsticks-593377-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PUB2hAbN0JzbzNbPQRVQhjG3LdY0ZbilvYEOWcA%2B1v9DJU4dNwMJUwXYIrE%2FebQfmTOYGysewQx8hDsOAfEV1qjfxmeg2SwwofCb%2Bg7AeM5wHMeevI1XDwU%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f193aba11a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10130,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x221, components 3","md5":"cbb57ff8c4ec78cd760f74b79e08ea8e","sha1":"cebe1fb44b0676e294c9b3c05bd104e27f796345","sha256":"5067e36eda15d1c1768d15b14281fa48a62bce1c97faaa39f2d51d9a615000cd","sha512":"ffa387a6852524cf404632340e11c4bcdaf9cc1560b406a83b1c25e8bec0e60e746c094fe2e114e8ea80b611dc0c26daae581137969ce7491834daf23a8bcab2","ssdeep":"192:MmsvnvhXSSYGAjb83xlF7a5WbEbjaZ9JpY8k3IzBpfJUunvLA88F:NsvvhXSSqqJWWbEbM9JpYN4RdnvF8F","tlshash":"0522bf91b6f2e84082386e7b6421d44d424591f866984d8acff4d7001bd3efa16b1ffd","first_seen":"2025-10-07T13:13:54.942973Z","last_seen":"2026-03-29T08:51:51.147508Z","times_seen":8,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":83,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2018/05/avatar1525472698.png","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.127Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2018/05/avatar1525472698.png HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/png\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2kDGNZN4xaqD%2BAklJLS8nXRSc9B09HmFqFlPQ5wvrsEYomiLygiHA%2FOrDHii%2FgxYkxh4C6CBzMQwwKm3U6Go4fRXcDUO1prWL4lcA2VSauM8HjR3nmgWCH0%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f193dbdb1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9877,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 223 x 226, 8-bit colormap, non-interlaced","md5":"69faacddff60be1f89444f84cd7f6d45","sha1":"b3867e2aff551d17757c639d7338b36a9b461b8d","sha256":"df42738f56e13074434532b858e88903c8069152a3a6121a59078c9401bf21cf","sha512":"7e0c7f499ba5d15fd1b995d852f10062f0075262c6588f0a559b6f495b7474e43198d64dad14d789ab8c7d97558ca1db9f65e44663dba36aad92457da9e62ea5","ssdeep":"192:EWAnYrfcH9CVHYnaLuz8DA0jKjt77SHzkOI2cnzfoY64L1:EWWIYaL04AFqsRnzotm","tlshash":"b712bf4ab1c4492ea14e4ecd3b60eb9fe5d995becd49892984c1e810280f0fdf193cec","first_seen":"2025-10-07T13:13:55.013216Z","last_seen":"2026-03-29T08:51:51.182269Z","times_seen":9,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 08 Oct 2025 10:27:06 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3430\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: cd356b13704bee55b52a128ddbd646e8\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6293,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6293), with no line terminators","md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"resource_available":true,"data":null}},"time_used":321,"timings":{"blocked":-1,"dns":6,"connect":92,"send":0,"wait":92,"receive":1,"ssl":197},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-includes/js/wp-embed.min.js?ver=5.2.2","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.275Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-includes/js/wp-embed.min.js?ver=5.2.2 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JeWG8MhgCX%2FimK3lBRtC1sHYJp9L3%2B7oz7CbZ843l%2FZKw3a5cMga8COK42v%2Bw6K76pfTZ6D0yB14A7k8uSo%2BYkIXFoSPvsSzeBDlNOMrgF9MD7zKe5caejA%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1946c0f1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1403,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1403), with no line terminators","md5":"2dce40d16f9ff6332d3cbb7ae488a2b9","sha1":"0a8eca5975f21a9f1bc079d111ca1657009dbe8f","sha256":"2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7","sha512":"8c5cafbc2ce3705735ff1131ab34c2aef7aa50bf25ba13f0a29c07713561b0e6522c93596c8047ec332e7fa98565a9de56cf040632149b255b58d0bbc43fba7b","ssdeep":"","tlshash":"7921441a3338143b10db11e3b99d74c7d6f207ee240121d28d78c880fa94fa39966fc5","first_seen":"2023-03-07T01:03:06Z","last_seen":"2026-06-10T10:13:53.949699Z","times_seen":3181,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/4/7/escape-plan-the-extractors-593355-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/4/7/escape-plan-the-extractors-593355-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:06 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oVgmsIN%2BnuXI1HM2ENjGNVxFyzAS8Oo2Nx9Q1kCzyL%2F1vbDB7qiGlCnZjFgjKanQOY7h1ILSP1hWb4qset%2BkSUTKQabfrU9H0mPKIt6IWWrdcOjF8pD9UHQ%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f19a3d661a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11703,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x221, components 3","md5":"2fdb2beb1f03f9e9dd0fb43c0e77ce69","sha1":"4ab5d91892175ae8034c2beef561daa70b181538","sha256":"f038de54eb70582f91e8d6ebb45c0a355c1ca3b25d63c4aec6136ba483b3062a","sha512":"d94bc7770ee04d9c173aacf477fe230480fd2b0b2411178dc7d9b0f516a27b93791bc30804aa1da4445a0a65baf0b62b1db5780e4cb384a5c373e4990d4c56b4","ssdeep":"192:MZuYmufD+pvJRGhmWiIqQms9Gzfc5ngb8ns2GcHdilxcTyC2VUC/T5DX:wuY9DovJRGJbqQmSGB0LtdwxqyCG/ZX","tlshash":"4232bfe393da82c4e6775fb2964517164920b402178b478d1fb3fde1cee18e31e6095b","first_seen":"2025-10-07T13:13:54.803795Z","last_seen":"2026-03-29T08:51:51.168206Z","times_seen":8,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":81,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 08 Oct 2025 10:27:06 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3430\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3fba0f12007efc88e5af17b151aa0019\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6293,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6293), with no line terminators","md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"resource_available":true,"data":null}},"time_used":675,"timings":{"blocked":289,"dns":2,"connect":95,"send":0,"wait":94,"receive":1,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/a/9/transmilitary-593578-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/a/9/transmilitary-593578-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O9VPHcSq%2BRNvvUbAGemKkKsKYDslDMQ9C5UL%2Bo%2Fs4Tfw%2Bzt59RClqVrZogVqod0rK%2BT6ql6QMrV0F278DnHJUCr8mP6IV0NW%2FQH%2Fsmn1PiFunqe%2FSzqNj14%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f1934b581a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11060,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x221, components 3","md5":"b14bc5bb922eb54d19a1e0fb0d796632","sha1":"23a56a7feda0bf930e1ee350812e6bb70d4fe8e6","sha256":"7149f9556fd6bb276483810991ffc752c57d1d9f4fcdd272dd178afdca1c9dbf","sha512":"a9adfa4b7bab676558d1b744a3f2c6527cc11971ad0289b1ce7aa20e66540bbd61fa59e3f4c28f09c8b7fc76562394e3855cd5f177640bd75a8dfc9b4c2383da","ssdeep":"192:MZ291N5JUsNuAtB0kFK2C4GLaysPTsrh4QMr8EdV/aoko7Ra/8C7O9O2tkktS:XfUKFIkw2xkk8EdYQNedJ2FS","tlshash":"5932bf8d9b53364ce0fce96758ba2192991b3d0c9da0adaa3275c50c53fc3d7d5c1095","first_seen":"2025-10-07T13:13:54.880976Z","last_seen":"2026-03-29T08:51:51.248304Z","times_seen":8,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/avatar1561312187.png","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/avatar1561312187.png HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/png\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4dhcrNtFHm12mw%2FFJZGjbzXjmlrzY%2BnQQFbRKwS4cFCja9FWASJlaER0PosvKFol7%2FepyZ1hbD205E91lxt%2BsFQAvL6KOaYFu6EWDDatLjYgh6GZ9lLuxyU%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f193ebf01a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15933,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGB, non-interlaced","md5":"ac27b566ba92ddf9dd1c202521c2f768","sha1":"6dec42cdf538ee62ee2097e410aa2f635da994d4","sha256":"55c8987b03d1090b32cd31bf2f51907c52266d00dd38025efb868ccf643156db","sha512":"a05997e710bb1385c23165fd0a16309b338e689a0c76159c0338cd892daa70f42c7035040ad96249f1764ccf6a76265b619ee8d0bcec20ae227de50f116e5ce4","ssdeep":"384:zmPa39RBvAbNjPnVT3FTU5pXBGV00lMRpSzfTOZq:+gtYo/JgWZq","tlshash":"f362d0c2f2896fb54846cc54bb61dc6a880d304162f2f75a73bac4664f5a7209fe4636","first_seen":"2025-10-07T13:13:54.847523Z","last_seen":"2026-03-29T08:51:51.198106Z","times_seen":9,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8","fqdn":"origunix.com","domain":"origunix.com","tld":"com"},"ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"origunix.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Sep 2025 00:54:40 GMT","end":"Mon, 15 Dec 2025 00:54:39 GMT"},"fingerprint":{"sha1":"EA:4D:52:7B:A7:DC:EC:8E:C0:40:42:81:FA:8B:F0:41:1A:8A:06:B9","sha256":"D2:C4:BB:C0:BC:07:5E:9C:EA:13:D3:33:59:AD:22:BA:79:E4:4D:F0:C5:B5:9E:48:3B:85:95:0C:1F:60:60:82"}}},"request":{"raw":"GET /sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8 HTTP/1.1\r\nHost: origunix.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Wed, 08 Oct 2025 10:27:05 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nCache-Control: no-store, max-age=0\r\nAccept-Ch: Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://msdoj.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64136,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":19,"connect":32,"send":0,"wait":34,"receive":0,"ssl":69},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"origunix.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.seaofads.com/Scripts/infinity.js.aspx?guid=4e69f855-2c35-4d4a-af81-8ad75434b320","fqdn":"cdn.seaofads.com","domain":"seaofads.com","tld":"com"},"ip":{"addr":"172.67.140.104","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"seaofads.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 14 Sep 2025 19:58:53 GMT","end":"Sat, 13 Dec 2025 20:16:50 GMT"},"fingerprint":{"sha1":"6E:C1:C9:21:0C:FF:FB:69:94:3B:24:E4:0C:6E:05:08:0A:83:89:CD","sha256":"52:AB:C6:F0:F1:64:9E:73:E2:F6:E5:BE:39:52:4F:F9:F5:27:6B:68:77:0E:F5:0E:C5:46:45:10:62:32:8F:0B"}}},"request":{"raw":"GET /Scripts/infinity.js.aspx?guid=4e69f855-2c35-4d4a-af81-8ad75434b320 HTTP/1.1\r\nHost: cdn.seaofads.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 10:27:06 GMT\r\ncontent-type: text/javascript\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\ncache-control: no-transform\r\ncontent-encoding: gzip\r\ncf-cache-status: EXPIRED\r\nlast-modified: Wed, 08 Oct 2025 10:27:06 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Qm97yfPxK1tB%2FUd52Dlz1AqcIRtm%2F4KE9av1raaonBhLBDIJU6dA7Wd7GmtJya%2BiQ0SsqGjVBZHx7Gn4C7wKragxDcWaNUvM5Rxekhf%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f19b6b360b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":155330,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (64102)","md5":"4ae1726c1db83b3c733709455f0eed0b","sha1":"82db97cfd3479b7076119b8f497e2f5e50fde3e6","sha256":"095b369142b2b13d50d061ec5b0b2974fb203fe6a01b9222ac74b9eb4e0d88f1","sha512":"a96d3ab467da1c59ca8318f1b0c46e514208b478b273664130d69686b09e2e0c0c1400d57030db6c2d8453e244d3f62b07324eaa8dfa566648d854bae15695d6","ssdeep":"1536:R3hEUjlRC3YxEtFKBr+2RHUiogsjwxe5F4PtHARCOKk44roi0JY3FokIAxxgZHMI:RhEUFEtBxrO8vWOiotq","tlshash":"34e309397142603501bda554613f334a7b3a2dfc570aa424bb2cccd86c7998e627bb7e","first_seen":"2025-10-08T10:27:40.440021Z","last_seen":"2025-10-08T10:27:40.440021Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1070,"timings":{"blocked":293,"dns":52,"connect":1,"send":0,"wait":488,"receive":0,"ssl":234},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVn6iArmlw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"F3:C7:68:20:2E:52:7F:61:4B:43:46:72:CB:A9:29:91:40:A0:5A:96","sha256":"1A:0B:E2:45:70:7A:DB:88:E8:4C:4E:DF:ED:F5:08:2F:2B:2A:CA:33:09:72:DC:80:8B:D2:7B:C6:48:3D:CA:D1"}}},"request":{"raw":"GET /s/roboto/v49/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVn6iArmlw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://streamdreams.dirproxy.dev\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 10576\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Oct 2025 12:59:04 GMT\r\nexpires: Fri, 02 Oct 2026 12:59:04 GMT\r\ncache-control: public, max-age=31536000\r\nage: 509282\r\nlast-modified: Mon, 08 Sep 2025 18:08:17 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10576,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 10576, version 1.0","md5":"67fbc9a89d34a66c10ce237de8543401","sha1":"9060b07f6600bd6cd8e4241843e8eec743e29264","sha256":"add79d702aef2d1f1cf4865df00911e05816d06bd271602cca2966951f4658c3","sha512":"2c1d1b6bb390a2b240c15aa11a9afd8cadc7cbd8d51db420df16ea110e13c3931b4156e36b61108048b9d368b795db2d5173a2cf48a43fa8f35455a9488df084","ssdeep":"192:cldROAUbBbpRSTbCP12p7TX4eIFKT4HMgJWLgf+k17zReBfKxXUg:clLupUTGdo3D+MgB+gFMCxXUg","tlshash":"5c22bf638500535eb96cd0bf054c895259ee0e7b1bd190ede2de9508c2e19ec921acdf","first_seen":"2025-01-09T13:04:45.291473Z","last_seen":"2026-06-10T11:10:41.468914Z","times_seen":4349,"resource_available":false,"data":null}},"time_used":388,"timings":{"blocked":184,"dns":3,"connect":21,"send":0,"wait":9,"receive":1,"ssl":163},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/bbpress/templates/default/css/bbpress.css?ver=2.5.14-6684","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.808Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/bbpress/templates/default/css/bbpress.css?ver=2.5.14-6684 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t15Sb6SV97mGd2pys6VjbPD8bYzfOJ%2Be4BSw8kJjlKbGrgJ1McSQiYv597MM%2FSrtHF%2FEUEHr%2Ba0YQdtYi8EuPhgaGQINratCYS%2FeHX63h6Jg2G5bYvSEIJc%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1927a981a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24388,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (24388), with no line terminators","md5":"a834782bd77e3563dd8f59d3bd505bdf","sha1":"88e31fdda2773de0996c7ad6517c5c44418101c9","sha256":"20c57bef2ad59fc86411a7ec5c2c9cf7018ed14dd2da36a42e23b013c3dc1492","sha512":"bb01df2bf323ad480b0338b328761f4d5ac06a65d93997649a49ac64bca6ea87d648d2c4bf7c6f0e4b7dd193db437a9f52484d2e2168be244cc211908228b7b9","ssdeep":"192:z5JubGeXebIeAaBiAUpb1uFVcNEC1oUPDunKL8fxcOBAhOth731ebuBA1wc:MAK1aVcRP7HOD1ej","tlshash":"03b2fe314c4cd649b222f1acfee6b80537a0e624fc42b5db5576683943c91bcee386d6","first_seen":"2024-12-31T14:47:43.26097Z","last_seen":"2026-03-29T08:51:51.159409Z","times_seen":12,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/images/logo-scb.png","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.007Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/themes/wp-movies-theme-1.0.23/images/logo-scb.png HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/wp-content/themes/wp-movies-theme-1.0.23/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:06 GMT\r\ncontent-type: image/png\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3eYuv7y%2FZArcrsh%2BizxKrRc0r%2BMTJozt1VZb518MDBOLL9QmHcpT3iLBcR2EJWsuHYG8iUroYHG1F8EKdZ%2B8K7Qr218Do3J0JMbfloN%2BxrpAep%2F%2B0qOLeUA%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:06 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f19a7d6f1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9885,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 185 x 59, 8-bit/color RGB, non-interlaced","md5":"571ccfa98595d81b5d37dcb275cf824b","sha1":"8cee732c5819221a41e7501b7f6e2c92abb6bfcd","sha256":"99799bc4089ac82625bab7931bb1b6b99465110b351b045b4d156f47e6cca60d","sha512":"e8535f2d082c15f6996d7dc79c952a8d84a0fc993d83b85e207ad2e58f126b102f3726c3b0e7e527847a4de0da8de4c4e5d894837045181db71701aef4d44acf","ssdeep":"192:NxkDhmPONgd+EtFHcCMoVdOaUF4/5YepcSAr+S0rHrlC9:NWh3+QEHTVwag4hLeSAr+SmlC9","tlshash":"8c12c0ae649a41fa7660fcc690d20a30761c761d302a5cadd658da0d363a92a9db3c48","first_seen":"2025-10-07T13:13:54.815129Z","last_seen":"2026-03-29T08:51:51.223626Z","times_seen":11,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fnotifications%2Fios%2Fnew%2F2%2Fjs%2Fscript.js\u0026l=402\u0026fd=569","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:09.258Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fnotifications%2Fios%2Fnew%2F2%2Fjs%2Fscript.js\u0026l=402\u0026fd=569 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 08 Oct 2025 10:27:09 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css\u0026l=3355\u0026fd=629","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:09.285Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css\u0026l=3355\u0026fd=629 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Wed, 08 Oct 2025 10:27:09 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":164,"timings":{"blocked":68,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Lato:400,700,400italic","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"54:09:EF:2E:96:03:5C:86:DF:F0:DA:AC:A6:7A:0D:35:49:4E:68:90","sha256":"0E:84:83:07:1D:C1:46:17:EB:EA:2F:15:CE:88:56:D2:FF:9E:AE:31:D2:C3:FC:DA:00:24:46:48:43:CD:11:1F"}}},"request":{"raw":"GET /css?family=Lato:400,700,400italic HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 08 Oct 2025 10:27:05 GMT\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2335,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"c8adea68724f01c0bfe053b57e3be693","sha1":"8d2973b1ee4519dd43e71c6f92301410d4dbe5d2","sha256":"8ea8df84a8d9fff09580aff580ec9c4fdfb7046c305606eb4c362e513417791a","sha512":"93360616b0b8c6b2ced115aaf491cb88a2d2f6746fae52251e6a47205dcae3ad30ba1d816025aaf461a9c6c134b27068b04482b7b8df03e03d6af3ffc39639e4","ssdeep":"","tlshash":"2c419e92096fb5089b930dc212da7d32ef0f625064499831eeff14d8bca7d6a9361b0d","first_seen":"2025-09-18T08:07:50.239963Z","last_seen":"2026-06-10T13:35:58.255529Z","times_seen":566,"resource_available":false,"data":null}},"time_used":777,"timings":{"blocked":334,"dns":28,"connect":7,"send":0,"wait":19,"receive":0,"ssl":384},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/e/6/disappearance-593280-150x221.jpg","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/e/6/disappearance-593280-150x221.jpg HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=J%2B7dWdIttR3aqOU8pcj2p440oeJqfQ2BZ%2FhYL2EECFnRBrCTM%2Fc0E5mmPxoUOzBoFVSsK9zyJYwC44qHwE%2Bf76Hm7ykJ%2Fv5YKhPZSTzbwsFja7V7t%2Ffrdj0%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f193cbbd1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10329,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x221, components 3","md5":"21efe6cc0f798be538e07aab569aa24b","sha1":"1ab7fb995d583a7e02d23d6d501b0680da94581d","sha256":"161fb0a58bae7c8e83e798db9356902a80b45168c852736d53d081b7e392b2fa","sha512":"9af6e6d497b8e6b7e9da38e5f75e0db339face03a79b127398c25ee77ca888df927950ecbabd389de743632dd004c399de35c6b6980b993b56e561aba4769626","ssdeep":"192:Mc8rVVm580kZNuaiv5WVi6vHeBv8N8FmnMtaRnSZ3861:ArmmBoUVi6vHeBv5n0nu3j","tlshash":"e322bf4673e3c9c2f9252d7384a188d6af88eb176455f6497eb0f1ba18b10f1fc8141e","first_seen":"2025-10-07T13:13:54.856456Z","last_seen":"2026-03-29T08:51:51.204866Z","times_seen":8,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/uploads/2019/06/avatar1560477597.png","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:05.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/avatar1560477597.png HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:05 GMT\r\ncontent-type: image/png\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s8DDA1DbNGoxuB37CbWhbWCnLU927qfPb4%2B3GdvR513Y1ptTRS9ynkxwhuqWt0NeViT5A5C2CBg9E4Z8D7%2FcS%2Foj6P%2F3r2wE4e%2BrngNzpLCP2mf0TIC2U4Q%3D\"}]}\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:05 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98b4f193ebea1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":50942,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 470 x 313, 8-bit/color RGBA, non-interlaced","md5":"fe59c48b9a49f61e2eceaf6d9d17876a","sha1":"60144614714d62337fc2892e745a828145426241","sha256":"9ebeb1370ab41c276d53a65deb6cb5d12c822fd42a5d426a81ec629fde825c0d","sha512":"886568a9b9b0c852cec9628abd01f04acaed18d3574996cd7e9eac7273459f4e261d57bd7b61508712c96a8e09f750dce592c1c6f18c1dd2a231ddec3d46beec","ssdeep":"768:T5dkR+iOx6wTuz2J35hzpjyaGZNPRigcwjIkoKtUdR8gLsoFAmvc3tHVK:T58+iNwTuz2J3QaGUC/hU94mAmvc3tHU","tlshash":"73330149d9e2719e8fc82eec6ac2b8f6301a37174490c2a8c555f8d6ae3b5459f0119b","first_seen":"2025-10-07T13:13:55.018543Z","last_seen":"2026-03-29T08:51:51.240428Z","times_seen":10,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":241,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/iflychat/js/iflychat-popup.js?ver=5.2.2","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.163Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/iflychat/js/iflychat-popup.js?ver=5.2.2 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nCookie: PHPSESSID=ffki957an88r45irtce9n3sotl\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:06 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KCHkdTpN7e44vIGSJEQxxVSGbo3EpQ7fgLshDrQGpTFxU%2Bom1jNeU5mgAHhqxcVHCR%2BLkJB5%2Bjn0n1Q8ejvp9CnYIMKt8oFT384xs6%2BCE9DPpAizmC7VPOM%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f19b6d8b1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":391,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"33e4e8478e92e4320460dbb58f0ec459","sha1":"ed182978ba90abcbc726f247b7e7e825daf94666","sha256":"94c9cf4de9d652a71f6ac3557e9520bb6a8fc2aa8fcae248dbe593154048238a","sha512":"0473e010581f21878d1dfc96ccfb217c7dac2fdd03dde0a9da3524e8c40e67f94cc64ba58eb1175950d2d93cdbfae6439140357ec60d1ad18d45ef34b3307b9a","ssdeep":"","tlshash":"75e06db32f306a1e1009bc861d6c866826d19af06f62fc3091bd8c39d830ccb4816c3c","first_seen":"2025-10-07T13:13:54.977493Z","last_seen":"2026-03-29T08:51:51.142463Z","times_seen":11,"resource_available":true,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":84,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 08 Oct 2025 10:27:06 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 8d3d4f153df4abd826d2edb4c00a4ac1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":1,"connect":19,"send":0,"wait":22,"receive":35,"ssl":54},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:06.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:07:02 GMT","end":"Sat, 29 Nov 2025 00:07:01 GMT"},"fingerprint":{"sha1":"AD:4F:15:9E:60:62:A7:16:BA:4B:37:64:C6:01:6B:2B:99:47:89:BE","sha256":"44:74:EA:98:35:48:9C:28:63:20:61:17:18:F6:2B:0A:57:68:36:F4:EF:B0:67:1E:C0:7C:41:30:13:2C:02:F1"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 08 Oct 2025 10:27:06 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 0c51f884f4d35657bbd0d46592296ef1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-11T01:58:50.778478Z","times_seen":16314134,"resource_available":true,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":3,"connect":23,"send":0,"wait":17,"receive":0,"ssl":141},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"streamdreams.dirproxy.dev/wp-content/plugins/luckywp-cookie-notice-gdpr/front/assets/main.min.css?ver=1.1.0","fqdn":"streamdreams.dirproxy.dev","domain":"dirproxy.dev","tld":"dev"},"ip":{"addr":"104.21.11.102","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://streamdreams.dirproxy.dev/","date":"2025-10-08T10:27:04.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dirproxy.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 22:10:26 GMT","end":"Thu, 18 Dec 2025 23:09:00 GMT"},"fingerprint":{"sha1":"0C:B1:8A:3E:77:78:35:E1:0B:42:BE:DC:F0:36:B4:90:87:23:38:07","sha256":"15:6B:6E:5B:2E:F7:AA:8D:0B:A2:14:7D:20:32:F8:47:CE:6C:85:29:2B:BF:94:C7:B9:11:C5:82:E9:B2:07:5D"}}},"request":{"raw":"GET /wp-content/plugins/luckywp-cookie-notice-gdpr/front/assets/main.min.css?ver=1.1.0 HTTP/1.1\r\nHost: streamdreams.dirproxy.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://streamdreams.dirproxy.dev/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 08 Oct 2025 10:27:04 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ITKud75cpuHCniIowlUQ5MuZ3c3CiSoTx2ZQuv%2BOCd%2FDhrfnXD5hbpqu30WavVYdCU5YkAPE5vdci5%2FdUGXPB2IJaMffEqXRSE3%2FLET6VVscXDW7W83bl5Q%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 08 Oct 2025 10:27:04 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98b4f1929aa71a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4476,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (4476), with no line terminators","md5":"b08554b82170356746d1d3183b50c45e","sha1":"d453d0fe64a6dc10e39cd87eeeffd60ab97b2ce4","sha256":"c8b187bfbe599b692b13d0cdc8d3f32da7ec85c90d455bbfa72592a58f332e3f","sha512":"d01826ad4ec3bbebc2b4485db01b4e878c76ef0554a1a68eaf332af68b1d4a298db189a943a6e977dfd9b63de31d4b2522682f06f6942e8c33ca34db0a77b95f","ssdeep":"48:gHKfNUrh9NyuzhKAbmKt5n1VlOjla1lwhPczjwVwqQUg+2l0Pl44lATxl+D5afFR:gkeHcmzVfw+VIwuD7LhLO7cecQL5","tlshash":"2e916b19f5c4162e613ae26f2041e5edf1df3a40e2e5d6a9b5bcf024c4cf5c91836b49","first_seen":"2025-10-07T13:13:54.970403Z","last_seen":"2026-03-29T08:51:51.237843Z","times_seen":11,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"streamdreams.dirproxy.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}}]}