{"report_id":"e6d10b89-45fe-4f5a-b09a-bd45ad6ed744","version":6,"status":"done","tags":[],"date":"2025-11-22T06:02:25Z","url":{"schema":"http","addr":"voyeurzz.com/","fqdn":"voyeurzz.com","domain":"voyeurzz.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":0,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"voyeurzz.com/","fqdn":"voyeurzz.com","domain":"voyeurzz.com","tld":"com"},"title":"Yummy Taboo Clips","dom":{"size":84491,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"100dbf71d79b96f424dd4f6d74fac850","sha1":"9ebfb9b089ff7e2a0e09335071218f6d17fc4a1a","sha256":"344ab6350cbf055100dc05d7d9f6bcdaab54112b85befdfb551a94b176ed39c7","sha512":"919c9a62d070fac9ee881b77c59413a466e66c63a1b04f1bc45e824f64895760b6d82a8c0b8d4a047a40c0557877c9ba364f18932a867bb3723f48e72a59a908","ssdeep":"768:q4X+FaFIFgg9FAOl6kgJump4bE684KIQ+EjG:ZOw2ag9yOlRgJump4bX+G","tlshash":"35835d53c383082b57324bd770d45f3ee8d72165aeb2160a2be616f905cdbc9f90e1a6","dom_hash":"domhashcaec916974b0268707c3269fabf96fcc","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"voyeurzz.com/","fqdn":"voyeurzz.com","domain":"voyeurzz.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":0,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-27T06:02:25Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":11}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-11-22","alert":"Content Category / Application Block","trigger":"voyeurzz.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"acscdn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"adexchangeclear.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"usrpubtrk.com","ip":{"addr":"104.21.92.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-16","domain_rank":6824,"first_seen":"2025-06-17T13:34:00.105327Z","last_seen":"2025-11-19T17:18:27.892789Z","alert_count":5,"request_count":1,"received_data":524,"sent_data":483,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"acscdn.com","ip":{"addr":"104.18.16.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-05-05","domain_rank":18769,"first_seen":"2020-05-06T08:07:13Z","last_seen":"2025-11-17T15:31:57.933325Z","alert_count":2,"request_count":2,"received_data":76848,"sent_data":827,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"adexchangeclear.com","ip":{"addr":"172.67.223.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-04-27","domain_rank":24943,"first_seen":"2025-07-16T08:40:02.47428Z","last_seen":"2025-11-17T13:55:56.757999Z","alert_count":2,"request_count":2,"received_data":1254,"sent_data":1316,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"voyeurzz.com","ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"domain_registered":"2021-06-07","domain_rank":680040,"first_seen":"2013-12-29T08:23:29Z","last_seen":"2025-03-18T01:33:45.083746Z","alert_count":28,"request_count":7,"received_data":378450,"sent_data":3088,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"voyeurzz.com/rect.js","fqdn":"voyeurzz.com","domain":"voyeurzz.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e2aad51826436cb683e88f9f4a306c96","sha1":"3eed45ab244a58e8b25f3d35e21f01ae48faa2b1","sha256":"42ced32c042cdbdcac277d27f0465503670145ff1525ec2177b8bc5fb30e453c","sha512":"7de026fef6c9a4578db315f5e71710f64753ce0e6593e9a2faf9399a3def076f40cdad51d088ecf69b156e73322cdc2636275d3bf7543f0c5c7ba21560e2d5e0","ssdeep":"","tlshash":"c901bd9e50d218749eb331b84fff613ca076228758465a03ba0d5e913f7130ec249c88","size":796,"data":"","first_seen":"2025-11-22T06:02:28.161163Z","last_seen":"2025-11-22T06:02:28.161163Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"voyeurzz.com/rums.js","fqdn":"voyeurzz.com","domain":"voyeurzz.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8152432c915271c18e13c9c8e421348f","sha1":"0d602ed659308bca7c3b70867848dc8a2bc097f9","sha256":"91639b0366a8e73ce52bf08854906bff55ee58a6855257fa6bce393ad58f09b3","sha512":"f0940f9af4b15564f638079358d81e1114e6a897cf15308a255b98d8e59223b902e014989f355f6dfe5f95fcffd2c0576fe596c8a004adf6ff032670b6eb525e","ssdeep":"","tlshash":"ba51522564a5502f6237135aaf7ecb9db6327c01714bac39c22d52f13490c53db4ecba","size":2674,"data":"","first_seen":"2025-10-25T19:34:56.329143Z","last_seen":"2026-01-03T12:00:08.420639Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"acscdn.com/script/aclib.js","fqdn":"acscdn.com","domain":"acscdn.com","tld":"com"},"ip":{"addr":"104.18.16.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"74c80f0e297ec657aeae0d3ff655a6d2","sha1":"8845fc9520aa8eb9b3ab86ace1c2b3d0d3d75768","sha256":"58a8317d3ba9a957615f74753799530106474db430487a68da38eaf8ae81b591","sha512":"36006dc66be026ee9670e5d94fd43ad0bf43f311f0f94e11f21cd29d5d7498a9ab4c39d3d81b5eecf39e3dddfe4109f088a6c2f905ed0dbe42ad2df194484460","ssdeep":"1536:GQuSBruwmjbX1LQUSzlgjW64ZVB6G6/O1p5RiVgntTA73Uv9UYg1fUsBoiYf:NuSBrRmjhHjW64YL3Uvs6","tlshash":"0543292632132339b2d4809b7d66a75073315195b946841c72fc4ce6369ffca6a35fbc","size":58910,"data":"","first_seen":"2025-11-13T11:47:07.615154Z","last_seen":"2025-11-24T12:25:37.143619Z","times_seen":174,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"voyeurzz.com/","fqdn":"voyeurzz.com","domain":"voyeurzz.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6c84956f4aa5d6847744a6ba2c43d96f","sha1":"c1214a3f64189b0972c50281a8e6d6ec94ce3c3d","sha256":"4e44f6855e84defb598ce0b690b66d558700646ec68300f645c50996d1d7357e","sha512":"02a2296c7c4c8b338c6c13e1f82e23bf255308857eaefcda1eac65e95b311300cebacbac34478ac03a26ee4402380c6b2d26a89983f404da5c81c337c8170cb4","ssdeep":"","tlshash":"7fa0243f0154441450d1140c047d4f1d00cc11070c403dd5374c411d0f0c0cf073140c","size":82,"data":"","first_seen":"2025-10-16T23:21:33.540096Z","last_seen":"2026-01-02T07:04:01.56738Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"voyeurzz.com/","fqdn":"voyeurzz.com","domain":"voyeurzz.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6c759f96cc7bb305d9a41b348cb042ab","sha1":"2c81c2435e01a35ab1d319496c515cc1dd363d5e","sha256":"82ebd508da7ced8da6bdc16b8813fa1169886b897e4cdc67225c2e412446dba1","sha512":"eb7ddb9e6774e0703115a800656d87d59d9f1008f506b9dda7e5db5f238aef1a36c2b14ca81ff994321219fb6f6070c826916f7499f677cfd4d24be5e9bde017","ssdeep":"","tlshash":"b6d022386626001221e02d21fec30ad274a2f0ec301b008c828d20e88ec40de6f8af61","size":199,"data":"","first_seen":"2025-11-22T06:02:28.197965Z","last_seen":"2025-11-22T06:02:28.197965Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"acscdn.com/script/inpagepush.js","fqdn":"acscdn.com","domain":"acscdn.com","tld":"com"},"ip":{"addr":"104.18.16.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"93bb87f0d4f2de21438e16cbe4889ac0","sha1":"38cd3905a1e6a35553d485d6f79ecf628164612b","sha256":"494bdbc51663f7381d3390c951bf61351f1a5c0adbd129e52984459b57a8852e","sha512":"5e027fd5c2a3f7828e5e94e5a5de72de057470d334d17cdcdb87813661e7e5383e9c8a5a79851f6d808703b37c2e2ab8a0db3d6a3c1c0f2b1336490b4640ec16","ssdeep":"384:oeu7RnyUklMtlAZ9VKNrD9iDuXXY3ja7LuyfSxZywC2KyTsypUxxV4MQon2YXr6N:obMUklMtlAZfKNr5sunWGnmZywC2KyTP","tlshash":"ac72d9762123033539e581dbfc74aa81a6216168b956c42cb1ec8cf6a35fcda3c74f78","size":16292,"data":"","first_seen":"2025-11-14T04:21:34.969848Z","last_seen":"2025-11-24T05:54:03.309371Z","times_seen":38,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"voyeurzz.com/rect.js","fqdn":"voyeurzz.com","domain":"voyeurzz.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://voyeurzz.com/","date":"2025-11-22T06:02:03.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"voyeurzz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Oct 2025 04:57:00 GMT","end":"Sun, 11 Jan 2026 04:56:59 GMT"},"fingerprint":{"sha1":"16:D3:9A:E3:F1:5C:35:17:1F:80:5D:95:AC:12:1C:2A:BB:14:A2:F7","sha256":"8B:74:80:4F:4E:4C:07:4C:E2:5B:CC:6B:0C:09:20:38:21:E5:AE:84:FD:66:8F:A2:7C:98:D1:DC:C5:72:12:64"}}},"request":{"raw":"GET /rect.js HTTP/1.1\r\nHost: voyeurzz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://voyeurzz.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 22 Nov 2025 06:02:03 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 796\r\nlast-modified: Tue, 21 Oct 2025 09:23:52 GMT\r\netag: \"68f75128-31c\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":796,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (375)","md5":"e2aad51826436cb683e88f9f4a306c96","sha1":"3eed45ab244a58e8b25f3d35e21f01ae48faa2b1","sha256":"42ced32c042cdbdcac277d27f0465503670145ff1525ec2177b8bc5fb30e453c","sha512":"7de026fef6c9a4578db315f5e71710f64753ce0e6593e9a2faf9399a3def076f40cdad51d088ecf69b156e73322cdc2636275d3bf7543f0c5c7ba21560e2d5e0","ssdeep":"","tlshash":"c901bd9e50d218749eb331b84fff613ca076228758465a03ba0d5e913f7130ec249c88","first_seen":"2025-11-22T06:02:28.161163Z","last_seen":"2025-11-22T06:02:28.161163Z","times_seen":1,"resource_available":true,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-11-22","alert":"Content Category / Application Block","trigger":"voyeurzz.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"voyeurzz.com/images/vo2.png","fqdn":"voyeurzz.com","domain":"voyeurzz.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://voyeurzz.com/","date":"2025-11-22T06:02:03.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"voyeurzz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Oct 2025 04:57:00 GMT","end":"Sun, 11 Jan 2026 04:56:59 GMT"},"fingerprint":{"sha1":"16:D3:9A:E3:F1:5C:35:17:1F:80:5D:95:AC:12:1C:2A:BB:14:A2:F7","sha256":"8B:74:80:4F:4E:4C:07:4C:E2:5B:CC:6B:0C:09:20:38:21:E5:AE:84:FD:66:8F:A2:7C:98:D1:DC:C5:72:12:64"}}},"request":{"raw":"GET /images/vo2.png HTTP/1.1\r\nHost: voyeurzz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://voyeurzz.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 22 Nov 2025 06:02:03 GMT\r\ncontent-type: image/png\r\ncontent-length: 162338\r\nlast-modified: Thu, 13 Nov 2025 05:46:18 GMT\r\netag: \"691570aa-27a22\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":162338,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 285 x 244, 8-bit/color RGBA, non-interlaced","md5":"5e18fb397ebc9bcd3a54740f74b6ccb0","sha1":"b34330302709e16836ffc41f10837e50ccfc0b6a","sha256":"7170c1e08ba0730980f884030fa7dbff1a1e57d7dbc2f2352a15c76206d8d057","sha512":"6044866e5f937903f22b81f736485e941a7c7eacca36ad329710f79dda1055887d05a2e3e24a920f3b6cf007582c22f741bdf0d3773321c483ae75ff8295ee3d","ssdeep":"3072:bd4uNVwlbLmLSWXcj47VQQRmYgyAw/R6zEQa8EodwQJxtVaXSG:O7FmLRVQQRmXF86zEQxw0VaXSG","tlshash":"fbf312b47ef0e1b69577a86bcc2c469d0f2686a8a50cc8b85f5fd06c8b8375e7d14700","first_seen":"2025-11-22T06:02:28.164484Z","last_seen":"2025-11-22T06:02:28.164484Z","times_seen":1,"resource_available":false,"data":null}},"time_used":446,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":298,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-11-22","alert":"Content Category / Application Block","trigger":"voyeurzz.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"voyeurzz.com/images/dd.gif","fqdn":"voyeurzz.com","domain":"voyeurzz.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://voyeurzz.com/","date":"2025-11-22T06:02:03.391Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"voyeurzz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Oct 2025 04:57:00 GMT","end":"Sun, 11 Jan 2026 04:56:59 GMT"},"fingerprint":{"sha1":"16:D3:9A:E3:F1:5C:35:17:1F:80:5D:95:AC:12:1C:2A:BB:14:A2:F7","sha256":"8B:74:80:4F:4E:4C:07:4C:E2:5B:CC:6B:0C:09:20:38:21:E5:AE:84:FD:66:8F:A2:7C:98:D1:DC:C5:72:12:64"}}},"request":{"raw":"GET /images/dd.gif HTTP/1.1\r\nHost: voyeurzz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://voyeurzz.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 22 Nov 2025 06:02:03 GMT\r\ncontent-type: image/gif\r\ncontent-length: 23143\r\nlast-modified: Sun, 23 Feb 2025 09:37:12 GMT\r\netag: \"67baec48-5a67\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23143,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 224 x 168","md5":"fed31e2cc984fb71a3007097ecfd5da4","sha1":"196c519672f6570d476a83ef86f8140ba7bb5c88","sha256":"2b76d53f982c4e4288ee777e7ae23e3f665b63481cab235de487b903bae099e6","sha512":"6b412fa9f909bac3ba5d0c777e7767a4f9a52dab62b428d0347cd677dd6221ddc370799fddebb20c49f49fa3843a9ee9b76e2f8589cb35015b7f5effbc64f45f","ssdeep":"384:8eWylYYmsT5S90ROEZUgEtd3gEibcaS2DFLvTtDb8Pmb2EsaioToqleECmyDOJWO:8eplhtT20rUzRV0FLxnBS6iwobjmyDfO","tlshash":"e9a2d13fc6824731643919737524561c2254ac224a3eef25bd497ffbeecc85374a4692","first_seen":"2025-11-22T06:02:28.167156Z","last_seen":"2026-02-19T02:56:38.765691Z","times_seen":2,"resource_available":false,"data":null}},"time_used":584,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":438,"receive":146,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-11-22","alert":"Content Category / Application Block","trigger":"voyeurzz.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usrpubtrk.com/ut/hb.php?cb=0.2803768904309316\u0026v=1","fqdn":"usrpubtrk.com","domain":"usrpubtrk.com","tld":"com"},"ip":{"addr":"104.21.92.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://voyeurzz.com/","date":"2025-11-22T06:02:03.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usrpubtrk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 12 Oct 2025 12:29:00 GMT","end":"Sat, 10 Jan 2026 13:27:25 GMT"},"fingerprint":{"sha1":"2D:85:E1:CC:5C:69:E9:00:F0:2A:D7:4D:EC:27:FD:E4:0E:99:3F:1F","sha256":"FF:B8:FC:07:03:69:0B:74:AC:FD:81:98:21:29:56:B1:D8:28:5E:79:5B:0B:DF:E3:6B:94:DB:9F:B8:AF:5B:7F"}}},"request":{"raw":"POST /ut/hb.php?cb=0.2803768904309316\u0026v=1 HTTP/1.1\r\nHost: usrpubtrk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 814\r\nOrigin: https://voyeurzz.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://voyeurzz.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 22 Nov 2025 06:02:03 GMT\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mu7IKqEc8PdpgfvSSCz72wrSnkoJ2vstR7y6eLQbdfAq1da6mKKD0NpIeiulkNspZ8PRNtXsxdDk3k%2FjudU0W%2BpISsAPk3gxUOOE\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a26373d4c23b4fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T03:45:59.439381Z","times_seen":13315505,"resource_available":true,"data":null}},"time_used":224,"timings":{"blocked":41,"dns":20,"connect":3,"send":0,"wait":142,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"voyeurzz.com/rums.js","fqdn":"voyeurzz.com","domain":"voyeurzz.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://voyeurzz.com/","date":"2025-11-22T06:02:03.387Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"voyeurzz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Oct 2025 04:57:00 GMT","end":"Sun, 11 Jan 2026 04:56:59 GMT"},"fingerprint":{"sha1":"16:D3:9A:E3:F1:5C:35:17:1F:80:5D:95:AC:12:1C:2A:BB:14:A2:F7","sha256":"8B:74:80:4F:4E:4C:07:4C:E2:5B:CC:6B:0C:09:20:38:21:E5:AE:84:FD:66:8F:A2:7C:98:D1:DC:C5:72:12:64"}}},"request":{"raw":"GET /rums.js HTTP/1.1\r\nHost: voyeurzz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://voyeurzz.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 22 Nov 2025 06:02:03 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 2674\r\nlast-modified: Tue, 21 Oct 2025 09:55:13 GMT\r\netag: \"68f75881-a72\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2674,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (559)","md5":"8152432c915271c18e13c9c8e421348f","sha1":"0d602ed659308bca7c3b70867848dc8a2bc097f9","sha256":"91639b0366a8e73ce52bf08854906bff55ee58a6855257fa6bce393ad58f09b3","sha512":"f0940f9af4b15564f638079358d81e1114e6a897cf15308a255b98d8e59223b902e014989f355f6dfe5f95fcffd2c0576fe596c8a004adf6ff032670b6eb525e","ssdeep":"","tlshash":"ba51522564a5502f6237135aaf7ecb9db6327c01714bac39c22d52f13490c53db4ecba","first_seen":"2025-10-25T19:34:56.329143Z","last_seen":"2026-01-03T12:00:08.420639Z","times_seen":9,"resource_available":true,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-11-22","alert":"Content Category / Application Block","trigger":"voyeurzz.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"acscdn.com/script/aclib.js","fqdn":"acscdn.com","domain":"acscdn.com","tld":"com"},"ip":{"addr":"104.18.16.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://voyeurzz.com/","date":"2025-11-22T06:02:03.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"acscdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 00:40:27 GMT","end":"Thu, 05 Feb 2026 01:40:22 GMT"},"fingerprint":{"sha1":"76:9A:7C:2F:34:DA:E3:06:23:B8:73:B7:95:32:FC:FF:34:88:AB:1A","sha256":"F0:CF:B6:C8:DE:7A:81:6A:9A:D8:3E:43:29:D0:90:4D:7B:2A:8F:21:F6:9C:91:59:EA:FF:0E:B5:7E:07:E4:91"}}},"request":{"raw":"GET /script/aclib.js HTTP/1.1\r\nHost: acscdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://voyeurzz.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 06:02:03 GMT\r\ncontent-type: text/javascript\r\nx-guploader-uploadid: AOCedOESq5R5VzqCUtQ_cBYUK_5cYjWdOQ9UzGd2uxKvF051_bQkLF6IKNQ7RrJbrAZQebe2Zht_WhDFXElOKQ\r\nexpires: Sat, 22 Nov 2025 07:02:03 GMT\r\ncache-control: public, max-age=3600\r\nlast-modified: Thu, 13 Nov 2025 08:23:40 GMT\r\nx-goog-generation: 1763022220639253\r\nx-goog-metageneration: 2\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 58910\r\nx-goog-hash: crc32c=IyuIHQ==, md5=dMgPDil+xleurg0/9lWm0g==\r\nx-goog-storage-class: MULTI_REGIONAL\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nvary: accept-encoding\r\nage: 1503\r\ncf-cache-status: HIT\r\netag: W/\"74c80f0e297ec657aeae0d3ff655a6d2\"\r\ncontent-encoding: gzip\r\ncf-ray: 9a26373b6800b51d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":58910,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (58909)","md5":"74c80f0e297ec657aeae0d3ff655a6d2","sha1":"8845fc9520aa8eb9b3ab86ace1c2b3d0d3d75768","sha256":"58a8317d3ba9a957615f74753799530106474db430487a68da38eaf8ae81b591","sha512":"36006dc66be026ee9670e5d94fd43ad0bf43f311f0f94e11f21cd29d5d7498a9ab4c39d3d81b5eecf39e3dddfe4109f088a6c2f905ed0dbe42ad2df194484460","ssdeep":"1536:GQuSBruwmjbX1LQUSzlgjW64ZVB6G6/O1p5RiVgntTA73Uv9UYg1fUsBoiYf:NuSBrRmjhHjW64YL3Uvs6","tlshash":"0543292632132339b2d4809b7d66a75073315195b946841c72fc4ce6369ffca6a35fbc","first_seen":"2025-11-13T11:47:07.615154Z","last_seen":"2025-11-24T12:25:37.143619Z","times_seen":174,"resource_available":true,"data":null}},"time_used":77,"timings":{"blocked":31,"dns":21,"connect":1,"send":0,"wait":7,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"acscdn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"voyeurzz.com/images/vo4.png","fqdn":"voyeurzz.com","domain":"voyeurzz.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://voyeurzz.com/","date":"2025-11-22T06:02:03.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"voyeurzz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Oct 2025 04:57:00 GMT","end":"Sun, 11 Jan 2026 04:56:59 GMT"},"fingerprint":{"sha1":"16:D3:9A:E3:F1:5C:35:17:1F:80:5D:95:AC:12:1C:2A:BB:14:A2:F7","sha256":"8B:74:80:4F:4E:4C:07:4C:E2:5B:CC:6B:0C:09:20:38:21:E5:AE:84:FD:66:8F:A2:7C:98:D1:DC:C5:72:12:64"}}},"request":{"raw":"GET /images/vo4.png HTTP/1.1\r\nHost: voyeurzz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://voyeurzz.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 22 Nov 2025 06:02:03 GMT\r\ncontent-type: image/png\r\ncontent-length: 99276\r\nlast-modified: Thu, 13 Nov 2025 05:46:20 GMT\r\netag: \"691570ac-183cc\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":99276,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 244 x 193, 8-bit/color RGBA, non-interlaced","md5":"292dbe39c2ba453e3dce321529656cc0","sha1":"a699e388499bf02f7b35e577a92bd3c580ad8693","sha256":"12d41a70748e68e44f13f2caced340d01823cef4d4457d1254f01866467e23bd","sha512":"e2cf2e72700d3f4bb7634815944faa1b9088a611adad258952c1cf502fba6bd7fb7bc90f119bfaf1de59a6358346b74395dd0e08cef9e381148558f43d20823d","ssdeep":"3072:Uhf3hdBuAqv8xfmT6efHxDdGOoU0uQC6Z2yXHb8soLv:u52Aqv8xfmT66HxDecj6Zb4Xv","tlshash":"e6a3125294f9e86521fd44a70ffe9c52fe56d6908c021fb2b16737c3618240a4eae2e9","first_seen":"2025-11-22T06:02:28.177808Z","last_seen":"2025-11-22T06:02:28.177808Z","times_seen":1,"resource_available":false,"data":null}},"time_used":589,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":438,"receive":151,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-11-22","alert":"Content Category / Application Block","trigger":"voyeurzz.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"acscdn.com/script/inpagepush.js","fqdn":"acscdn.com","domain":"acscdn.com","tld":"com"},"ip":{"addr":"104.18.16.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://voyeurzz.com/","date":"2025-11-22T06:02:03.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"acscdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 00:40:27 GMT","end":"Thu, 05 Feb 2026 01:40:22 GMT"},"fingerprint":{"sha1":"76:9A:7C:2F:34:DA:E3:06:23:B8:73:B7:95:32:FC:FF:34:88:AB:1A","sha256":"F0:CF:B6:C8:DE:7A:81:6A:9A:D8:3E:43:29:D0:90:4D:7B:2A:8F:21:F6:9C:91:59:EA:FF:0E:B5:7E:07:E4:91"}}},"request":{"raw":"GET /script/inpagepush.js HTTP/1.1\r\nHost: acscdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://voyeurzz.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 22 Nov 2025 06:02:03 GMT\r\ncontent-type: text/javascript\r\nx-guploader-uploadid: AOCedOF0maZNCIBqTpNfp7XVJM50AlbWdOqtN2yOj_BjfA1xqVBSEhB1E25Tj331VrGMQs7Tin4txq8\r\nx-goog-generation: 1763022355535507\r\nx-goog-metageneration: 2\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 16292\r\nx-goog-hash: crc32c=XyVsvA==, md5=k7uH8NTy3iFDjhbL5IiawA==\r\nx-goog-storage-class: MULTI_REGIONAL\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\nexpires: Sat, 22 Nov 2025 07:02:03 GMT\r\ncache-control: public, max-age=3600\r\nlast-modified: Thu, 13 Nov 2025 08:25:55 GMT\r\nvary: accept-encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i=?0\r\nage: 2472\r\ncf-cache-status: HIT\r\netag: W/\"93bb87f0d4f2de21438e16cbe4889ac0\"\r\ncontent-encoding: gzip\r\ncf-ray: 9a26373c38c2b4f1-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16292,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (16291)","md5":"93bb87f0d4f2de21438e16cbe4889ac0","sha1":"38cd3905a1e6a35553d485d6f79ecf628164612b","sha256":"494bdbc51663f7381d3390c951bf61351f1a5c0adbd129e52984459b57a8852e","sha512":"5e027fd5c2a3f7828e5e94e5a5de72de057470d334d17cdcdb87813661e7e5383e9c8a5a79851f6d808703b37c2e2ab8a0db3d6a3c1c0f2b1336490b4640ec16","ssdeep":"384:oeu7RnyUklMtlAZ9VKNrD9iDuXXY3ja7LuyfSxZywC2KyTsypUxxV4MQon2YXr6N:obMUklMtlAZfKNr5sunWGnmZywC2KyTP","tlshash":"ac72d9762123033539e581dbfc74aa81a6216168b956c42cb1ec8cf6a35fcda3c74f78","first_seen":"2025-11-14T04:21:34.969848Z","last_seen":"2025-11-24T05:54:03.309371Z","times_seen":38,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"acscdn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"adexchangeclear.com/script/push.php?r=10445558\u0026ipp=1\u0026mads=2\u0026position=top\u0026srs=37da1e8f071fdb4491182ee9a891bade\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026cbpage=https%3A%2F%2Fvoyeurzz.com%2F\u0026atv=71.2\u0026cbref=","fqdn":"adexchangeclear.com","domain":"adexchangeclear.com","tld":"com"},"ip":{"addr":"172.67.223.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://voyeurzz.com/","date":"2025-11-22T06:02:03.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adexchangeclear.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Oct 2025 20:14:35 GMT","end":"Tue, 06 Jan 2026 21:12:18 GMT"},"fingerprint":{"sha1":"7C:B6:62:0F:43:12:2D:86:DD:92:D1:44:95:36:24:C7:2F:BA:B0:B6","sha256":"06:21:18:21:3A:A8:90:A4:4D:D0:A6:7B:7B:C8:4A:3B:31:47:C3:5D:48:A5:94:AC:08:75:A0:A1:DF:D6:B9:3C"}}},"request":{"raw":"GET /script/push.php?r=10445558\u0026ipp=1\u0026mads=2\u0026position=top\u0026srs=37da1e8f071fdb4491182ee9a891bade\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026cbpage=https%3A%2F%2Fvoyeurzz.com%2F\u0026atv=71.2\u0026cbref= HTTP/1.1\r\nHost: adexchangeclear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://voyeurzz.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://voyeurzz.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 22 Nov 2025 06:02:03 GMT\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Content-Type\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x2V2XRwHjolYRGP3ib3PLk3Ysim8dC9aaWkkbeGMb6R8i3ma%2BE6FI43%2FrPOFaV0UwFIoAnxgktiJbqGR6m0Z7QC0HlQ9cEntam1Va1k10Y5E\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a26373d194c568e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T03:45:59.439381Z","times_seen":13315505,"resource_available":true,"data":null}},"time_used":275,"timings":{"blocked":58,"dns":34,"connect":3,"send":0,"wait":159,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"adexchangeclear.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"voyeurzz.com/favicon.ico","fqdn":"voyeurzz.com","domain":"voyeurzz.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://voyeurzz.com/","date":"2025-11-22T06:02:03.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"voyeurzz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Oct 2025 04:57:00 GMT","end":"Sun, 11 Jan 2026 04:56:59 GMT"},"fingerprint":{"sha1":"16:D3:9A:E3:F1:5C:35:17:1F:80:5D:95:AC:12:1C:2A:BB:14:A2:F7","sha256":"8B:74:80:4F:4E:4C:07:4C:E2:5B:CC:6B:0C:09:20:38:21:E5:AE:84:FD:66:8F:A2:7C:98:D1:DC:C5:72:12:64"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: voyeurzz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://voyeurzz.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: 15c45=bm9yZWZ8fHwxfDB8MHxub25lfDA6; 15c45b=1763791323\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 22 Nov 2025 06:02:04 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 22 Jul 2025 04:31:24 GMT\r\netag: W/\"b52-63a7d109f0c32\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2898,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (634)","md5":"f01ba522c3539135df33250082846848","sha1":"af31de06cf3d07cf83f104af8755b0cc5222ffc6","sha256":"2e8deb28946a6b41ccb927eaa43bbaa78ea82cef39a40638f2e5afa8e90e73ca","sha512":"5ca1b1d3c6f8e1948574a743bd6f58d9f430f9a576c9e656958dda81546a6b0baf0c02ff1b084640351a2bc44ba644e0f671aef0e2ff30981feec2af47764ee6","ssdeep":"","tlshash":"08515194c71c649fd35e24e6293e22c0282f8cb669a3ce7bbc77b174d6c800c87395a5","first_seen":"2025-04-07T04:58:47.339843Z","last_seen":"2026-04-04T01:52:25.0368Z","times_seen":5578,"resource_available":true,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-11-22","alert":"Content Category / Application Block","trigger":"voyeurzz.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"adexchangeclear.com/script/push.php?r=10445558\u0026ipp=1\u0026mads=2\u0026position=top\u0026rbd=1\u0026srs=37da1e8f071fdb4491182ee9a891bade\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026cbpage=https%3A%2F%2Fvoyeurzz.com%2F\u0026atv=71.2\u0026cbref=","fqdn":"adexchangeclear.com","domain":"adexchangeclear.com","tld":"com"},"ip":{"addr":"172.67.223.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://voyeurzz.com/","date":"2025-11-22T06:02:13.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adexchangeclear.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Oct 2025 20:14:35 GMT","end":"Tue, 06 Jan 2026 21:12:18 GMT"},"fingerprint":{"sha1":"7C:B6:62:0F:43:12:2D:86:DD:92:D1:44:95:36:24:C7:2F:BA:B0:B6","sha256":"06:21:18:21:3A:A8:90:A4:4D:D0:A6:7B:7B:C8:4A:3B:31:47:C3:5D:48:A5:94:AC:08:75:A0:A1:DF:D6:B9:3C"}}},"request":{"raw":"GET /script/push.php?r=10445558\u0026ipp=1\u0026mads=2\u0026position=top\u0026rbd=1\u0026srs=37da1e8f071fdb4491182ee9a891bade\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026cbpage=https%3A%2F%2Fvoyeurzz.com%2F\u0026atv=71.2\u0026cbref= HTTP/1.1\r\nHost: adexchangeclear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://voyeurzz.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://voyeurzz.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 22 Nov 2025 06:02:14 GMT\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vz99QdcZD35C1JrD0ukTc0v09%2FzSwI4QGPWuDkzYo3lobYphOhXS7Zf3PDBULnaRWfVEmYNW38QWEwNji446VAX%2B0Wn%2FqjUG6slwPweDg37T\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a26377ca8eb568e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T03:45:59.439381Z","times_seen":13315505,"resource_available":true,"data":null}},"time_used":160,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":158,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-21","alert":"Sinkholed","trigger":"adexchangeclear.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"voyeurzz.com/","fqdn":"voyeurzz.com","domain":"voyeurzz.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-22T06:02:02.587Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"voyeurzz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Oct 2025 04:57:00 GMT","end":"Sun, 11 Jan 2026 04:56:59 GMT"},"fingerprint":{"sha1":"16:D3:9A:E3:F1:5C:35:17:1F:80:5D:95:AC:12:1C:2A:BB:14:A2:F7","sha256":"8B:74:80:4F:4E:4C:07:4C:E2:5B:CC:6B:0C:09:20:38:21:E5:AE:84:FD:66:8F:A2:7C:98:D1:DC:C5:72:12:64"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: voyeurzz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 22 Nov 2025 06:02:03 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 8339\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85305,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"d8e36a0674ae8a492e0c003b9452149e","sha1":"caf5eb25d6b69eb25702da7e7b774c6f933a8a5c","sha256":"1823be65bce56d81fec1f39df7636ce1a680c0bfc25486b6f55c6f4e5ced2787","sha512":"b2e676b2633563e95b7780133f43fa6f2200f085a61c12a660c8bbb31fe8f0149ab43bbc61515242fef0c863189ae07c41c162f7accd397811dd7bf581a74805","ssdeep":"768:Y4X+FaFIFgg9FAOawvaUUhmExeL2ysK0m6kEVG:nOw2ag9yOawv/UhmExeLDiG","tlshash":"74834a53d2c7043b5a7257e360d4af2e68cb24759da326056beb0be702ccbd4f50e296","first_seen":"2025-11-22T06:02:28.189386Z","last_seen":"2025-11-22T06:02:28.189386Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1050,"timings":{"blocked":444,"dns":133,"connect":147,"send":0,"wait":160,"receive":1,"ssl":162},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-11-22","alert":"Content Category / Application Block","trigger":"voyeurzz.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"voyeurzz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}