{"report_id":"db387768-86eb-47ff-b4fd-e9f83fb628c0","version":6,"status":"done","tags":[],"date":"2025-10-27T09:25:15Z","url":{"schema":"http","addr":"sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","fqdn":"sq.religionmystic.com","domain":"religionmystic.com","tld":"com"},"ip":{"addr":"172.67.160.27","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","fqdn":"sq.religionmystic.com","domain":"religionmystic.com","tld":"com"},"title":"Bricjapi: simboli i shenjës, datat, karakteristikat, pajtueshmëria me shenjat e tjera | Astrologji","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":""}},"submit":{"url":{"schema":"http","addr":"sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","fqdn":"sq.religionmystic.com","domain":"religionmystic.com","tld":"com"},"ip":{"addr":"172.67.160.27","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-01T09:25:15Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":16}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"outwardtimetable.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"outwardtimetable.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"outwardtimetable.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"flushpersist.com","ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-07-01","domain_rank":23810,"first_seen":"2025-07-08T10:43:12.76905Z","last_seen":"2025-10-22T01:37:00.143791Z","alert_count":4,"request_count":2,"received_data":1060,"sent_data":1544,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"religionmystic.com","ip":{"addr":"172.67.160.27","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-07-07","domain_rank":3295972,"first_seen":"2022-07-08T14:10:24Z","last_seen":"2023-03-26T04:16:33Z","alert_count":0,"request_count":1,"received_data":6084,"sent_data":444,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"s18a.biz","ip":{"addr":"24.144.79.171","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"domain_registered":"2024-08-25","domain_rank":1015226,"first_seen":"2024-09-04T10:38:12Z","last_seen":"2025-10-15T16:53:41.210571Z","alert_count":0,"request_count":1,"received_data":462,"sent_data":431,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"torchfriendlypay.com","ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":191479,"first_seen":"2025-07-30T13:31:49.539518Z","last_seen":"2025-10-27T05:53:39.703591Z","alert_count":3,"request_count":1,"received_data":519,"sent_data":507,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"sq.religionmystic.com","ip":{"addr":"172.67.160.27","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-07-07","domain_rank":0,"first_seen":"2025-10-27T09:25:16.135589Z","last_seen":"2025-10-27T09:25:16.135589Z","alert_count":0,"request_count":2,"received_data":77842,"sent_data":1149,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.4.13","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"YouTube","description":"YouTube is a video sharing service where users can create their own profile, upload videos, watch, like and comment on other videos.","website":"https://www.youtube.com","common_platform_enumeration":"","icon":"YouTube.png","categories":["Video players"]}]},{"fqdn":"professionaltrafficmonitor.com","ip":{"addr":"18.156.46.43","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-01-23","domain_rank":16376,"first_seen":"2025-01-25T08:56:07.448138Z","last_seen":"2025-10-26T22:42:22.843604Z","alert_count":0,"request_count":1,"received_data":430,"sent_data":465,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.zz-10.com","ip":{"addr":"104.26.0.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-08-12","domain_rank":0,"first_seen":"2023-08-12T22:31:02Z","last_seen":"2025-10-15T16:53:40.564264Z","alert_count":0,"request_count":1,"received_data":157951,"sent_data":454,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"wayfarerorthodox.com","ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-08-08T11:06:50.216151Z","last_seen":"2025-10-27T06:34:08.267554Z","alert_count":12,"request_count":6,"received_data":103300,"sent_data":3220,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"outwardtimetable.com","ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-08-19","domain_rank":0,"first_seen":"2025-09-28T21:14:47.25684Z","last_seen":"2025-10-15T16:53:41.265675Z","alert_count":15,"request_count":5,"received_data":95742,"sent_data":5291,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-10-22T06:30:03.608659Z","alert_count":6,"request_count":2,"received_data":171926,"sent_data":838,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.show-sb.com","ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-20","domain_rank":187612,"first_seen":"2024-08-31T03:46:04Z","last_seen":"2025-10-27T06:34:08.303743Z","alert_count":1,"request_count":1,"received_data":2077,"sent_data":496,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"creative-sb1.com","ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-01","domain_rank":22211,"first_seen":"2025-08-08T09:32:32.509707Z","last_seen":"2025-10-27T06:34:08.569332Z","alert_count":12,"request_count":6,"received_data":184767,"sent_data":2817,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-10-26T22:12:37.824968Z","alert_count":0,"request_count":1,"received_data":17441,"sent_data":430,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-10-26T22:12:38.002151Z","alert_count":0,"request_count":2,"received_data":81926,"sent_data":1112,"comment":"","tags":null,"fingerprints":null},{"fqdn":"i.religionmystic.com","ip":{"addr":"172.67.160.27","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-07-07","domain_rank":0,"first_seen":"2022-09-02T07:10:34Z","last_seen":"2022-09-02T07:10:34Z","alert_count":0,"request_count":2,"received_data":34364,"sent_data":916,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","fqdn":"sq.religionmystic.com","domain":"religionmystic.com","tld":"com"},"ip":{"addr":"172.67.160.27","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"47865f285c6ca4f90b801ea8ccac1e16","sha1":"fadfe2163a6000adc58b4bf2b78048fe55e89faa","sha256":"0ea7bbdd3927ee9158493e9dff87b819d1e28833d1a90c6651afdaeba9aba7b5","sha512":"35bc424da01173ecabe18f351a3c7e033af7d186c713e51b7256c7bd7cb39fc234befeaf43c989f34c33346d270deff6a71953a54b0f8f39450f1377e49ee804","ssdeep":"","tlshash":"7001d0b3a2102db44c0e19de7ca1838d78b04206b5839831d77e90952278e76b9369c8","size":772,"data":"","first_seen":"2025-09-28T21:14:55.738072Z","last_seen":"2026-02-28T20:24:45.675074Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"26ce7791f08fb671816e8ac15c21abcc","sha1":"cd121446322214f9ee849fadd1686452f9acf3a9","sha256":"e039e804b7483aec11801d7a306db1603f9c6d5f562340f9a5dbeda753c0224d","sha512":"01af678dd36e5bcfaf95c43fee3d7ac605299c1aca9187b5b330dffac03c16910e373e8ccb57e00c66810daff06b475d561370c05abe8a3beb00f5f9f950c409","ssdeep":"96:PKheeIZELV3rtYwDxXvH9VLgjY6oB/rCKTQ3l35AcOrzYdOtkiz9u5Z4tTpfn7:Pbj6VbjxXvw8zTCKTvlSQpfn7","tlshash":"b9d185883e81f0d513a3b5779a3f6549b3ad6814549fd804e107a0d03e2ce2ae97b6a5","size":6461,"data":"","first_seen":"2025-10-22T08:34:06.793976Z","last_seen":"2025-12-01T10:40:04.095127Z","times_seen":3160,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/ae/bc/c5/aebcc5217dca5cd32a9c99788c6c2015.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"4b5eb0cc64d19c7aaf62a0efd6cd094e","sha1":"1ecf2764cd591309d114d1c836d6d96b1864a943","sha256":"1dfb0608dc2ed355909c4ec02b34699a07dfd883d8d937cd7f7c662c01514467","sha512":"a2fd64597d2096d9e4e41585c14d381894e1651478c4d30b240e63fa5e164f0ce6fbc2c617574ef1d4a50cfd4f438a76c180cf7dac07adb2433092c1df7554ea","ssdeep":"1536:v+JSafgsZNRNFfuoDEvv/SbtrNiwe9q2mL/CaY4zrUho9qwgq0Iq9tHqY+v:V8NpuoDcSxrNiwe9qEN4zrUHwItHqt","tlshash":"c993a68cbf80b0ad127674b7521f5006f27a9c44d88ce488f45bb4e8193cb799576bed","size":93014,"data":"","first_seen":"2025-10-27T09:25:19.549216Z","last_seen":"2025-10-27T09:25:19.549216Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sq.religionmystic.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"sq.religionmystic.com","domain":"religionmystic.com","tld":"com"},"ip":{"addr":"172.67.160.27","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-04T09:41:22.691678Z","times_seen":291959,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","fqdn":"sq.religionmystic.com","domain":"religionmystic.com","tld":"com"},"ip":{"addr":"172.67.160.27","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0186e8e26ca3173c3767230e618cb648","sha1":"f1e0bf0f4a5b6edd03eed469fea31f1d4570307a","sha256":"f1f2602df57f44f13127618a633e1a107930041b22d2cf22e2a84d5f8010498c","sha512":"5e755cfa83dbf46c9e912b45c64e7e93814b7e1da71de77675144fa3189293f07bac1596950c3493922b239ad70ce56b1c8ed3fa2c3b66dfba1b08e36f809fd6","ssdeep":"","tlshash":"41f0ebe93cc89038c27502a17737bb89b02636296d0aac64ca8d8c903800de9a49749c","size":555,"data":"","first_seen":"2025-10-27T09:25:19.56413Z","last_seen":"2025-10-27T09:25:19.56413Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s18a.biz/?te=my4gem3cgy5ha3ddf42dcnzr","fqdn":"s18a.biz","domain":"s18a.biz","tld":"biz"},"ip":{"addr":"24.144.79.171","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"f495e69f2e9edc75eeae7dd3ea78a747","sha1":"a89e38bbe70fa2de5db9d578975abd4e9dcda52e","sha256":"8bf4c7cf443426b4cd8b5a56d22109b4e70314c1d2b8d0eb68887696722c132c","sha512":"3fd0afcb046ea60710b769bab0a70d6474af6fc6e881277b0b17964c74cb7edb539a758f4b87a689ce9a52a20674cc88fa8cb9c2a337785cd060d8a5bdefa85e","ssdeep":"","tlshash":"1e5000c000003003300003000f00c00000000c00003000000000000000000c00c00000","size":10,"data":"","first_seen":"2023-03-07T01:03:06Z","last_seen":"2026-04-03T19:55:24.685659Z","times_seen":3403,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"outwardtimetable.com/c9/9f/97/c99f97f69c52abc080d590b5fa2a7e8e.js","fqdn":"outwardtimetable.com","domain":"outwardtimetable.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6068ebf7eab18e7869eaf71f2f01598d","sha1":"7d2ef82b8ee2d30d3fa0348afd12672bcdf2aab5","sha256":"18dfd958a949f3d5ec889396f9f15f7eace4cf2644e66f62ee7689eb7213a3a8","sha512":"4d39fac5d680163a5e4112ac651d6f06cede44f7bbadfe6df86a881f15d2e815ca0323b59901fa775d8393b2f3f89df9c0e501eaad185f7b3684e2c75b5f9d0b","ssdeep":"1536:fit773s72DQsjQlZKEMO2N6BLFYQPcT41FXgKkGCWUMZL:fU7xkN4O2N6BLFYQZDXgKsWUM9","tlshash":"bd83f8883f81b65812a2f033723f999ae1da5e451888d054e303a8dcbf7d71dd93af65","size":85067,"data":"","first_seen":"2025-10-27T09:25:19.558642Z","last_seen":"2025-10-27T09:25:19.558642Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/utility/default/robot/2/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6326c600df01e3bfb9b40e1aa08176f8","sha1":"6b4fb754d29b297b539bf62ba9b4eaf0f33f314a","sha256":"df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3","sha512":"641aaeecb9b89bcc319cabfef18f76faa9b1ba79f9de30c6d07f22d385fc78ac3f11a718fe9ec96f8a13d82e3dff4ca34944ccb449a4ef8e378ad65dfad581c0","ssdeep":"1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri","tlshash":"eb83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","size":84384,"data":"","first_seen":"2023-03-07T01:10:11Z","last_seen":"2026-04-04T09:26:04.750737Z","times_seen":10373,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"131b39da3a1c473ab04975c052e0c98e","sha1":"d938b550a9a1b15510d203ffa198929ceaaa1fa9","sha256":"d9db38c8063c5684dece4e6df7f9de2c52fc9eacacf37cd8e19a365c913527a0","sha512":"8e4f6f0598ba16a000f8ce870e7c20f0733030e4261e5f540d89cebea036727379f510e3324a42f03011a0007d43bd7004e7c8f37b16b37bb9e1b20928a47488","ssdeep":"192:fcjnoV7yi4crcYmeV+VHJmQxdCnV8oDeQToJ:fcjnoV7yi9V+VHUACnn+","tlshash":"5202320819f9d921c01da13f203f2264f7680a53ac5abed8bb8451055fde96f7ab903f","size":8627,"data":"","first_seen":"2025-10-27T09:25:19.564967Z","last_seen":"2025-10-27T09:25:19.564967Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","fqdn":"sq.religionmystic.com","domain":"religionmystic.com","tld":"com"},"ip":{"addr":"172.67.160.27","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"43e28c5553d54ed2964bd5147521769b","sha1":"0a2b8c3db330a47aa7b9195e6dfdf944adb9240d","sha256":"d63026c985dc46aeb316574b7bf1828080c906238e35d5e34cb80414c0e70d23","sha512":"6dda085e4196167cf64287cb675c05b09bdaa291decebd1bea2b52ccdbd380de5875dc233fa3d439559413693f1e7974f485d60a2c1541bf62a8887bf5ff9811","ssdeep":"","tlshash":"1b80000c0a20c0882a00af00e000c202a0c2200f0220238ce823bce2a83c888808fea0","size":38,"data":"","first_seen":"2023-04-10T16:02:06Z","last_seen":"2026-04-04T09:38:52.83862Z","times_seen":125897,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"wayfarerorthodox.com/ae/bc/c5/aebcc5217dca5cd32a9c99788c6c2015.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:53.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /ae/bc/c5/aebcc5217dca5cd32a9c99788c6c2015.js HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 27 Oct 2025 09:24:53 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 34260\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nSet-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_FEATURES-8290_1=1; expires=Mon, 27 Oct 2025 09:24:53 GMT; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 07971ade46b2f8de9732031b48f5f130\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":93014,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4b5eb0cc64d19c7aaf62a0efd6cd094e","sha1":"1ecf2764cd591309d114d1c836d6d96b1864a943","sha256":"1dfb0608dc2ed355909c4ec02b34699a07dfd883d8d937cd7f7c662c01514467","sha512":"a2fd64597d2096d9e4e41585c14d381894e1651478c4d30b240e63fa5e164f0ce6fbc2c617574ef1d4a50cfd4f438a76c180cf7dac07adb2433092c1df7554ea","ssdeep":"1536:v+JSafgsZNRNFfuoDEvv/SbtrNiwe9q2mL/CaY4zrUho9qwgq0Iq9tHqY+v:V8NpuoDcSxrNiwe9qEN4zrUHwItHqt","tlshash":"c993a68cbf80b0ad127674b7521f5006f27a9c44d88ce488f45bb4e8193cb799576bed","first_seen":"2025-10-27T09:25:19.549216Z","last_seen":"2025-10-27T09:25:19.549216Z","times_seen":1,"resource_available":true,"data":null}},"time_used":788,"timings":{"blocked":298,"dns":23,"connect":91,"send":0,"wait":98,"receive":92,"ssl":184},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1509\u0026rd=1509\u0026fd=500\u0026bv=25.10.8057\u0026tmpl=70","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:53.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 22:45:42 GMT","end":"Sat, 24 Jan 2026 22:45:41 GMT"},"fingerprint":{"sha1":"41:96:45:79:52:E3:33:91:D4:2F:02:0E:9A:0C:2F:9B:9E:61:D1:8E","sha256":"29:AB:4F:E8:D2:D2:33:47:FD:9D:6B:2D:8A:27:6A:2B:51:08:DD:EA:28:20:70:C3:D9:77:E1:E3:04:17:48:20"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1509\u0026rd=1509\u0026fd=500\u0026bv=25.10.8057\u0026tmpl=70 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 27 Oct 2025 09:24:54 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T09:46:13.591387Z","times_seen":13326202,"resource_available":true,"data":null}},"time_used":710,"timings":{"blocked":308,"dns":27,"connect":91,"send":0,"wait":93,"receive":0,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sq.religionmystic.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"sq.religionmystic.com","domain":"religionmystic.com","tld":"com"},"ip":{"addr":"172.67.160.27","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:52.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"religionmystic.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 26 Oct 2025 03:34:26 GMT","end":"Sat, 24 Jan 2026 04:32:48 GMT"},"fingerprint":{"sha1":"A3:AC:45:8F:5E:ED:70:07:D7:0A:28:36:B1:9C:4F:F2:A8:C8:DB:8E","sha256":"E6:73:05:0B:E6:36:47:A7:16:21:FA:AD:C3:47:B0:CD:55:D8:65:9C:76:E3:03:4B:B4:D0:B3:E6:66:D7:70:A0"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: sq.religionmystic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Mon, 27 Oct 2025 10:12:52 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2szL3zF1QwqTQMly51J1PU8Nx1uDP8D%2BHkkbPTkQeeSfDHTEci4iYN%2FrUIs5696n%2F3OCCkjOt1Th%2F894VApMdTJx%2BeZrdJEtX8Yn3%2FfSRV6aQfA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Mon, 27 Oct 2025 09:24:52 GMT\r\ncf-ray: 99512495b89456bf-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-04T09:41:22.691678Z","times_seen":291959,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i.religionmystic.com/images/039/image-114223-j.webp","fqdn":"i.religionmystic.com","domain":"religionmystic.com","tld":"com"},"ip":{"addr":"172.67.160.27","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:52.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"religionmystic.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 26 Oct 2025 03:34:26 GMT","end":"Sat, 24 Jan 2026 04:32:48 GMT"},"fingerprint":{"sha1":"A3:AC:45:8F:5E:ED:70:07:D7:0A:28:36:B1:9C:4F:F2:A8:C8:DB:8E","sha256":"E6:73:05:0B:E6:36:47:A7:16:21:FA:AD:C3:47:B0:CD:55:D8:65:9C:76:E3:03:4B:B4:D0:B3:E6:66:D7:70:A0"}}},"request":{"raw":"GET /images/039/image-114223-j.webp HTTP/1.1\r\nHost: i.religionmystic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 27 Oct 2025 09:24:52 GMT\r\nserver: cloudflare\r\nvary: User-Agent, accept-encoding\r\ncf-cache-status: MISS\r\ncontent-length: 15616\r\nlast-modified: Mon, 15 Apr 2024 11:49:35 GMT\r\netag: \"3d00-61621372271c0\"\r\naccept-ranges: bytes\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cyHKt1mCi2ICaSisqJLSkdp1bgWXP48VApr2sYOdPMbdYOxTbP2iZW%2BCuJLrUcccRXocr%2BxR75RQfvEJQ%2FYomJHx9QfYe82rtB7fpkjBtgmCUQ%3D%3D\"}]}\r\ncache-control: public, max-age=31536000\r\nexpires: Tue, 27 Oct 2026 09:24:52 GMT\r\naccess-control-allow-origin: *\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: image/webp\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99512495f89756bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15616,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 800x713, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"d859f4b9c9bfa0fe7b254420ae577bdd","sha1":"5d80d62d067fc57b1b00452f44f86956ae122d27","sha256":"f6fce59b5d39f1d3c9e8c6f0422c3de64d94a89e8548d772f3181f752dc92308","sha512":"96fc55bac6b0092d74876b67f6e89725ff5e48b0e5495f918dce73714bcfa1bb8728549ffaf53c2458612fc91958d5d510518fc9d8b2804cba33cd5cdd0e0f54","ssdeep":"384:kZ7eCbMTdJLWorRGkZS5uHI/hXdfVggjWgqS:c7eCbKzWorRGk5I/hXjpJp","tlshash":"2b62d06cb8fce6a01ed661ae87cf85b3141569607dadc10239b4cd1cbb31db063d3682","first_seen":"2025-10-27T09:25:19.551043Z","last_seen":"2025-10-27T09:25:19.551043Z","times_seen":1,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":71,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"18.156.46.43","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:53.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sq.religionmystic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 27 Oct 2025 09:24:53 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://sq.religionmystic.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=f39d27a3-8812-49d6-97ed-c2641fece175:1:1; expires=Thu, 25 Oct 2035 09:24:53 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"8e96286e0a974cc3cc8c3ec362c18467","sha1":"4c2cd309120c0276f2a8a6b31288f4c749a0ddcb","sha256":"43e5f9442643bac0053a9e854554a7a035e7f67b05e72f9a405b2cfa6ef128cb","sha512":"0aad43dcd84931e227e0dc3fc41530d7fb886a46c7c17222f4e50adc9945d12ef653819d19db2c4cbf415bed637781060c88c0ce5cd1e40c880aa5f7bb6093d1","ssdeep":"","tlshash":"029004403f0dcc13fd54d14f4d00cc0f1f500411c5150014043f4d10c11fdc5c1511c4","first_seen":"2025-10-27T09:25:19.551848Z","last_seen":"2025-10-27T09:25:19.551848Z","times_seen":1,"resource_available":false,"data":null}},"time_used":248,"timings":{"blocked":114,"dns":6,"connect":21,"send":0,"wait":21,"receive":1,"ssl":82},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:53.374Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 27 Oct 2025 09:24:53 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3422\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b877c54df86e0f843e4b123727edc4f6\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6461,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6461), with no line terminators","md5":"26ce7791f08fb671816e8ac15c21abcc","sha1":"cd121446322214f9ee849fadd1686452f9acf3a9","sha256":"e039e804b7483aec11801d7a306db1603f9c6d5f562340f9a5dbeda753c0224d","sha512":"01af678dd36e5bcfaf95c43fee3d7ac605299c1aca9187b5b330dffac03c16910e373e8ccb57e00c66810daff06b475d561370c05abe8a3beb00f5f9f950c409","ssdeep":"96:PKheeIZELV3rtYwDxXvH9VLgjY6oB/rCKTQ3l35AcOrzYdOtkiz9u5Z4tTpfn7:Pbj6VbjxXvw8zTCKTvlSQpfn7","tlshash":"b9d185883e81f0d513a3b5779a3f6549b3ad6814549fd804e107a0d03e2ce2ae97b6a5","first_seen":"2025-10-22T08:34:06.793976Z","last_seen":"2025-12-01T10:40:04.095127Z","times_seen":3160,"resource_available":true,"data":null}},"time_used":719,"timings":{"blocked":309,"dns":25,"connect":94,"send":0,"wait":96,"receive":1,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"outwardtimetable.com/ren.gif?sid=H4sIAAAAAAAC_1RSz2skRRit3uSkiKiLJ4URXFhxM-nu6fnRu4dgXCPBmIRsJAcPUl1VPSnT3dVWdU9P5hQMyB5nbx48dN4kG9RF1z9AXCbeIouOpxw2B_UqCEquykwGFh_0933Nq4L33lefHeTnpIacnq2_r3oyiuh8vWpXrm_JhKvCVFY3K45dtW9VtmTS8G5VuuOiOzedmle136i8K9iOmndtx7Yd26ksSS1C1Z2fsJDpA9-p-nbVc6tO3UNX___f5BYMtcA75-RFSD56_vfwQ0g2RBI_vC3MTqbSG-_EeUQzpdHhxx8kO4kqEsRPx1BbCJPj6WkoMyLk8ytQyfHUAVTncOwAgRyRKy8_QZAcT2Ui6BxdKg0iiAQBfxZFZwgRDSHpEEztQ_JfCMA4VteQxPdXlS7o7iVLx-yIzF78DVmMyOyTq0jibxYj2a3cUVGeSZUYdMMSsjuEbA-R5ifIehZkcQKWfQrJH5P5ixUk8eGaiRQkP3s9rPncbdLaXKvluHOezxtzflPwOeY2PCcUTDjN-iQiGQ5BjYV8_EkLeWghTy3E_Kzi2S2PObTWCH3OmrZHPY-LwPZbrm1TnzWRs7H2PrK0Dxb1wfQeUr2HHdmHzh_BbJcw3ILJCDq8RCEICkNQUIJCEhQZQdEpj3hkXFPe55HJA2fa3WmvlQOVtQ_okcraIiGgug_Ny0OZfmL2wbKZQS80fKDGhQZZOaABLw_Sc_LCOFbr2uMhdsRZhfl-6DfDhs_qLg2Y3bJ53beDekhd2hQtASNLSHNlEkZPjsi1P86RyhF57sZPCOgJTHQCJmdA81dBixJ0u0Qv-ZYmMqaRyUTCq0zF4KpEms0i27UOonPy0mBjc_HRZMEfvfIzBDtduPjz3rZ--BqYLpHqEh_LHwna0d3BhirI4YYqDPluLc1kLHt0vPw7Gc3E7Ffvid1Cab582_S_fIuNifH4YFOYbIUmXCZtQ75elJwLvaQ0E-T7ZbMlgvXcbC_mOsnTlfW3l5bjVAtjpEqGoHJEnvniTTA5IlevL0wedv2f38DSPZj0dOEvMgGMIghSC5EkiMQpmQI0KGHEUz-BOP1heufA3EVbW6DZPpK4REeX6EQlaNSHyWcGWapPF36tTYAgsgZBpK3DINLRvcucjDyr1N2g1mi1GiJs8LDGa26N-3Vb-B71G57v1ZGZ0fa_N8P_AgAA___3NAb8ewQAAA==","fqdn":"outwardtimetable.com","domain":"outwardtimetable.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:54.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"outwardtimetable.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Oct 2025 22:19:22 GMT","end":"Fri, 16 Jan 2026 22:19:21 GMT"},"fingerprint":{"sha1":"CB:BD:40:04:66:51:38:3A:0B:50:82:8E:71:8E:93:8F:BF:2C:2B:97","sha256":"6D:E4:5A:AD:FF:2A:6B:0E:28:9A:D1:44:72:CA:4B:D5:BE:1E:60:AE:DA:58:37:EF:96:4D:28:8A:DC:EF:83:17"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSz2skRRit3uSkiKiLJ4URXFhxM-nu6fnRu4dgXCPBmIRsJAcPUl1VPSnT3dVWdU9P5hQMyB5nbx48dN4kG9RF1z9AXCbeIouOpxw2B_UqCEquykwGFh_0933Nq4L33lefHeTnpIacnq2_r3oyiuh8vWpXrm_JhKvCVFY3K45dtW9VtmTS8G5VuuOiOzedmle136i8K9iOmndtx7Yd26ksSS1C1Z2fsJDpA9-p-nbVc6tO3UNX___f5BYMtcA75-RFSD56_vfwQ0g2RBI_vC3MTqbSG-_EeUQzpdHhxx8kO4kqEsRPx1BbCJPj6WkoMyLk8ytQyfHUAVTncOwAgRyRKy8_QZAcT2Ui6BxdKg0iiAQBfxZFZwgRDSHpEEztQ_JfCMA4VteQxPdXlS7o7iVLx-yIzF78DVmMyOyTq0jibxYj2a3cUVGeSZUYdMMSsjuEbA-R5ifIehZkcQKWfQrJH5P5ixUk8eGaiRQkP3s9rPncbdLaXKvluHOezxtzflPwOeY2PCcUTDjN-iQiGQ5BjYV8_EkLeWghTy3E_Kzi2S2PObTWCH3OmrZHPY-LwPZbrm1TnzWRs7H2PrK0Dxb1wfQeUr2HHdmHzh_BbJcw3ILJCDq8RCEICkNQUIJCEhQZQdEpj3hkXFPe55HJA2fa3WmvlQOVtQ_okcraIiGgug_Ny0OZfmL2wbKZQS80fKDGhQZZOaABLw_Sc_LCOFbr2uMhdsRZhfl-6DfDhs_qLg2Y3bJ53beDekhd2hQtASNLSHNlEkZPjsi1P86RyhF57sZPCOgJTHQCJmdA81dBixJ0u0Qv-ZYmMqaRyUTCq0zF4KpEms0i27UOonPy0mBjc_HRZMEfvfIzBDtduPjz3rZ--BqYLpHqEh_LHwna0d3BhirI4YYqDPluLc1kLHt0vPw7Gc3E7Ffvid1Cab582_S_fIuNifH4YFOYbIUmXCZtQ75elJwLvaQ0E-T7ZbMlgvXcbC_mOsnTlfW3l5bjVAtjpEqGoHJEnvniTTA5IlevL0wedv2f38DSPZj0dOEvMgGMIghSC5EkiMQpmQI0KGHEUz-BOP1heufA3EVbW6DZPpK4REeX6EQlaNSHyWcGWapPF36tTYAgsgZBpK3DINLRvcucjDyr1N2g1mi1GiJs8LDGa26N-3Vb-B71G57v1ZGZ0fa_N8P_AgAA___3NAb8ewQAAA== HTTP/1.1\r\nHost: outwardtimetable.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nCookie: uid_id2=f39d27a3-8812-49d6-97ed-c2641fece175:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl19254978=1; slecc99f97f69c52abc080d590b5fa2a7e8e=[6233296]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 27 Oct 2025 09:24:54 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: outwardtimetable.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 68c8c5aa82449c020a4413675de31b80\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T09:46:13.591387Z","times_seen":13326202,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"outwardtimetable.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"outwardtimetable.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"outwardtimetable.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:53.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 27 Oct 2025 09:24:53 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 1bb759e4132e0845765a5b4bd30c19a1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":159,"timings":{"blocked":59,"dns":1,"connect":17,"send":0,"wait":21,"receive":19,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"outwardtimetable.com/sbar.json?key=c99f97f69c52abc080d590b5fa2a7e8e\u0026uuid=f39d27a3-8812-49d6-97ed-c2641fece175%3A1%3A1","fqdn":"outwardtimetable.com","domain":"outwardtimetable.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:53.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"outwardtimetable.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Oct 2025 22:19:22 GMT","end":"Fri, 16 Jan 2026 22:19:21 GMT"},"fingerprint":{"sha1":"CB:BD:40:04:66:51:38:3A:0B:50:82:8E:71:8E:93:8F:BF:2C:2B:97","sha256":"6D:E4:5A:AD:FF:2A:6B:0E:28:9A:D1:44:72:CA:4B:D5:BE:1E:60:AE:DA:58:37:EF:96:4D:28:8A:DC:EF:83:17"}}},"request":{"raw":"GET /sbar.json?key=c99f97f69c52abc080d590b5fa2a7e8e\u0026uuid=f39d27a3-8812-49d6-97ed-c2641fece175%3A1%3A1 HTTP/1.1\r\nHost: outwardtimetable.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sq.religionmystic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 27 Oct 2025 09:24:54 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4485\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://sq.religionmystic.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=f39d27a3-8812-49d6-97ed-c2641fece175:1:1; expires=Mon, 03 Nov 2025 09:24:53 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Tue, 28 Oct 2025 09:24:54 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Tue, 28 Oct 2025 09:24:54 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Tue, 28 Oct 2025 09:24:54 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Tue, 28 Oct 2025 09:24:54 GMT; path=/; secure; SameSite=None\nu_pl19254978=1; expires=Tue, 28 Oct 2025 09:24:54 GMT; path=/; secure; SameSite=None\nslecc99f97f69c52abc080d590b5fa2a7e8e=[6233296]; expires=Mon, 27 Oct 2025 09:24:59 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 215\r\nHost: outwardtimetable.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 74dea17235e56952535f470d67443dfd\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5777,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"04088d37561f142a2ec6348f286b403d","sha1":"4e2c140330157b4a3f00cb75883954ec9b521f69","sha256":"d182b8007e7dca40e039116b562a477406a10b3acefdc3377c106a827a501921","sha512":"cf04aba4cc47241923bb96125cb16fdb3483e4c3b737fee2a10768fdbece9ee44534ee15f561e52e25f28414b9dbc58be03b8d9703f7512feeefb186baeb287e","ssdeep":"96:9zmEXtl54XetDqzgdWsvfnWK2DAF9Pj+bEq934/wRr7U:9zLXL5YeN6vwnyDAFtjGO/A7U","tlshash":"83c19e9d274820c151cbcdb86a875cc82868f64bf9e8515cd5fba68f14e70d25fcda42","first_seen":"2025-10-27T09:25:19.553622Z","last_seen":"2025-10-27T09:25:19.553622Z","times_seen":1,"resource_available":false,"data":null}},"time_used":314,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":313,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"outwardtimetable.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"outwardtimetable.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"outwardtimetable.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/notifications/utility/default/robot/2/index.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:54.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Oct 2025 15:30:46 GMT","end":"Tue, 06 Jan 2026 16:29:13 GMT"},"fingerprint":{"sha1":"CE:BB:4F:68:2C:89:90:90:9F:0D:E4:DC:37:55:B5:DC:41:49:D6:F9","sha256":"52:3F:5E:43:C5:77:DF:EF:E5:AE:11:CA:C1:74:9E:6B:A8:63:B6:7A:C9:7F:8F:58:EF:05:C6:35:2F:C7:D2:9B"}}},"request":{"raw":"GET /sb/notifications/utility/default/robot/2/index.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sq.religionmystic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 27 Oct 2025 09:24:54 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Tue, 08 Apr 2025 16:16:07 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=y2qjYQGzeyAH6f%2BP3R8I5ghNF2o7vM%2FYW3TCbkt1Vny1ZLs9oexH4OoBm7w2RItoV7ID%2BIvdtI4GwL6lA%2FOmdijOo2T80%2F1cnCH5Di0%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9951249ed8c70b49-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":1331,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"6d925fca1f3623368e2c47f8ac18ea89","sha1":"3dc674f220a7ad1fa502fdd4bf353f836ece2c75","sha256":"34c0988a0d6428e37eab062e19df5661d32e9f8d11704ba50f78cdc430299712","sha512":"380f03a62b612643a9e5c252357c2bba326dd657460a03a292ad1a01e888d9390a5fc107f3cde290e3a011a1608f2253e0496703b1d474e4bf098dfa94802aca","ssdeep":"","tlshash":"7f214b4e3dadd57215c391563b702f6aa88ad6cfd90b9440b3fc4d508bd6b81cd43207","first_seen":"2025-07-06T07:29:12.190766Z","last_seen":"2026-03-16T08:29:14.378545Z","times_seen":1162,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":20,"dns":5,"connect":1,"send":0,"wait":122,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/utility/default/robot/2/css/magic.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:54.436Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/utility/default/robot/2/css/magic.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sq.religionmystic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 27 Oct 2025 09:24:54 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 08 Apr 2025 16:16:09 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"67f54bc9-affe\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TRgbeU8vlayh24thSmwCH3Ex6xM1%2BTlNTokO%2Fl9ucIM%2F0Qel%2FqkGWN4e5V5oF3K%2FST0lrXBa9kurjoQZ2rioARmm2mChWV9c8EWu0ygzY6g%3D\"}]}\r\ncf-ray: 995124a05c794c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45054,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"bcd1967f8c2604f55f57197de0ae895e","sha1":"c31a10c3ecde74b50450a0a1ad21aa474ff05e7d","sha256":"787eac5d9417257a04de7b18ef21f5ec887de3aee642ceba9a7d56a8209eea2a","sha512":"b37f1a61bbe740bc29308e664227701366ac978d4fbed081f13c47200edd74a792ab980559a236cff39ae27d3fda3ffffef3f1ac2dc420612b616496b44e9df8","ssdeep":"384:lQLl1pRp0itimTKDbObwHuHXFlF7FPFSWRyYyRZZZaZjZPfbfUO3OipypE:GpRp0itiFbObwHuHXFlF7FPFSWX","tlshash":"b913276b2dd2114086564365a3fe6b2c261c85c31c6becfab3a218ce8f1567c53db61f","first_seen":"2025-06-11T18:18:27.729381Z","last_seen":"2026-04-04T09:26:04.792545Z","times_seen":5440,"resource_available":false,"data":null}},"time_used":556,"timings":{"blocked":24,"dns":6,"connect":1,"send":0,"wait":501,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/utility/default/robot/2/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:54.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/utility/default/robot/2/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sq.religionmystic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 27 Oct 2025 09:24:54 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 08 Apr 2025 16:16:09 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"67f54bc9-1610\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JNo%2FA7qGvUFR3E3oqoHMT7nowsr9MWI9H%2BPen7O4iON8uRQK4sYK2Ywlkg0IHk6G8RyxUEYN5m7p%2FXJTQfpObcuseMgtNCIYvJE6f%2BjWPQM%3D\"}]}\r\ncf-ray: 995124a05c744c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5648,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"1622d5dbd3ee323f1f251cb3de7b1f03","sha1":"bf821b06f4b67fc40dbd4398e00be1e12b566d41","sha256":"58789b7eb6e198a1a16151797ce4b1218e36c8708a9cd8a1808cdc40b21b1bb8","sha512":"4e0dfd40e4363c28d49965b28566cb98bd98b3de021cc4ebd60f15f7ff4bb2238d8534f3c98d162a5c2c54c24e15a3fd3db60e04ddef648d8a0752f3d69ca2d3","ssdeep":"96:5zlzMUmZ1CfICcfXgCfViOtAYiY5mnM0pfionq4OHBCHLmOCp0PkuCo1CCJ0xFCL:fMFInadiOyXnM0M0srv4Dv","tlshash":"e0c12fa617650204750bd8563e126f17a7688043ef0fd9b86ed2240c8fca6ce96e378f","first_seen":"2025-07-06T07:29:12.192872Z","last_seen":"2026-03-16T08:29:14.362113Z","times_seen":1118,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":21,"dns":5,"connect":1,"send":0,"wait":123,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/utility/default/robot/2/img/close.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:54.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/utility/default/robot/2/img/close.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 27 Oct 2025 09:24:54 GMT\r\ncontent-type: image/png\r\ncontent-length: 7005\r\nserver: cloudflare\r\nlast-modified: Tue, 08 Apr 2025 16:16:11 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"67f54bcb-1b5d\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 272997\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HdienvbxPQHZnyUsCTzVMLainDAEJIK9ds9HutAgPz9a3ihU7Yl87oUqssLWGUnYZTAnRZpatTg81NS0Sc61H%2FcHXL0VH%2BJDifj2%2BQ6d%2FjU%3D\"}]}\r\ncf-ray: 995124a12e6c4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7005,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"5127599f81c439cb0cf21166da26e991","sha1":"a750620e45c25855fb32ede5f1adb69ad28c1eeb","sha256":"9402058e0a31e79cd70001ebb397de51144d6e638a482f33bcee9a94dc20a6ff","sha512":"4e01869e43212009dc3811b4fc2303c39ab9aa123ce034ff4df220539a1e65784835b6cb0873cea4f6de027a7dcf1dd440ac0631e6b9c9db9085804473e3a0a8","ssdeep":"192:FkknNHG5WNN4kVyitdix/Inm2I6BRvBevoIPkucZ:9nNmoN4kVyiswm2I6BFBpuI","tlshash":"dee17d19dda17e1005d57f8a2fef815243638390c2856282dced8c5237e40f1ec6e4cb","first_seen":"2025-07-04T18:28:09.283921Z","last_seen":"2026-03-23T06:05:48.044552Z","times_seen":3194,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/utility/default/robot/2/img/banner.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:54.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/utility/default/robot/2/img/banner.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 27 Oct 2025 09:24:54 GMT\r\ncontent-type: image/png\r\ncontent-length: 29534\r\nserver: cloudflare\r\nlast-modified: Tue, 08 Apr 2025 16:16:11 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"67f54bcb-735e\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 455198\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lTUfSK9g%2FVnhz6dBnf1fNdvPciUwd3m7RLxEyGZa8q8Qgnj%2Fw%2Fn3rP2p9%2F%2Feg7RXrZsp5y2LzmyqDjXdaFOc%2FzsKWnG74%2BnDi863hnZnZKw%3D\"}]}\r\ncf-ray: 995124a12e784c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29534,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 400, 8-bit colormap, non-interlaced","md5":"563e092f6677dac51659d62dccd159bf","sha1":"d04ac2cbce54e7c4849bbe28ecef94b464f3246e","sha256":"9d9611a42fcdbfd80c5d0774a743891691d0a09ce3c9830ceab54e920dbb64e1","sha512":"c2e1135a6b532df9332a2cc53477df0f3a2e69be2b45ab5ced0d764b977b6bc4b1362775957b96c5ae7862c73dbcbfb07f115074f3b554ea1ec8ff3afe2f1dc8","ssdeep":"768:ftP+gBsKWXjW1Mg3j/xQkRSP8d2iOF4aI:12gBsnXiH3tkUoo","tlshash":"a1d2e1512e22c71b09c92debbe15d8f6f8617da7f835692d201db2ac906639fc2501dc","first_seen":"2025-07-06T07:29:12.195371Z","last_seen":"2026-03-16T08:29:14.392987Z","times_seen":1144,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/utility/default/robot/2/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:54.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/utility/default/robot/2/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 27 Oct 2025 09:24:54 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 08 Apr 2025 16:16:14 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1vv0M8ze2IXk5jTAE5zi2tEHuiyvoAd%2FQVnVlWt0kJCHuBRljgQ7Mx9p%2Fo51ZpYXxjEN%2FXEBNa3mHwgU2sE0J%2Foq090SKCa9QTtM4NryMZY%3D\"}]}\r\nage: 441343\r\ncf-cache-status: HIT\r\netag: W/\"67f54bce-149a0\"\r\ncontent-encoding: br\r\ncf-ray: 995124a12e7b4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84384,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32025), with CRLF line terminators","md5":"6326c600df01e3bfb9b40e1aa08176f8","sha1":"6b4fb754d29b297b539bf62ba9b4eaf0f33f314a","sha256":"df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3","sha512":"641aaeecb9b89bcc319cabfef18f76faa9b1ba79f9de30c6d07f22d385fc78ac3f11a718fe9ec96f8a13d82e3dff4ca34944ccb449a4ef8e378ad65dfad581c0","ssdeep":"1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri","tlshash":"eb83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","first_seen":"2023-03-07T01:10:11Z","last_seen":"2026-04-04T09:26:04.750737Z","times_seen":10373,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=f39d27a3-8812-49d6-97ed-c2641fece175\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=c99f97f69c52abc080d590b5fa2a7e8e\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=9","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:54.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=f39d27a3-8812-49d6-97ed-c2641fece175\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=c99f97f69c52abc080d590b5fa2a7e8e\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=9 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 27 Oct 2025 09:24:55 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 2\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 06b0081f76317b1195c5d5b09bed546f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T09:46:13.591387Z","times_seen":13326202,"resource_available":true,"data":null}},"time_used":663,"timings":{"blocked":282,"dns":0,"connect":93,"send":0,"wait":97,"receive":0,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"religionmystic.com/favicon.png","fqdn":"religionmystic.com","domain":"religionmystic.com","tld":"com"},"ip":{"addr":"172.67.160.27","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:53.757Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"religionmystic.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 26 Oct 2025 03:34:26 GMT","end":"Sat, 24 Jan 2026 04:32:48 GMT"},"fingerprint":{"sha1":"A3:AC:45:8F:5E:ED:70:07:D7:0A:28:36:B1:9C:4F:F2:A8:C8:DB:8E","sha256":"E6:73:05:0B:E6:36:47:A7:16:21:FA:AD:C3:47:B0:CD:55:D8:65:9C:76:E3:03:4B:B4:D0:B3:E6:66:D7:70:A0"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: religionmystic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 27 Oct 2025 09:24:53 GMT\r\nserver: cloudflare\r\nvary: User-Agent, accept-encoding\r\ncf-cache-status: MISS\r\ncontent-length: 5159\r\nlast-modified: Thu, 07 Aug 2025 07:35:05 GMT\r\netag: \"1427-63bc17efd80e4\"\r\naccept-ranges: bytes\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jYNpMuhs6bLGAUcDIdzGa7kmvkW1mi3%2FGzcykhdqGcVFZtERb1%2BgMW8mPpwiTEeqasrx9Rlrx7SBjSfDWyMYdBywY82CKoZHZGp09McLfew%3D\"}]}\r\ncache-control: public, max-age=31536000\r\nexpires: Tue, 27 Oct 2026 09:24:53 GMT\r\naccess-control-allow-origin: *\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: image/png\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9951249c090456bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5159,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, interlaced","md5":"e2a60bdcb348f73fbbbf6a11ad2d985a","sha1":"3845373e1563cb10b4292ee21e8557e48846c241","sha256":"b84850cb98fe6c7ee3a7e65c2b6823f5b35ee8c8f50245d0b67bc8f44d098503","sha512":"80df754bf45330b34c6eef5be834b5ccdd0fd6a9a85eb59327e3f1ea2f9eb88a733cdffe04c105552925f8616f2152fdda5d4f70dbee9db451f0653ab3fe015f","ssdeep":"96:Eo0TeCi1Be/JiIl8zmpn2CA6FN4FGfbaLqMqr6YiC2Zon7NIBFAejpGyS/n3uh+2:EohhTq9HXS+baLSjnpQVin3uN","tlshash":"87b14cbab19484f6fe46b0358be2d6f646753bc10191cc41369dd60c267b6dce4c348e","first_seen":"2025-10-27T09:25:19.557428Z","last_seen":"2025-10-27T09:25:19.557428Z","times_seen":1,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":0,"dns":9,"connect":1,"send":0,"wait":162,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s18a.biz/?te=my4gem3cgy5ha3ddf42dcnzr","fqdn":"s18a.biz","domain":"s18a.biz","tld":"biz"},"ip":{"addr":"24.144.79.171","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:52.802Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"s15a.biz","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Oct 2025 19:48:55 GMT","end":"Tue, 30 Dec 2025 19:48:54 GMT"},"fingerprint":{"sha1":"3C:64:17:EA:1F:17:DA:B2:2F:94:A4:4D:11:70:7F:10:B2:60:7A:75","sha256":"37:F2:60:1D:2D:0E:C9:78:37:B8:A4:94:83:B4:C2:B3:C0:3F:3C:09:7F:43:0F:1F:96:9A:4E:46:0C:9A:D0:04"}}},"request":{"raw":"GET /?te=my4gem3cgy5ha3ddf42dcnzr HTTP/1.1\r\nHost: s18a.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 27 Oct 2025 09:24:52 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\nset-cookie: uuid=50f17e78-7f83-426b-abce-658566449dd0; expires=Wed, 26-Nov-2025 09:24:52 GMT; Max-Age=2592000; path=/; SameSite=None; domain=s18a.biz; secure\r\nstrict-transport-security: max-age=31536000\r\ncontent-security-policy: img-src https: data:; upgrade-insecure-requests\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"f495e69f2e9edc75eeae7dd3ea78a747","sha1":"a89e38bbe70fa2de5db9d578975abd4e9dcda52e","sha256":"8bf4c7cf443426b4cd8b5a56d22109b4e70314c1d2b8d0eb68887696722c132c","sha512":"3fd0afcb046ea60710b769bab0a70d6474af6fc6e881277b0b17964c74cb7edb539a758f4b87a689ce9a52a20674cc88fa8cb9c2a337785cd060d8a5bdefa85e","ssdeep":"","tlshash":"1e5000c000003003300003000f00c00000000c00003000000000000000000c00c00000","first_seen":"2023-03-07T01:03:06Z","last_seen":"2026-04-03T19:55:24.685659Z","times_seen":3403,"resource_available":true,"data":null}},"time_used":280,"timings":{"blocked":125,"dns":65,"connect":20,"send":0,"wait":23,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"outwardtimetable.com/c9/9f/97/c99f97f69c52abc080d590b5fa2a7e8e.js","fqdn":"outwardtimetable.com","domain":"outwardtimetable.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:52.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"outwardtimetable.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Oct 2025 22:19:22 GMT","end":"Fri, 16 Jan 2026 22:19:21 GMT"},"fingerprint":{"sha1":"CB:BD:40:04:66:51:38:3A:0B:50:82:8E:71:8E:93:8F:BF:2C:2B:97","sha256":"6D:E4:5A:AD:FF:2A:6B:0E:28:9A:D1:44:72:CA:4B:D5:BE:1E:60:AE:DA:58:37:EF:96:4D:28:8A:DC:EF:83:17"}}},"request":{"raw":"GET /c9/9f/97/c99f97f69c52abc080d590b5fa2a7e8e.js HTTP/1.1\r\nHost: outwardtimetable.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 27 Oct 2025 09:24:53 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 32932\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 5\r\nHost: outwardtimetable.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: c36d95272a16e9a28c21c8e9687b0895\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85067,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6068ebf7eab18e7869eaf71f2f01598d","sha1":"7d2ef82b8ee2d30d3fa0348afd12672bcdf2aab5","sha256":"18dfd958a949f3d5ec889396f9f15f7eace4cf2644e66f62ee7689eb7213a3a8","sha512":"4d39fac5d680163a5e4112ac651d6f06cede44f7bbadfe6df86a881f15d2e815ca0323b59901fa775d8393b2f3f89df9c0e501eaad185f7b3684e2c75b5f9d0b","ssdeep":"1536:fit773s72DQsjQlZKEMO2N6BLFYQPcT41FXgKkGCWUMZL:fU7xkN4O2N6BLFYQZDXgKsWUM9","tlshash":"bd83f8883f81b65812a2f033723f999ae1da5e451888d054e303a8dcbf7d71dd93af65","first_seen":"2025-10-27T09:25:19.558642Z","last_seen":"2025-10-27T09:25:19.558642Z","times_seen":1,"resource_available":true,"data":null}},"time_used":869,"timings":{"blocked":338,"dns":52,"connect":93,"send":0,"wait":99,"receive":94,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"outwardtimetable.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"outwardtimetable.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"outwardtimetable.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Fcss%2Fstyle.css\u0026l=5648\u0026fd=162","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:54.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Fcss%2Fstyle.css\u0026l=5648\u0026fd=162 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 27 Oct 2025 09:24:54 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T09:46:13.591387Z","times_seen":13326202,"resource_available":true,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":91,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"outwardtimetable.com/impr.gif?sid=H4sIAAAAAAAC_1RSz2skRRSu3uSkiKiLJ4URXFhxM-me7vnRu4dgXCPBmIRsJAcPUl1VPSnT3dVWdU9P5hQMyB5nbx48dL5JNqiLrn-AuEy8RRYdTzlsDupVEJRclZkMLD6o917xVcH3fe99dpCfExc5PVt_X_VkFNH5etWuXN-SCVeFqaxuVhy7at-qbMmk4d2qdMdJd246rle136i8K9iOmq_Zjm07tlNZklqEqjs_QSHTB75T9e2qV6s6dQ9d_f-7yS0YaoF3zsmLkHz0_O_hh5BsiCR-eFuYnUylN96J84hmSqPDjz9IdhJVJIiftqG2ECbH09dQZkTI51egkuOpAqjO4VgBAjkiV15-giA5ntJE0Dm6ZBpEEAkC_iyKzhAiGkLSIZjah-S_EIBxrK4hie-vKl3Q3UuUjtERmb34G7IYkdknV5HE3yxGslu5o6I8kyox6IYlZHcI2R4izU-Q9SzI4gQs-xSSPybzFytI4sM1EylIfvZ66Pq81qTuXKvl1OY8nzfm_Kbgc6zW8JxQMOE06xOLZDgENRby8ZEW8tBCnlqI-VnFs1sec6jbCH3OmrZHPY-LwPZbNdumPmsiZ2PufWRpHyzqg-k9pHoPO7IPnT-C2S5huAWTEXR4iUIQFIagoASFJCgygqJTHvHI1Ex5n0cmD5xprU2rWw5U1j6gRypri4SA6j40Lw9l-onZB8tmBr3Q8IEaJxpk5YAGvDxIz8kLY1uta4-H2BFnFeb7od8MGz6r12jA7JbN674d1ENao03REjCyhDRXJmb05Ihc--McqRyR5278hICewEQnYHIGNH8VtChBt0v0km9pImMamUwkvMpUDK5KpNkssl3rIDonLw02NhcfTQb80Ss_Q7DThYs_723rh6-B6RKpLvGx_JGgHd0dbKiCHG6owpDv1tJMxrJHx8O_k9FMzH71ntgtlObLt03_y7fYGBi3DzaFyVZowmXSNuTrRcm50EtKM0G-XzZbIljPzfZirpM8XVl_e2k5TrUwRqpkCCpH5Jkv3gSTI3L1-sJksev__AaW7sGkpwt_kUnAKIIgtRBJgkickmmABiWMeKonEKc_TP8cmLtoaws020cSl-joEp2oBI36MPnMIEv16cKv7iQQRNYgiLR1GEQ6unfpk5FnldAVNWbbrWbDcVuhcFyPs7DeGu8ytV1XIDOj7X9vhv8FAAD__wtcliJ7BAAA","fqdn":"outwardtimetable.com","domain":"outwardtimetable.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:55.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"outwardtimetable.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Oct 2025 22:19:22 GMT","end":"Fri, 16 Jan 2026 22:19:21 GMT"},"fingerprint":{"sha1":"CB:BD:40:04:66:51:38:3A:0B:50:82:8E:71:8E:93:8F:BF:2C:2B:97","sha256":"6D:E4:5A:AD:FF:2A:6B:0E:28:9A:D1:44:72:CA:4B:D5:BE:1E:60:AE:DA:58:37:EF:96:4D:28:8A:DC:EF:83:17"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSz2skRRSu3uSkiKiLJ4URXFhxM-me7vnRu4dgXCPBmIRsJAcPUl1VPSnT3dVWdU9P5hQMyB5nbx48dL5JNqiLrn-AuEy8RRYdTzlsDupVEJRclZkMLD6o917xVcH3fe99dpCfExc5PVt_X_VkFNH5etWuXN-SCVeFqaxuVhy7at-qbMmk4d2qdMdJd246rle136i8K9iOmq_Zjm07tlNZklqEqjs_QSHTB75T9e2qV6s6dQ9d_f-7yS0YaoF3zsmLkHz0_O_hh5BsiCR-eFuYnUylN96J84hmSqPDjz9IdhJVJIiftqG2ECbH09dQZkTI51egkuOpAqjO4VgBAjkiV15-giA5ntJE0Dm6ZBpEEAkC_iyKzhAiGkLSIZjah-S_EIBxrK4hie-vKl3Q3UuUjtERmb34G7IYkdknV5HE3yxGslu5o6I8kyox6IYlZHcI2R4izU-Q9SzI4gQs-xSSPybzFytI4sM1EylIfvZ66Pq81qTuXKvl1OY8nzfm_Kbgc6zW8JxQMOE06xOLZDgENRby8ZEW8tBCnlqI-VnFs1sec6jbCH3OmrZHPY-LwPZbNdumPmsiZ2PufWRpHyzqg-k9pHoPO7IPnT-C2S5huAWTEXR4iUIQFIagoASFJCgygqJTHvHI1Ex5n0cmD5xprU2rWw5U1j6gRypri4SA6j40Lw9l-onZB8tmBr3Q8IEaJxpk5YAGvDxIz8kLY1uta4-H2BFnFeb7od8MGz6r12jA7JbN674d1ENao03REjCyhDRXJmb05Ihc--McqRyR5278hICewEQnYHIGNH8VtChBt0v0km9pImMamUwkvMpUDK5KpNkssl3rIDonLw02NhcfTQb80Ss_Q7DThYs_723rh6-B6RKpLvGx_JGgHd0dbKiCHG6owpDv1tJMxrJHx8O_k9FMzH71ntgtlObLt03_y7fYGBi3DzaFyVZowmXSNuTrRcm50EtKM0G-XzZbIljPzfZirpM8XVl_e2k5TrUwRqpkCCpH5Jkv3gSTI3L1-sJksev__AaW7sGkpwt_kUnAKIIgtRBJgkickmmABiWMeKonEKc_TP8cmLtoaws020cSl-joEp2oBI36MPnMIEv16cKv7iQQRNYgiLR1GEQ6unfpk5FnldAVNWbbrWbDcVuhcFyPs7DeGu8ytV1XIDOj7X9vhv8FAAD__wtcliJ7BAAA HTTP/1.1\r\nHost: outwardtimetable.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nCookie: uid_id2=f39d27a3-8812-49d6-97ed-c2641fece175:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl19254978=1; slecc99f97f69c52abc080d590b5fa2a7e8e=[6233296]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 27 Oct 2025 09:24:55 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nset-cookie: iprc_l+b923b2be6de009def6cc4100040bbf8f=6233296; expires=Tue, 28 Oct 2025 09:24:55 GMT; path=/; secure; SameSite=None\niprc_l:6233296=1; expires=Tue, 28 Oct 2025 09:24:55 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 4\r\nHost: outwardtimetable.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 8c9952401fb75c785e499d86fd542311\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T09:46:13.591387Z","times_seen":13326202,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"outwardtimetable.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"outwardtimetable.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"outwardtimetable.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","fqdn":"sq.religionmystic.com","domain":"religionmystic.com","tld":"com"},"ip":{"addr":"172.67.160.27","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-27T09:24:52.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"religionmystic.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 26 Oct 2025 03:34:26 GMT","end":"Sat, 24 Jan 2026 04:32:48 GMT"},"fingerprint":{"sha1":"A3:AC:45:8F:5E:ED:70:07:D7:0A:28:36:B1:9C:4F:F2:A8:C8:DB:8E","sha256":"E6:73:05:0B:E6:36:47:A7:16:21:FA:AD:C3:47:B0:CD:55:D8:65:9C:76:E3:03:4B:B4:D0:B3:E6:66:D7:70:A0"}}},"request":{"raw":"GET /17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs HTTP/1.1\r\nHost: sq.religionmystic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 27 Oct 2025 09:24:52 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nx-powered-by: PHP/8.4.13\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sBod%2BqnJuDYB4xA5nxhb8KphyG8Zu2jwt7%2BZQydWSUNjr9qtD8SuQyW3%2BANbx%2FvN6%2FYLkYS7wwyt6WpySEVkGS92NxXMx7DaMjsbyXtGV5GyZQE%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 99512493a957b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.4.13","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"YouTube","description":"YouTube is a video sharing service where users can create their own profile, upload videos, watch, like and comment on other videos.","website":"https://www.youtube.com","common_platform_enumeration":"","icon":"YouTube.png","categories":["Video players"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":75246,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1527), with CRLF, LF line terminators","md5":"551023f1b1f55730cda2a10b64a5ec85","sha1":"ddd5a380fd844e71949cccd0a883d15048e118c8","sha256":"aa58c341292da77de206753b9fb85b0e14c386ab7238549f988f3ca768b8deb2","sha512":"d7b52c16663348942a883372f9f302f587e48abe933ca47b4e87c66d861255207fc6eaad2420418ab40d32c469041a2c5eea2353a6f978caaf7b29c554707442","ssdeep":"1536:nhh7YGrhsUjWtLlhj55rFiGbn1xzOB543PWSN:nHRNsUjWtLlhj5NFik1xzOB5431","tlshash":"5973b87114a28e3917e353eae5922b0ce3ff479899f34e22e158da035543bf60766d0b","first_seen":"2025-10-27T09:25:19.559493Z","last_seen":"2025-10-27T09:25:19.559493Z","times_seen":1,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":35,"dns":14,"connect":1,"send":0,"wait":163,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.zz-10.com/templates/s018/css/style.min.css","fqdn":"cdn.zz-10.com","domain":"zz-10.com","tld":"com"},"ip":{"addr":"104.26.0.198","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:52.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"zz-10.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 13:44:33 GMT","end":"Tue, 16 Dec 2025 14:44:17 GMT"},"fingerprint":{"sha1":"16:AD:2E:E6:ED:D4:89:A1:4C:02:C5:4E:57:E8:21:FE:E5:08:86:FF","sha256":"69:BE:EF:FB:D7:12:C4:48:A1:C4:DB:6D:2B:26:79:6E:DC:FA:10:9B:B5:89:9D:C2:F9:33:34:92:6B:05:46:19"}}},"request":{"raw":"GET /templates/s018/css/style.min.css HTTP/1.1\r\nHost: cdn.zz-10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 27 Oct 2025 09:24:52 GMT\r\ncontent-type: text/css\r\ncontent-length: 69738\r\nserver: cloudflare\r\nvary: User-Agent,Accept-Encoding\r\nlast-modified: Sat, 13 Sep 2025 09:59:06 GMT\r\netag: \"2652b-63eabd22ec490-br\"\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000\r\nexpires: Tue, 20 Oct 2026 09:18:46 GMT\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nage: 594189\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o%2FtLL%2F1ZSl2xxgExE4y1lF7IDtQ0iCv%2F%2BtynYo%2BsIXgXxM%2FrIABpatqnmYtb21CA9DAhAq23PkfeOtp69AlgbN5YusHZJOmEjoY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 995124963e5cb4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":156971,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (55900), with CRLF line terminators","md5":"5706d850d8e49f55fa90f61380f35629","sha1":"5ad977b658292bb1f2e74dae5fdc1ce0cf5f7d92","sha256":"65da90bacdcdb7de500bd942aa83868dcedb2084a0b52123ac342a4c0b4d877b","sha512":"1b545477d728f7fd2e1aeab4d9f64c39ddbfe193cce3d845224e4b33f482cb572a4d8992ae9ceddf45416c18908478e8e727ecdacb2dd94d729227c62b4d12e8","ssdeep":"3072:p7I7vc/nVEB1e0NdPSARNR66Nv6uVQs5S:7VEH7dPSARNR66Nv6uVQs5S","tlshash":"52e32a63f9d2229dd127c21681e1babc6ebd1043e757eefb94333b6087892c7096195c","first_seen":"2025-10-27T09:25:19.560454Z","last_seen":"2025-10-27T09:25:19.560454Z","times_seen":1,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":32,"dns":9,"connect":1,"send":0,"wait":12,"receive":7,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i.religionmystic.com/logo-144x144.png","fqdn":"i.religionmystic.com","domain":"religionmystic.com","tld":"com"},"ip":{"addr":"172.67.160.27","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:52.794Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"religionmystic.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 26 Oct 2025 03:34:26 GMT","end":"Sat, 24 Jan 2026 04:32:48 GMT"},"fingerprint":{"sha1":"A3:AC:45:8F:5E:ED:70:07:D7:0A:28:36:B1:9C:4F:F2:A8:C8:DB:8E","sha256":"E6:73:05:0B:E6:36:47:A7:16:21:FA:AD:C3:47:B0:CD:55:D8:65:9C:76:E3:03:4B:B4:D0:B3:E6:66:D7:70:A0"}}},"request":{"raw":"GET /logo-144x144.png HTTP/1.1\r\nHost: i.religionmystic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 27 Oct 2025 09:24:52 GMT\r\nserver: cloudflare\r\nvary: User-Agent, accept-encoding\r\ncf-cache-status: MISS\r\ncontent-length: 16883\r\nlast-modified: Mon, 15 Apr 2024 11:48:05 GMT\r\netag: \"41f3-6162131c52740\"\r\naccept-ranges: bytes\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ge%2FgHHVnLqhAHpmWUJiOc0VLggB1J1YCkACeQaVsPzbNUxKLssc2VDqqPt1ppSZNz4lUvbvpUPuTetOKE8t6SCf0A3w5fre2jHhi1UEspfVEnQ%3D%3D\"}]}\r\ncache-control: public, max-age=31536000\r\nexpires: Tue, 27 Oct 2026 09:24:52 GMT\r\naccess-control-allow-origin: *\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: image/png\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 99512495f89656bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16883,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 144 x 144, 8-bit/color RGBA, interlaced","md5":"b8c386c35171a0a840ef9910aa3d1b4a","sha1":"b38614a6307b3f56018c64520232351116e7e04b","sha256":"bad1c9eb7d86290f09eaf0f3eea672aaa618682bc2f0e7520c95a76dbfe818a5","sha512":"802e9e01b1b7e4f14245d86be10fcebb567e11fe6247af08367c7959f03a817d8c61bc33c7580edcbf4fa81aa546311a421ca8fb874364a23e42da256a59c6bf","ssdeep":"384:+NZF7p6oLYaX46SyC2xgPIhDqAxDUEWkyYYDeEfyOfN:+NZ6cKdP2SPIxlxYbyOfN","tlshash":"f2726c28f4058a7df859a933ace1d8f10db039469922cdd60989af1e6c73431bcd39d4","first_seen":"2025-10-27T09:25:19.561327Z","last_seen":"2025-10-27T09:25:19.561327Z","times_seen":1,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":149,"receive":63,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:300,400,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:54.584Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 14:34:04 GMT","end":"Wed, 24 Dec 2025 14:34:03 GMT"},"fingerprint":{"sha1":"5F:D5:F8:10:14:80:32:78:B6:66:AC:25:01:5E:C2:6B:0C:D6:03:BD","sha256":"66:2A:01:C5:DD:28:0B:66:17:E5:8A:2F:4E:52:AF:74:21:21:65:E1:71:72:47:4B:5D:69:50:8D:B4:16:49:C5"}}},"request":{"raw":"GET /css?family=Roboto:300,400,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 27 Oct 2025 09:24:54 GMT\r\ndate: Mon, 27 Oct 2025 09:24:54 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"a90fc2bf15e304ef3fa4e7f75b6a8608","sha1":"0f8c2853b49a7c206d75af99117482d80a60f869","sha256":"6e10be4b6befecf6f3d1ae34b727939e6da334a1f2d815fd325ba9c455520772","sha512":"0d1a14e11c436dadf51cc489592867eaff3cae2c4a95748d2a25614c984560ad3588fb95e2aaafd4060d4954594951d09e71ab36e9859fb8590198811f156fc4","ssdeep":"384:pwf5wgwPwrwyUw/qY4+w4wYwpwfMw1wWw6wyhw/qY4XwNwtw4wfdwkwDw3wyQw/P:pc70afUQRptmJKBLfhQE8YTYHw+fQQVl","tlshash":"b472ed91041700009b835ce223cebf35fe5f92117141d0b9abfd9b6badcbc6652693ad","first_seen":"2025-09-08T23:24:40.129975Z","last_seen":"2025-11-18T23:33:55.863403Z","times_seen":3582,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":115,"dns":1,"connect":7,"send":0,"wait":19,"receive":0,"ssl":110},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:53.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 27 Oct 2025 09:24:53 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 73f8fff92c1bd4a3378af9f5b2b85e48\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:55.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 14:34:01 GMT","end":"Wed, 24 Dec 2025 14:34:00 GMT"},"fingerprint":{"sha1":"69:C0:F6:2B:DD:5C:EF:2D:13:DF:E4:02:A5:5A:AE:D0:E8:1D:F6:8A","sha256":"04:A4:17:F9:A5:5F:92:F9:2B:AE:63:97:B2:97:F5:38:94:37:06:AB:1B:75:6E:41:16:74:D5:07:D2:08:E3:6C"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://sq.religionmystic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 23 Oct 2025 17:26:19 GMT\r\nexpires: Fri, 23 Oct 2026 17:26:19 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nage: 316716\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T09:44:11.923098Z","times_seen":714179,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":97,"dns":0,"connect":20,"send":0,"wait":27,"receive":15,"ssl":73},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Findex.html\u0026l=1331\u0026fd=148","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:54.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Findex.html\u0026l=1331\u0026fd=148 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 27 Oct 2025 09:24:54 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T09:46:13.591387Z","times_seen":13326202,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/utility/default/robot/2/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:54.757Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/utility/default/robot/2/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sq.religionmystic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 27 Oct 2025 09:24:55 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 08 Apr 2025 16:16:14 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=do7LAxPfZ4qBY7zzxx3Vb2pbusxPPLX1TyE2rJxjaeFChtOOV2E8O0Nr660MEjTJnLbliGrVW8M7IHKVDo7C%2BGN5xog4aRd%2B1iUNzxrSemk%3D\"}]}\r\ncf-cache-status: MISS\r\netag: W/\"67f54bce-20dc\"\r\ncontent-encoding: br\r\ncf-ray: 995124a218f04c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8412,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"066cc70a926c6ed2bd892cb5b2ef2127","sha1":"6ba3eb39830a2ef9e522cf28d779d25359a12587","sha256":"3a81ae28e6ed4c4b72715adf753ffb80cea10bccdb8aa81053fbcfa7d935a560","sha512":"d63b0c210b2b76569b7b79df20c58b3571fff409090fe40b1e7ffeeb219fe3991cfc82bf0889c30a29b18dff878910d4c3480dad8a85fb9cb10180124309f5ba","ssdeep":"96:KyLqrYLHwX1O/D3cYmeDjlwjeqFczLCDsnvuRQs01GKyBspfkxzUXe2lJK9zbdro:dLF4crcYmeV+VHJmQxdCnV8oDeQToS","tlshash":"ee02310809fad521d01da13e203e3265f7244a53ac5abed8bb8451055fded6fb9b903f","first_seen":"2025-07-06T07:29:12.196612Z","last_seen":"2026-03-16T08:29:14.391925Z","times_seen":1376,"resource_available":false,"data":null}},"time_used":463,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":463,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Fcss%2Fmagic.css\u0026l=45054\u0026fd=543","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:54.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Fcss%2Fmagic.css\u0026l=45054\u0026fd=543 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 27 Oct 2025 09:24:55 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T09:46:13.591387Z","times_seen":13326202,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Fjs%2Fscript.js\u0026l=6717\u0026fd=480","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:55.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Fjs%2Fscript.js\u0026l=6717\u0026fd=480 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 27 Oct 2025 09:24:55 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T09:46:13.591387Z","times_seen":13326202,"resource_available":true,"data":null}},"time_used":91,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":91,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"outwardtimetable.com/pixel/sbs?c=1","fqdn":"outwardtimetable.com","domain":"outwardtimetable.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:55.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"outwardtimetable.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Oct 2025 22:19:22 GMT","end":"Fri, 16 Jan 2026 22:19:21 GMT"},"fingerprint":{"sha1":"CB:BD:40:04:66:51:38:3A:0B:50:82:8E:71:8E:93:8F:BF:2C:2B:97","sha256":"6D:E4:5A:AD:FF:2A:6B:0E:28:9A:D1:44:72:CA:4B:D5:BE:1E:60:AE:DA:58:37:EF:96:4D:28:8A:DC:EF:83:17"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: outwardtimetable.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nCookie: uid_id2=f39d27a3-8812-49d6-97ed-c2641fece175:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl19254978=1; slecc99f97f69c52abc080d590b5fa2a7e8e=[6233296]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 27 Oct 2025 09:24:55 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: outwardtimetable.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T09:46:13.591387Z","times_seen":13326202,"resource_available":true,"data":null}},"time_used":656,"timings":{"blocked":281,"dns":1,"connect":92,"send":0,"wait":93,"receive":0,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"outwardtimetable.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"outwardtimetable.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-27","alert":"Sinkholed","trigger":"outwardtimetable.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:55.440Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 14:34:01 GMT","end":"Wed, 24 Dec 2025 14:34:00 GMT"},"fingerprint":{"sha1":"69:C0:F6:2B:DD:5C:EF:2D:13:DF:E4:02:A5:5A:AE:D0:E8:1D:F6:8A","sha256":"04:A4:17:F9:A5:5F:92:F9:2B:AE:63:97:B2:97:F5:38:94:37:06:AB:1B:75:6E:41:16:74:D5:07:D2:08:E3:6C"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://sq.religionmystic.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 23 Oct 2025 17:26:19 GMT\r\nexpires: Fri, 23 Oct 2026 17:26:19 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nage: 316716\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T09:44:11.923098Z","times_seen":714179,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":79,"dns":0,"connect":20,"send":0,"wait":21,"receive":26,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=f39d27a3-8812-49d6-97ed-c2641fece175\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=aebcc5217dca5cd32a9c99788c6c2015\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=9","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sq.religionmystic.com/17275685-capricorn-symbol-of-the-sign-dates-characteristics-compatibility-with-other-signs","date":"2025-10-27T09:24:54.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=f39d27a3-8812-49d6-97ed-c2641fece175\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=aebcc5217dca5cd32a9c99788c6c2015\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=9 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sq.religionmystic.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Mon, 27 Oct 2025 09:24:55 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 2\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a88b6feb9ae704ec4a8f419f373b362f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T09:46:13.591387Z","times_seen":13326202,"resource_available":true,"data":null}},"time_used":661,"timings":{"blocked":282,"dns":1,"connect":92,"send":0,"wait":95,"receive":0,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}