{"report_id":"ecafe11f-81c4-4d3c-a037-a794812742fe","version":6,"status":"done","tags":[],"date":"2025-10-12T13:56:17Z","url":{"schema":"http","addr":"otakustream.unblocked.surf/","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"172.67.206.207","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"otakustream.unblocked.surf/","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"title":"OtakuStream - Watch Anime Online English Subbed HD"},"submit":{"url":{"schema":"http","addr":"otakustream.unblocked.surf/","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"172.67.206.207","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-16T13:56:17Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":31}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"otakustream.unblocked.surf","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"amt3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"origunix.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"vmuid.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"piraproxy.biz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"heartilyscales.com","ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2022-12-16","domain_rank":2862533,"first_seen":"2022-12-16T08:32:11Z","last_seen":"2025-10-06T06:02:25.385158Z","alert_count":30,"request_count":10,"received_data":173224,"sent_data":10094,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"amt3.com","ip":{"addr":"139.45.195.9","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2004-03-18","domain_rank":8122,"first_seen":"2025-04-23T17:00:21.322227Z","last_seen":"2025-10-08T08:00:52.631212Z","alert_count":1,"request_count":1,"received_data":841,"sent_data":616,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"origunix.com","ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2021-11-30","domain_rank":343993,"first_seen":"2021-11-30T12:40:27Z","last_seen":"2025-10-07T06:39:07.099643Z","alert_count":1,"request_count":1,"received_data":64541,"sent_data":459,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"professionaltrafficmonitor.com","ip":{"addr":"3.125.105.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-01-23","domain_rank":16376,"first_seen":"2025-01-25T08:56:07.448138Z","last_seen":"2025-10-05T22:31:22.752325Z","alert_count":0,"request_count":4,"received_data":1740,"sent_data":1900,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.show-sb.com","ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-20","domain_rank":187612,"first_seen":"2024-08-31T03:46:04Z","last_seen":"2025-10-06T03:54:26.655571Z","alert_count":3,"request_count":3,"received_data":5691,"sent_data":1538,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"directlycascade.com","ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2025-09-10","domain_rank":0,"first_seen":"2025-09-10T21:14:18.585097Z","last_seen":"2025-10-06T06:02:25.524581Z","alert_count":12,"request_count":6,"received_data":186473,"sent_data":5751,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"matomo.hellohi.me","ip":{"addr":"172.67.219.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-07-03","domain_rank":0,"first_seen":"2019-07-03T20:13:04Z","last_seen":"2025-10-06T06:02:25.443767Z","alert_count":0,"request_count":1,"received_data":610,"sent_data":426,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"bvtpk.com","ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-03-16","domain_rank":37068,"first_seen":"2025-05-21T11:34:02.786268Z","last_seen":"2025-10-07T14:59:13.045889Z","alert_count":0,"request_count":1,"received_data":111117,"sent_data":419,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"creative-sb1.com","ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-01","domain_rank":22211,"first_seen":"2025-08-08T09:32:32.509707Z","last_seen":"2025-10-06T03:04:51.602393Z","alert_count":32,"request_count":16,"received_data":679124,"sent_data":7522,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"skinnycrawlinglax.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":38609,"first_seen":"2025-07-09T22:28:05.771371Z","last_seen":"2025-10-06T03:40:54.177944Z","alert_count":33,"request_count":11,"received_data":12339,"sent_data":6237,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"otakustream.unblocked.surf","ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-04-04","domain_rank":0,"first_seen":"2025-10-12T13:56:19.535864Z","last_seen":"2025-10-12T13:56:19.535864Z","alert_count":21,"request_count":21,"received_data":978274,"sent_data":11794,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.storageimagedisplay.com","ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2024-09-13","domain_rank":170153,"first_seen":"2024-09-13T12:56:32Z","last_seen":"2025-10-05T22:31:22.777678Z","alert_count":0,"request_count":2,"received_data":141794,"sent_data":922,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-10-05T22:12:06.373682Z","alert_count":0,"request_count":2,"received_data":44018,"sent_data":933,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"flushpersist.com","ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-07-01","domain_rank":23810,"first_seen":"2025-07-08T10:43:12.76905Z","last_seen":"2025-10-08T01:17:43.238436Z","alert_count":9,"request_count":3,"received_data":1590,"sent_data":2334,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2025-10-08T11:21:31.763121Z","alert_count":3,"request_count":1,"received_data":377,"sent_data":429,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"piraproxy.biz","ip":{"addr":"104.21.56.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-02-15","domain_rank":459228,"first_seen":"2021-02-16T01:12:51Z","last_seen":"2025-10-08T02:24:38.429463Z","alert_count":1,"request_count":1,"received_data":2093,"sent_data":434,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"torchfriendlypay.com","ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":191479,"first_seen":"2025-07-30T13:31:49.539518Z","last_seen":"2025-10-06T01:09:45.371726Z","alert_count":6,"request_count":2,"received_data":7657,"sent_data":976,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-10-05T22:12:07.524768Z","alert_count":0,"request_count":10,"received_data":376162,"sent_data":5677,"comment":"","tags":null,"fingerprints":null},{"fqdn":"vmuid.com","ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2018-10-22","domain_rank":182910,"first_seen":"2019-07-09T14:53:12Z","last_seen":"2025-10-07T06:39:08.001009Z","alert_count":2,"request_count":2,"received_data":11214,"sent_data":1052,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2025-10-06T00:34:29.689436Z","alert_count":0,"request_count":1,"received_data":849,"sent_data":459,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-10-08T05:41:48.061731Z","alert_count":12,"request_count":4,"received_data":343852,"sent_data":1696,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"msdoj.com","ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2025-07-01","domain_rank":211684,"first_seen":"2025-07-02T02:58:17.140394Z","last_seen":"2025-10-06T04:48:09.512585Z","alert_count":0,"request_count":2,"received_data":64929,"sent_data":993,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"kettledroopingcontinuation.com","ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-09-01","domain_rank":196057,"first_seen":"2025-07-30T15:18:19.355595Z","last_seen":"2025-10-05T22:48:12.397812Z","alert_count":6,"request_count":2,"received_data":14228,"sent_data":948,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"directlycascade.com/22/00/54/2200540f09f939738419313a1a090c32.js","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ddae1e036317181560bbc28419575b6","sha1":"4186cb9a8207fb7c20612d963a16fe2eb3ffc5f8","sha256":"a4200a9f1a412569a7bbffd6f14247673d53ab95ade56bac2221626269c51c9e","sha512":"07b49fa070e97b330873e5dd1ab565a4b4c229835eb04975d000ecd1c8009134d5874d20553a982f13f47db17ca69421243419fdbcc2b6e159f5f043dafd7ec8","ssdeep":"1536:cY+Z/qOJv+PThsgBLPkpzNluQTFDeBsbZum+iQ1G5SmqA0oFHXgG3D7HROgXP:cY+3gBL2lj5qBsbZuQEG5SbA0eXgG3DH","tlshash":"f7a3b8887f80f05f42b7607a623fb10bf19a4d41d59ce95ce163eca12e7831bd53aa64","size":98372,"data":"","first_seen":"2025-10-11T00:19:44.693666Z","last_seen":"2025-10-12T13:56:27.912947Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","size":6293,"data":"","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","size":6293,"data":"","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce965313d83639f794092022d57b1739","sha1":"916b1cb1d306ade0695c61beb215484e3dafd697","sha256":"b525812062879c81f39fb11ff3419280cf89f34b5a5998de2f3b5a1e699f2635","sha512":"65baeaa525585cc53925e800e2762a3ec1bde83c350c8c595f019c6de32bd49567a50ca24230712f1635db73089bd0cb6d39a3139541b4367a86aa2ada28e1d1","ssdeep":"1536:ic4Bys1/N5gpvcZFr378CgGJWH1EaTmj2wK/Y:gmvcLkGJWH1ECmaG","tlshash":"7473d9883f96b0a403a2b4b3252fd50ee13a4d52658cf4d8da1794d8ed6cf1bfa39914","size":76546,"data":"","first_seen":"2025-10-08T14:56:19.02822Z","last_seen":"2025-10-12T17:53:19.128317Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8","fqdn":"origunix.com","domain":"origunix.com","tld":"com"},"ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"34117b158ca852d4ab2edcfa01854ac8","sha1":"d8ffd66ea1d02c229f1fd7cae1842d739f3832e0","sha256":"11a84af9f839e2b057f936f3195ba5384f8521e57c77acc201304dbf362e1f0e","sha512":"9e22988221a73939cc1873ee9771fc672c8008787c69636d7f77615548bd4ef57cd9f9cef29e10750de4f210206ffa5e225d042e69707d934a2bd7729f4617ef","ssdeep":"768:hCflSCRC850RCX+4D+R8WyX+86wA6C8CflJu4sTJ+zaXeXgtA9zk4sTJ+HXJpZ61:qvV50gPowAzJfTq3F","tlshash":"ab53d698b5d2f1a102c370b8543f6106b2366929248dc098f7b5ded5ad78d6ea633f3c","size":64136,"data":"","first_seen":"2025-10-12T13:56:27.826785Z","last_seen":"2025-10-12T13:56:27.826785Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7486968f2724a1a1cebcc7c3a9de098d","sha1":"1ee1b5e608e35e62d487cf17cbd283b4c77b3523","sha256":"d398f1bbbb7e7ae1e3146fb29deee5e033c16d830489c681aba759bbcbd22daf","sha512":"44e95521d3a1a965b3d2914aa408d7ce000cff37ad3deac3db63c6dfe2b80fc01a446df1696741ff7eaf0bc03a9f4b9c731358ae391a8a6b673ac78ad18c0019","ssdeep":"192:lUriAbHANQgVSNRaaWrcqYewkxaS51jNKo6CrAfAeAiPL:ATgVQqcPs17roADiT","tlshash":"c022e9cfaf0eb46c42f02da5205b35de9859cebda03e4c1e893099f97d21a49704ed9d","size":9964,"data":"","first_seen":"2025-10-10T13:00:40.89127Z","last_seen":"2025-10-22T10:36:24.019585Z","times_seen":660,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6c87711a5d2974cd9ee1f91fdf13c865","sha1":"f8ed5f464bf5e473cf28b326f462df2ee5698b70","sha256":"d3f84084e3f7c148c636dc35fe87fc64580db8a3fafdf07ebf6174fa089d2398","sha512":"8da04dcbdb746b2810bee89cd945e4d09a0fa7838ab960b05d5227aadd59759d76a7385f83a58abde5ee52665e4f735e554651b2dda1e70ada87ede0cd3a3be1","ssdeep":"1536:I8zmHlk4JQ9aO4kD9VaZ06GUqo54Az0SBYQ4+DIVV3BWw:jzsJkaO44I06GUb0S6z3xWw","tlshash":"96b33bc6226a241612bf8034445bed0eb5aecd8104cdcdb8e1e5b8662d78b16d3f7fd9","size":109923,"data":"","first_seen":"2025-10-08T09:14:17.976464Z","last_seen":"2025-10-12T16:00:36.826808Z","times_seen":68,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/other/adzilla/big/2/js/jquery-3.2.1.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e59a2e92b4756cc61e2e4f3082ee1360","sha1":"c96d002f642bd85adf1e5326bcc0679f9c3ee001","sha256":"42173a3ca70c715370ce99071f892ad61d3fee33dbf15426fa7eee549a4afca2","sha512":"94ab9f4e87fa268a76679ac3484952b84332bb01efb3bda37ec883310eea2536c7b5b50370553571d57beed05179749ba0bef6d53306896f2018ebd037c682a7","ssdeep":"1536:hLkR/QpfICJ5vJBQT6bTGw9S5HY6wm482+a02Yo+eKcGbp7E0bJy+jhklK4dy8Nj:hLkRNV48Ba02YowbCuyMSxtZxc9MuCx","tlshash":"8ac3518976e621319207f07a8d6fcc09b275544f1a8ded057d4c82a5af1883c97bafec","size":129575,"data":"","first_seen":"2023-03-08T15:21:31Z","last_seen":"2026-04-26T20:38:46.585169Z","times_seen":2094,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c77f61f494d753fdd27ca2a5c85e02ca","sha1":"27a4439eec99d4d77097e07df13368faa4788f95","sha256":"fbef82aa2dafe628305be70ad2dd9561b17a52c0fd4612b4ca016e8524e514d6","sha512":"9f0d4f39741fce941cc7cc33eba77eaa04e899761d74707d965f9ce80a363f187ee48ff09cb7080585c15962964c7e057bbbdf952fd7c7bd39812e90781a14a4","ssdeep":"","tlshash":"1cf026ba3dd060348559f1f4f15fab18b475a4146001680d88cdc4c8b8d0f9d4f7d99c","size":551,"data":"","first_seen":"2023-03-07T12:40:02Z","last_seen":"2026-04-26T20:38:47.18905Z","times_seen":738,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"6751d07d6345c114ac5682f5b79fcc49","sha1":"e8831053bbb733a7916241b63de7a4b880df821d","sha256":"1f3c86a87513aa4a4de1491eccfce5e02db906b2851ecfe30827c5371a18a027","sha512":"d4338809cdcb09e265e7d128394fba0a1b75cf281e62808c526b05b58a8f9a7e8102bbeddef4927d74042c43babfc5c75ef4a3c64c9ac3e383a60715a19e8805","ssdeep":"1536:ic4Bys1/N5gpvcZFr378CgGJWH1EaTmj2wqOk:gmvcLkGJWH1ECma/","tlshash":"0a73d9883f96b0a403a2b4b3252fd50ee13a4d52658cf4d8db1794d8ed6cf1bfa39914","size":76520,"data":"","first_seen":"2025-10-08T08:36:23.096286Z","last_seen":"2025-10-12T13:56:27.885458Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8ec4ea2cc07fb4298dd793cbc67d3755","sha1":"04c34c92ef5baad58af7c56b728d4a84c55f7185","sha256":"9a0e8ee9789c9f554b318f332bf0d2c61f85cdcf33afc1228b6f94181f841b1d","sha512":"30304737e90f692141d3d9d94011b08bd5605aa54d85f9808fb80fb3fae2b0c1d8151784f56ab2bbd89729e5cbc7aef8f6f3b00acae27ae268a8718a5d3ceba0","ssdeep":"","tlshash":"e1f0dc20a9ce2dff820650ba9c78cd0a71a7381ec1f0c0070e00d83563b1fc909582c8","size":449,"data":"","first_seen":"2023-03-07T12:40:02Z","last_seen":"2026-04-26T20:38:47.199208Z","times_seen":2033,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8","fqdn":"vmuid.com","domain":"vmuid.com","tld":"com"},"ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"dedd352338543b137f608adc8d0d4aa8","sha1":"100edb4e8fef9b6da043d51135077e68d2a61b22","sha256":"b338a91ba1d2ab7c3a7a0dd659426f5ffa4cd699be38e2bed5075c4d3e773a48","sha512":"e2fab4d95d5baa013a7c248945156524478341282dcffc462fb2de318f55ba29dcafba0db3abcfb6399c6164f6f630f06d48a7323b73f8ea05d5978cd60a4c5c","ssdeep":"192:ATn+ip4qxJ/gzuvu3fo8idwqnOqgStYc1qRP44+PHlCXXZE7904AxF:YbRJYz3oe+3tYGGx+NGXZCAn","tlshash":"2b22b5c9b2d2f06443d77161942f2007f23b2869b54dc498eb66e8d3bcb045ea227f79","size":10178,"data":"","first_seen":"2024-01-26T05:18:07Z","last_seen":"2025-12-29T12:17:25.567723Z","times_seen":3656,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ddb38cec2a3e44027f210856f6c3ab06","sha1":"8dcbb5f9a59c7d2c12441b2d46e47194281e3fd7","sha256":"145bcde519f7316cb23a753d5147be17044a81c66d3e2062610f49738914a969","sha512":"bbf3d3201d294b0a4ac92e1619eaed9bd6764a0da32712ff7dc7837d043795c4704108ca013e794ec4a536facba30be2dfd6a0872d20d5708a2d6c8e2f9f516d","ssdeep":"","tlshash":"ebc022b564a490300424009a707beaa83c31318874926080c48d781ca924fd30452ca8","size":187,"data":"","first_seen":"2025-09-24T02:22:33.853601Z","last_seen":"2025-11-12T14:46:36.801298Z","times_seen":271,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d6b79432d86245e27d21126e9291c5a0","sha1":"b378b474e62c087941df8c3e8e5c74052d29c1fb","sha256":"c1615fb2a5d0868213ab251add718d15c01fab10c6ae3bfb235f0b28d41a1296","sha512":"0040b54bf36bf9e873a06d28df94ac1af60281ee87a560f1cbdb6fea8fc1a755ad3fc6f07bddf6224ca3a16e51d092804c920b39c99139afa8258c5f71c0ecc3","ssdeep":"","tlshash":"c611c0753e2a5534d6d5818b31bee7a93e3260617e06e084c36ccc295d18e9714efcbe","size":902,"data":"","first_seen":"2025-10-12T13:56:28.028701Z","last_seen":"2025-10-12T13:56:28.028701Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","size":6293,"data":"","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"c91c326e464d432e5dc132a524eeaccf","sha1":"03aae2e36c38794d29664ff1aea6303e9dc04076","sha256":"cc8792ec6e27e2a2920435d52a6c9b66943fd95069c5ecec18adfbb663d705cf","sha512":"755aa072c94f91142f91391b996b1f2db0694a340ba965c590539f11cdcdcdc4cbba898a105f1c1e4eea83692172d3b6602b1c7ef9841f916087d01bb564494b","ssdeep":"","tlshash":"26f0f924576743ad8f5bd1e56a4f0fef1531080bd05b099d3118d3875ee076a22c4636","size":612,"data":"","first_seen":"2025-10-08T01:29:27.968594Z","last_seen":"2026-04-26T20:38:47.204181Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"c37fc71c4910746e4dc1086d1504eec8","sha1":"14565ad25baee00fbfcdfb04cdaca8146cf8eef9","sha256":"86abf24db0f0710bdb2bdd82e5675a1fc444148707510005492b33cd4820068e","sha512":"759a316f29f039ce53e4c8568c95891d7d9a98ba2ece51028719a59275412bd04d8fa20c0802b8a52cebcba9050c2b813233692814eb14dbcc775e0efc59d24e","ssdeep":"","tlshash":"44217b3b9898c3b12243f157e126738cdb31005dfa191707330d0ae91eda36a26f99d9","size":1276,"data":"","first_seen":"2025-06-22T22:52:25.7742Z","last_seen":"2026-01-05T22:39:08.072676Z","times_seen":421,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"a6651c0f4c8c66b6caf8271719e1d5e2","sha1":"d6b88ff7e7e98179864b743df8079e5a30520e27","sha256":"bdd32a886380243adc01f199f6fae93484be5f7b5d369bf60c3ed98789593ce0","sha512":"f1dc871230cfcdedb9045affff57575a9842d6590b6ec152adb44fdba55f89c1b3fa8dc9ad58843ceaa6ec11d3c6c0d2eab67750de588e1767fc30c24956a54c","ssdeep":"1536:ic4Bys1/N5gpvcZFr372CvGJWH1EaTmj2wq/j:gmvcLhGJWH1ECmaj","tlshash":"5873d9883f96b0a403a2b4b3261fd50ee53a4d52648cf4dcda1794d8ed6cf1bfa39914","size":76558,"data":"","first_seen":"2025-10-08T10:28:20.528257Z","last_seen":"2025-10-12T13:56:27.863313Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"a0dea1b2ccd3c67809699ea305e7779c","sha1":"f16663ad6337eb8991a92003a5fe7507ad568acd","sha256":"1370eb6637eba45143250c23fe351ee52a03a9039ff08b26ae5462574ccae575","sha512":"9be55e90d55bdfa24b4b8f7f2e37fd32c4e5e904aaf5886ce6e49787f174ac0d714b7633c1ec70fc4ad351af34165f43ecc8b54730db0543dff30ac8c076ada3","ssdeep":"","tlshash":"31d023a52c75843171d9424650f5d39c276024907f15e540c2c9cc1f6f12ed348b355c","size":217,"data":"","first_seen":"2025-10-12T13:56:28.04897Z","last_seen":"2025-10-12T13:56:28.04897Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","size":6293,"data":"","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4a356126b9573eb7bd1e9a7494737410","sha1":"8258d046f17dd3c15a5d3984e1868b7b5d1db329","sha256":"22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5","sha512":"005c3102459dbf145df6a858629d6a6de4598fafe24cd989d86170731b0c3b3c304da470cf66bfd935f6db911b723df0857b5ed561906f7f1c5c4e63ed9430de","ssdeep":"1536:/P10iSi65U/dXXeyhzeBuG+HYE0mdkuJO1z6Oy4sh3J1A72BjmN7TwpDKba98HrZ:++414Jiz6fh6lTqya98HrZ","tlshash":"dc83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","size":84380,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-27T15:32:25.265227Z","times_seen":16942,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4a356126b9573eb7bd1e9a7494737410","sha1":"8258d046f17dd3c15a5d3984e1868b7b5d1db329","sha256":"22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5","sha512":"005c3102459dbf145df6a858629d6a6de4598fafe24cd989d86170731b0c3b3c304da470cf66bfd935f6db911b723df0857b5ed561906f7f1c5c4e63ed9430de","ssdeep":"1536:/P10iSi65U/dXXeyhzeBuG+HYE0mdkuJO1z6Oy4sh3J1A72BjmN7TwpDKba98HrZ:++414Jiz6fh6lTqya98HrZ","tlshash":"dc83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","size":84380,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-27T15:32:25.265227Z","times_seen":16942,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"c37fc71c4910746e4dc1086d1504eec8","sha1":"14565ad25baee00fbfcdfb04cdaca8146cf8eef9","sha256":"86abf24db0f0710bdb2bdd82e5675a1fc444148707510005492b33cd4820068e","sha512":"759a316f29f039ce53e4c8568c95891d7d9a98ba2ece51028719a59275412bd04d8fa20c0802b8a52cebcba9050c2b813233692814eb14dbcc775e0efc59d24e","ssdeep":"","tlshash":"44217b3b9898c3b12243f157e126738cdb31005dfa191707330d0ae91eda36a26f99d9","size":1276,"data":"","first_seen":"2025-06-22T22:52:25.7742Z","last_seen":"2026-01-05T22:39:08.072676Z","times_seen":421,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/app/apx19.js","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2344c3f05f624d595f6fb920e4d74ded","sha1":"eb4d1404ac2d5eecd307f4588aeeab5c8ef463f1","sha256":"3a28fe59e4a2af96d8edeeb12d7040c574cf71fa88fccb5cf49e9c0a1d4e4c7a","sha512":"b1660b062c77332a119e159c5c69d3f75d375915a33f141503232f424c4fdd990998a883c271efb94e8eb909f7837d235354ecae15b58fc23ab9d1908170e831","ssdeep":"192:yfBLCNsvzXnQQuWYQVN6nYaRB5c5FM/MR6Adpf04u7w2Br:4gNYXnrYtBONxpf05r","tlshash":"62126cc87ac7f00b53ed8a53ae1a66b8117b946362a47907d3bcf6cd15e920bc179cc4","size":9183,"data":"","first_seen":"2023-03-07T12:40:02Z","last_seen":"2026-04-26T20:38:47.14126Z","times_seen":3539,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:57 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hqcdOJbGojjBbixMUC%2FpyKPQhBreBaTr5OKxxpbrttimdK7qafXrHYv7i1VKtVJI8WesP%2Fg7SQ5tVcqWhiYo%2FHxYI18JdUjRtn00XqAdOfU%3D\"}]}\r\netag: W/\"65aa84fe-d1b\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98d7190c6ea949c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3355,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"039a6734d79ed9aa51cf81c52479c5fe","sha1":"9cf29c4ea1a3880681d50c7228374f8073b7778b","sha256":"a15bad73fc8907795285b78a4a1a1bf5e7f68b4d39988b9bb165444819cf9eb1","sha512":"879f067d02f582c2ff8f9c0308cbb44b24964136c4d8074f1a1b200169b520bb49fdd2b290772dfbc3ca432fba2ce9d5b1a398eb14746613cc942dd7567fa1d9","ssdeep":"","tlshash":"3a61ba966b670a04b51ad0ab3f667b4723084007995fed757fc8620ccfc92a8d6d378e","first_seen":"2024-02-12T03:25:01Z","last_seen":"2026-04-27T15:32:25.282255Z","times_seen":2477,"resource_available":false,"data":null}},"time_used":479,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":479,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Fother%2Fadzilla%2Fbig%2F2%2Fcss%2Fstyle.css\u0026l=2400\u0026fd=529","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Fother%2Fadzilla%2Fbig%2F2%2Fcss%2Fstyle.css\u0026l=2400\u0026fd=529 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:57 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":24,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1264\u0026rd=1264\u0026fd=590\u0026bv=25.10.4943\u0026tmpl=70","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1264\u0026rd=1264\u0026fd=590\u0026bv=25.10.4943\u0026tmpl=70 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:56 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":789,"timings":{"blocked":344,"dns":2,"connect":97,"send":0,"wait":99,"receive":0,"ssl":219},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.952Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unblocked.surf","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Sep 2025 17:45:34 GMT","end":"Fri, 12 Dec 2025 08:58:58 GMT"},"fingerprint":{"sha1":"DE:FB:70:01:C2:20:57:F0:69:25:01:90:DB:D4:2B:C1:22:26:63:C3","sha256":"05:CD:5B:D9:9F:C1:63:EB:98:C7:46:F1:57:D5:54:9E:CF:63:0D:2F:42:03:B6:28:CA:B4:B3:1F:60:64:13:89"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: otakustream.unblocked.surf\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nlocation: /cdn-cgi/challenge-platform/h/g/scripts/jsd/e9c9e9d67513/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\npriority: u=3,i=?0\r\ndate: Sun, 12 Oct 2025 13:55:55 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\ncf-ray: 98d719028cc5b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9964,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"otakustream.unblocked.surf","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"amt3.com/5/9914495/?oo=1\u0026js_build=iclick-v1.1586.2\u0026userId=080260347c674ceeffd7b614fc0547e8\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=0","fqdn":"amt3.com","domain":"amt3.com","tld":"com"},"ip":{"addr":"139.45.195.9","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"amt3.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Sep 2025 05:18:13 GMT","end":"Sun, 28 Dec 2025 05:18:12 GMT"},"fingerprint":{"sha1":"07:CE:BC:65:68:14:E9:3D:A9:36:B2:F9:9B:EA:24:70:92:ED:15:21","sha256":"7E:B5:03:72:AF:6E:A6:99:87:96:AD:4D:D5:AA:4C:88:B3:63:32:D8:27:9F:0C:82:05:6A:40:FC:4F:1F:87:51"}}},"request":{"raw":"POST /5/9914495/?oo=1\u0026js_build=iclick-v1.1586.2\u0026userId=080260347c674ceeffd7b614fc0547e8\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=0 HTTP/1.1\r\nHost: amt3.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2595\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Sun, 12 Oct 2025 13:55:57 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://otakustream.unblocked.surf\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":232,"timings":{"blocked":100,"dns":13,"connect":26,"send":0,"wait":32,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"amt3.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html\u0026l=1325\u0026fd=517","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html\u0026l=1325\u0026fd=517 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:57 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":162,"timings":{"blocked":67,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/other/adzilla/big/2/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/other/adzilla/big/2/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:57 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Tue, 09 Sep 2025 11:23:23 GMT\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\netag: W/\"68c00e2b-18d\"\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Rt%2FGypqtlTwlHcVcGQr8BHgzP1U8yAJFhJUdREkhD2ortwGke%2BrTq1STc%2F80VjoO4ARKwWcs%2Bi5uwzPpmBE8k9CKB1QGxYpyM3TWbsDZeSo%3D\"}]}\r\ncf-ray: 98d7190c7ead49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":397,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"37a36981025a4dc83117b1ea5348e389","sha1":"d13a13d8284819725e63b87a6206c71a23ef3242","sha256":"7e356a6794903f614c27ab41ac97b1b95ade6593d31bda3e94062df56ec05ad0","sha512":"96245d4bb7f97ca555e016d42422210d00360eeb2921b7b84acf5bef5b3643ba9297df42a3ac1c0e031f38d93b9a8e4c8834eb6aa6dd48f162ad597f4f3a7f05","ssdeep":"","tlshash":"11e02b38a2685274c7b7d2a2618f5b9f2630425fd00a029e702c534e0ee1fa612c1d6b","first_seen":"2025-09-12T13:40:28.363426Z","last_seen":"2026-04-26T20:38:46.439875Z","times_seen":216,"resource_available":false,"data":null}},"time_used":475,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":475,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/img/close.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/img/close.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:57 GMT\r\ncontent-type: image/png\r\ncontent-length: 591\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ve7oIMMKOcV5ji%2BcnSN2VIIZ4s9FA8PknGCFJoPiICgqjpSNQukwkN%2BcnhKaqVTZsLu8uQBfTwuSpW0OuhFqFgSeNhrdg1RlFhMfmCYu\"}]}\r\netag: \"65aa84fe-24f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 731885\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98d7190d3b12569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":591,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced","md5":"9fd5bcb6103d86e317bd1eb019bcbe71","sha1":"6b5a52ea669dcb74946f2bed4bdd7ec985026113","sha256":"0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae","sha512":"e244a8842c009fa83e8d9d1088ec5b76ca2a42660568b7886e01724977b9ebd4e43690e0c651e25287c64dcc4826391b34cae6a106e2148139450dd05fc5a562","ssdeep":"","tlshash":"b0f0414e7c5903a1874caf3b18dd00119c27898077c82e0db689eed20e008e215471da","first_seen":"2023-04-11T11:09:41Z","last_seen":"2026-04-27T15:32:24.673188Z","times_seen":5123,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/e7/1b/13/e71b13312082539e211f40b180b929f1/1680663431.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/e7/1b/13/e71b13312082539e211f40b180b929f1/1680663431.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 13:55:57 GMT\r\ncontent-type: image/png\r\ncontent-length: 70608\r\nserver: nginx/1.21.6\r\nlast-modified: Wed, 05 Apr 2023 02:57:19 GMT\r\netag: \"642ce38f-113d0\"\r\nexpires: Tue, 14 Oct 2025 13:55:57 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70608,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"61b6bebe0cb42acfc8731bdca04aa71a","sha1":"d396876682997f10b3bf721df1204677e3b5b0be","sha256":"3bebac68fde7ea059ec5422cb3162c3765ff43c7263e9be6e6b324b73ad0e6f2","sha512":"6883904fb678ea57cbedbd3753c93f5e8f73a79b8abf79fefed3ca2ea0d3eb635c9843419cfda66a561addaed6c68d67151ed51270d31ed3e597e67215173e5a","ssdeep":"1536:xK57wBBmhOG4aC7NV3fwtbCj9Q4tsd8aB0oqaoPHmqrfTwHMX:xK1wBgNZaNV34Cj9Q4Sd5aosPd/wsX","tlshash":"0c63010ed38967b86ec02b9fb3097f408b2473acc719c0d768b059b7a346c1961b7d5a","first_seen":"2023-06-24T15:48:47Z","last_seen":"2026-04-27T14:52:03.933796Z","times_seen":944,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":61,"dns":9,"connect":19,"send":0,"wait":62,"receive":15,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=480","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.968Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=480 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:58 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8","fqdn":"origunix.com","domain":"origunix.com","tld":"com"},"ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"origunix.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Sep 2025 00:54:40 GMT","end":"Mon, 15 Dec 2025 00:54:39 GMT"},"fingerprint":{"sha1":"EA:4D:52:7B:A7:DC:EC:8E:C0:40:42:81:FA:8B:F0:41:1A:8A:06:B9","sha256":"D2:C4:BB:C0:BC:07:5E:9C:EA:13:D3:33:59:AD:22:BA:79:E4:4D:F0:C5:B5:9E:48:3B:85:95:0C:1F:60:60:82"}}},"request":{"raw":"GET /sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8 HTTP/1.1\r\nHost: origunix.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Sun, 12 Oct 2025 13:55:55 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nCache-Control: no-store, max-age=0\r\nAccept-Ch: Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://msdoj.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64136,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":263,"timings":{"blocked":101,"dns":27,"connect":31,"send":0,"wait":32,"receive":0,"ssl":68},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"origunix.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.125.105.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 13:55:55 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://otakustream.unblocked.surf\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=8fe3ec24-e33c-46e4-98fd-2b8dd5f0f03d:3:1; expires=Wed, 10 Oct 2035 13:55:55 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"6bb96347c6f102fe64fe60e4b4a6124a","sha1":"c72cde7b17492a36a2f2c59ec66f17aa97271993","sha256":"7f033a56f8548651e83fec49d4e5dba85b869b4caaa3d94ff2adcb79d63d6cdb","sha512":"cf4311f4ec7f7d9bdd5fda612c19360f34cf44562418a04ab136a6bdd8897302c69ecf3f7b1aed6f5cc411289e51d072ed4fb5bfdd5973fce4a0011e548246a8","ssdeep":"","tlshash":"979004445f01031dc4070c4c341d0f5131d7334c5113110141114d353c43cd74754043","first_seen":"2025-10-12T13:56:27.80156Z","last_seen":"2025-10-12T13:56:27.80156Z","times_seen":1,"resource_available":false,"data":null}},"time_used":720,"timings":{"blocked":337,"dns":33,"connect":24,"send":0,"wait":41,"receive":1,"ssl":270},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:56.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Oct 2025 15:30:46 GMT","end":"Tue, 06 Jan 2026 16:29:13 GMT"},"fingerprint":{"sha1":"CE:BB:4F:68:2C:89:90:90:9F:0D:E4:DC:37:55:B5:DC:41:49:D6:F9","sha256":"52:3F:5E:43:C5:77:DF:EF:E5:AE:11:CA:C1:74:9E:6B:A8:63:B6:7A:C9:7F:8F:58:EF:05:C6:35:2F:C7:D2:9B"}}},"request":{"raw":"GET /sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 13:55:57 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Mon, 27 Sep 2021 07:43:24 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Yg6784BIM9bchTynYGVOnEfzyFmaRn0rUlbL%2BF%2BHWRQjkXJLasPvmpSb9s9IQxcWOQXb7g95CX7rxKVgIyYUqBxo7PqeNTLSQrwyQjU%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98d71907af90b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1325,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"f6990569c7ffeac1f4a3f6d9eee5da44","sha1":"e7d5e37acf89a8faee252c36fc2c9d6615501d76","sha256":"cc2a9756c81bd570fff8b32e48a413687c33f8abe9c934e743a0769178b4f690","sha512":"be3ebced9d65b29fef8caab46e95f54f1ca645ea5942331c84c964ec033fb7c78506d14eda131948b7f664f1635deaa8d82a63169f9214f72035b087ea104bda","ssdeep":"","tlshash":"a52105692df9c97311e750947b352f1bed92ea87c80a6e0173bc9d684f9ad84cd23407","first_seen":"2023-06-26T22:59:31Z","last_seen":"2026-04-27T15:32:25.365644Z","times_seen":2695,"resource_available":false,"data":null}},"time_used":526,"timings":{"blocked":31,"dns":0,"connect":1,"send":0,"wait":457,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/ren.gif?sid=H4sIAAAAAAAC_1RSTWgkRRitTvamIP7gTZjDHhTMpP9mMuMelo27kWhMQjYSxFNVV_WkTE1XW9U9PRkvwYDuzdmD4LHzJtmgBlHEo7BMvEhQ2BHEHDYXjx6FBS8iMxmIvsP3vY9Xh_e9rz4-yC9IgJyer7-te1IpOl-rupWXt2TCdWErq5sVz626NypbMqmHNyrdcTGd17wgrLqvVN4Q0Y6e913PdT3XqyxJI2LdnZ-okOlJ06s23WroV71aiK75_2xzB5Y64J0L8hwkHz3zR_weZDRE0v7mtrA7mU5fvdPOFc20QYcfv5PsJLpI0L6isXEQJ8fT19B2RMjnM9DJ8XQD6M7heAMwOSIzLz4GS46nNsE6R5dOmYJIwPhTKDpDCDWEpENEeh-SPyJAxLG6hqT9YFWbgu5eqnSsjsi1J39BFiNy7fELSNpfLyrZrdzVKs-kTiy6cQnZHUK2hkjzU2S9GcjiFFH2EST_hcw_WUHSPlyzSkPy8-u1WiMQvuBzbuS6c2EomnPM8-pzse_HjThknHneJCIZD0HtLHLrIJcO8thBnjpo8_NK6DbCyKNBPW7yaMENaRhywdxmw3dd2owWkEdj731kaR-R6iMye0jNHnbk_Ufh9zD5Q9jtEpY7sBlBh5coBEFhCQpKUEiCIiMoOuURV9a35QOubM68afenPSgHOmsd0COdtURCQE0fhpeHMv3A7iPKZge92PKBHhfKsnJAGS8P0gvy7DhZ591_LHbEeYW6gc9CHgRRgwpab9AwbrJG6Ae1uheyOIaVJaSdAbUOenJEFkY_IZUjQj79HYyewqpTRHIWNH8JtChBt0v0khMuTWp0d7ca6Ta4LpFm15DtOgfqgjw_2NhcfDg58K2_P4OIzm7-Fk-AyJRITYn35Y8ELXVvsKELcrihC0u-XUsz2ZY9Oj7-3YxmYvbLt8RuoQ1fvm37X9yKxsKYnmwKm63QhMukZclXi5JzYZa0iQT5YdluCbae2-3F3CR5urL--tJyOzXCWqmTIagcEefDnxHJEXn6zTuTj319-RNE6R5seuXTagKWOlCSQIkzMgUoK2H_M7MrfmDvoWUc0GwfSbtEx5ToqBJU9WHz2UGWmrObvwYTgClnwJRxDpky6v5lTlaeV2o-C-qNRl3EdR4HPPAD3qy5ohnSZj1shjVkdrT953fq3wAAAP__RL0Fy3sEAAA=","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:56.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"directlycascade.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Sep 2025 11:12:27 GMT","end":"Tue, 09 Dec 2025 11:12:26 GMT"},"fingerprint":{"sha1":"76:17:4A:20:73:64:94:52:3B:6A:50:E2:7C:F7:F5:73:52:38:47:A4","sha256":"66:CD:95:7F:5E:D7:56:27:7A:6F:3B:80:CB:84:DC:89:A0:F0:BB:44:49:55:B4:81:76:24:2E:38:E3:FC:78:29"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSTWgkRRitTvamIP7gTZjDHhTMpP9mMuMelo27kWhMQjYSxFNVV_WkTE1XW9U9PRkvwYDuzdmD4LHzJtmgBlHEo7BMvEhQ2BHEHDYXjx6FBS8iMxmIvsP3vY9Xh_e9rz4-yC9IgJyer7-te1IpOl-rupWXt2TCdWErq5sVz626NypbMqmHNyrdcTGd17wgrLqvVN4Q0Y6e913PdT3XqyxJI2LdnZ-okOlJ06s23WroV71aiK75_2xzB5Y64J0L8hwkHz3zR_weZDRE0v7mtrA7mU5fvdPOFc20QYcfv5PsJLpI0L6isXEQJ8fT19B2RMjnM9DJ8XQD6M7heAMwOSIzLz4GS46nNsE6R5dOmYJIwPhTKDpDCDWEpENEeh-SPyJAxLG6hqT9YFWbgu5eqnSsjsi1J39BFiNy7fELSNpfLyrZrdzVKs-kTiy6cQnZHUK2hkjzU2S9GcjiFFH2EST_hcw_WUHSPlyzSkPy8-u1WiMQvuBzbuS6c2EomnPM8-pzse_HjThknHneJCIZD0HtLHLrIJcO8thBnjpo8_NK6DbCyKNBPW7yaMENaRhywdxmw3dd2owWkEdj731kaR-R6iMye0jNHnbk_Ufh9zD5Q9jtEpY7sBlBh5coBEFhCQpKUEiCIiMoOuURV9a35QOubM68afenPSgHOmsd0COdtURCQE0fhpeHMv3A7iPKZge92PKBHhfKsnJAGS8P0gvy7DhZ591_LHbEeYW6gc9CHgRRgwpab9AwbrJG6Ae1uheyOIaVJaSdAbUOenJEFkY_IZUjQj79HYyewqpTRHIWNH8JtChBt0v0khMuTWp0d7ca6Ta4LpFm15DtOgfqgjw_2NhcfDg58K2_P4OIzm7-Fk-AyJRITYn35Y8ELXVvsKELcrihC0u-XUsz2ZY9Oj7-3YxmYvbLt8RuoQ1fvm37X9yKxsKYnmwKm63QhMukZclXi5JzYZa0iQT5YdluCbae2-3F3CR5urL--tJyOzXCWqmTIagcEefDnxHJEXn6zTuTj319-RNE6R5seuXTagKWOlCSQIkzMgUoK2H_M7MrfmDvoWUc0GwfSbtEx5ToqBJU9WHz2UGWmrObvwYTgClnwJRxDpky6v5lTlaeV2o-C-qNRl3EdR4HPPAD3qy5ohnSZj1shjVkdrT953fq3wAAAP__RL0Fy3sEAAA= HTTP/1.1\r\nHost: directlycascade.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nCookie: uid_id2=5583e2ed-0c00-44e9-b116-f22f8f4bdb11:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[4323733]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:56 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: directlycascade.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 5ab533e03e46af2e2970537ff477b1fd\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/img/close.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/img/close.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:57 GMT\r\ncontent-type: image/png\r\ncontent-length: 591\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jMZwTPAhGBHKW5BFIk47%2BEN0KApcJAqZ43J5g%2FdzziQzsCSPWVkOiAD82Cl45x3KqaOaBckhwq2EfLNJvswhqjzzJAdy%2F%2FBUofMAPqYb\"}]}\r\netag: \"65aa84fe-24f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 731885\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98d7190d4b14569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":591,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced","md5":"9fd5bcb6103d86e317bd1eb019bcbe71","sha1":"6b5a52ea669dcb74946f2bed4bdd7ec985026113","sha256":"0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae","sha512":"e244a8842c009fa83e8d9d1088ec5b76ca2a42660568b7886e01724977b9ebd4e43690e0c651e25287c64dcc4826391b34cae6a106e2148139450dd05fc5a562","ssdeep":"","tlshash":"b0f0414e7c5903a1874caf3b18dd00119c27898077c82e0db689eed20e008e215471da","first_seen":"2023-04-11T11:09:41Z","last_seen":"2026-04-27T15:32:24.673188Z","times_seen":5123,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:58 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\netag: W/\"65aa84fe-3c2\"\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VEZ43NLKlY%2FCpRiNz9pESKq2wDi%2FKpG%2FIPH3232dSvfu4X6LetaFJI59OKZel0GlhHBAeuNskm8dDREaDD4xhYfaBSTRUQCUucbhEV%2BcVDM%3D\"}]}\r\ncf-ray: 98d7190d9ec549c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":962,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"0013fbb3bd9e7300fa1bc9f62501dcf0","sha1":"447e4a8994979e2e158b9beff79b94e7d1b29508","sha256":"4cf18df81115ddab6967dc82096077ee024223dac3c6ffc9b810bffb7780a20e","sha512":"288a5e82fdbfdadf11f5a15ed40b54b67dd43fd83f0666abf85ebc0f14ef3b6e5e9104c3491fdb85b40e5556b252d933ee8cbe6e381e96e01170e76c60003dc6","ssdeep":"","tlshash":"e7117d37156882f06257f027a15729d6ee32029ee81a5707721c06cd0ec47b913fa6e7","first_seen":"2023-06-25T06:36:24Z","last_seen":"2026-04-27T15:32:25.267519Z","times_seen":2577,"resource_available":false,"data":null}},"time_used":455,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":455,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/impr.gif?sid=H4sIAAAAAAAC_1RSTWgkRRitTvamIP7gTZjDHhTMpHu6ZzLjHpaNuyvRdTdkI0E81V9PytR0tVXd05PxEgzo3pw9CB47b5INahBFPArLxIsEhR1BzGFz8ehRWPAiMpOB6Dt83_t4dXjf--rjvfyMhMjp6erbpq-0pov1ql95eUMlwhSucnu9EvhV_0plQyWN6EqlNym2-1oQRlX_lcobkm-ZxZof-H7gB5WbysrY9BanKlR61AqqLb8a1apBPULP_n92uQdHPYjuGXkOSoyf-SN-D4qPkHS-uS7dVmbSV290ck0zY9EVh-8kW4kpEnQuaGw9xMnh7DWMGxPy-RxMcjjbAKa7P9kATI3J3IuPwZLDmU2w7sG5U6YhEzDxFIruCFKPoOgI3OxCiUcE4AK37yDpPLhtbEG3z1U6Ucfk0pO_oIoxufT4BSSdr5e16lXuGp1nyiQOvbiE6o2g2iOk-TGy_hxUcQyefQQlfiGLT24h6ezfcdpAidPL9XozlDUpFnzu-wtRJFsLLAgaC3GtFjfjiAkWBNOIVDwCdfPInYdcechjD3nqoSNOK5HfjHhAw0bcEnzJj2gUCcn8VrPm-7TFl5DzifcBsnQArgfgdgep3cGWuv8o-h42fwi3WcIJDy4j6IoShSQoHEFBCQpFUGQERbc8ENrVXPlAaJezYNZrsx6WQ5O19-iBydoyIaB2ACvKfZV-4HbBs_lhP3ZiaCaFsqwcUibKvfSMPDtJ1nv3H4cteVqhflhjkQhD3qSSNpo0ilusGdXCeiOIWBzDqRLKzYE6D301Jkvjn5CqMSGf_g5Gj-H0MbiaB81fAi1K0M0S_eRIKJta09uuctOBMCXS7BKybW9Pn5Hnh2vryw-nB77292eQ_OTqb_EU4LZEaku8r34kaOt7wzVTkP01Uzjy7Z00Ux3Vp5Pj381oJue_fEtuF8aKletu8MU1PhEm9GhduuwWTYRK2o58tayEkPamsVySH1bchmSrudtczm2Sp7dWX7-50kmtdE6ZZASqxsT78GdwNSZPv3lj-rEvr3wCnu7ApRc-nSFgqQetCLQ8ITOAshLuPzO74HvuHtrWA812kXRKdG2Jri5B9QAunx9mqT25-ms4BZj2hkxbb59pq--f5-TUaSUOZY37fnOpEYTNWAZhJHhcb0Yt0aB-GEpkbrz553f63wAAAP__uNWVFXsEAAA=","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:58.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"directlycascade.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Sep 2025 11:12:27 GMT","end":"Tue, 09 Dec 2025 11:12:26 GMT"},"fingerprint":{"sha1":"76:17:4A:20:73:64:94:52:3B:6A:50:E2:7C:F7:F5:73:52:38:47:A4","sha256":"66:CD:95:7F:5E:D7:56:27:7A:6F:3B:80:CB:84:DC:89:A0:F0:BB:44:49:55:B4:81:76:24:2E:38:E3:FC:78:29"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSTWgkRRitTvamIP7gTZjDHhTMpHu6ZzLjHpaNuyvRdTdkI0E81V9PytR0tVXd05PxEgzo3pw9CB47b5INahBFPArLxIsEhR1BzGFz8ehRWPAiMpOB6Dt83_t4dXjf--rjvfyMhMjp6erbpq-0pov1ql95eUMlwhSucnu9EvhV_0plQyWN6EqlNym2-1oQRlX_lcobkm-ZxZof-H7gB5WbysrY9BanKlR61AqqLb8a1apBPULP_n92uQdHPYjuGXkOSoyf-SN-D4qPkHS-uS7dVmbSV290ck0zY9EVh-8kW4kpEnQuaGw9xMnh7DWMGxPy-RxMcjjbAKa7P9kATI3J3IuPwZLDmU2w7sG5U6YhEzDxFIruCFKPoOgI3OxCiUcE4AK37yDpPLhtbEG3z1U6Ucfk0pO_oIoxufT4BSSdr5e16lXuGp1nyiQOvbiE6o2g2iOk-TGy_hxUcQyefQQlfiGLT24h6ezfcdpAidPL9XozlDUpFnzu-wtRJFsLLAgaC3GtFjfjiAkWBNOIVDwCdfPInYdcechjD3nqoSNOK5HfjHhAw0bcEnzJj2gUCcn8VrPm-7TFl5DzifcBsnQArgfgdgep3cGWuv8o-h42fwi3WcIJDy4j6IoShSQoHEFBCQpFUGQERbc8ENrVXPlAaJezYNZrsx6WQ5O19-iBydoyIaB2ACvKfZV-4HbBs_lhP3ZiaCaFsqwcUibKvfSMPDtJ1nv3H4cteVqhflhjkQhD3qSSNpo0ilusGdXCeiOIWBzDqRLKzYE6D301Jkvjn5CqMSGf_g5Gj-H0MbiaB81fAi1K0M0S_eRIKJta09uuctOBMCXS7BKybW9Pn5Hnh2vryw-nB77292eQ_OTqb_EU4LZEaku8r34kaOt7wzVTkP01Uzjy7Z00Ux3Vp5Pj381oJue_fEtuF8aKletu8MU1PhEm9GhduuwWTYRK2o58tayEkPamsVySH1bchmSrudtczm2Sp7dWX7-50kmtdE6ZZASqxsT78GdwNSZPv3lj-rEvr3wCnu7ApRc-nSFgqQetCLQ8ITOAshLuPzO74HvuHtrWA812kXRKdG2Jri5B9QAunx9mqT25-ms4BZj2hkxbb59pq--f5-TUaSUOZY37fnOpEYTNWAZhJHhcb0Yt0aB-GEpkbrz553f63wAAAP__uNWVFXsEAAA= HTTP/1.1\r\nHost: directlycascade.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nCookie: uid_id2=5583e2ed-0c00-44e9-b116-f22f8f4bdb11:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[4323733]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:58 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nSet-Cookie: iprc_l+85f0396212bc41a7623277836ce1abcb=4323733; expires=Mon, 13 Oct 2025 13:55:58 GMT; path=/; secure; SameSite=None\niprc_l:4323733=1; expires=Mon, 13 Oct 2025 13:55:58 GMT; path=/; secure; SameSite=None\r\nHost: directlycascade.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d28ba7c5d738095df11bb1d4706defc7\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:58.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 12:56:02 GMT\r\nexpires: Fri, 09 Oct 2026 12:56:02 GMT\r\ncache-control: public, max-age=31536000\r\nage: 262796\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-27T16:19:40.943419Z","times_seen":766333,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":9,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vmuid.com/uid/send","fqdn":"vmuid.com","domain":"vmuid.com","tld":"com"},"ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"vmuid.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Sep 2025 01:59:37 GMT","end":"Mon, 15 Dec 2025 01:59:36 GMT"},"fingerprint":{"sha1":"84:BD:C5:EF:9D:1D:34:8C:A0:22:2D:D2:FB:A2:D3:F5:74:5F:7A:90","sha256":"30:7E:44:EB:16:94:91:A3:8A:D6:C1:32:D3:2D:D0:B9:A7:40:77:14:44:AB:8F:B5:EE:45:E6:8B:43:50:B5:55"}}},"request":{"raw":"POST /uid/send HTTP/1.1\r\nHost: vmuid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://otakustream.unblocked.surf/\r\nContent-Type: multipart/form-data; boundary=---------------------------9827462979260955391215822121\r\nContent-Length: 317\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 12 Oct 2025 13:55:55 GMT\r\nContent-Type: application/json\r\nContent-Length: 65\r\nConnection: keep-alive\r\nCache-Control: no-store, max-age=0\r\nAccept-Ch: Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version\r\nAccess-Control-Allow-Origin: https://otakustream.unblocked.surf\r\nAccess-Control-Allow-Headers: X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, set-cookie, Cookie\r\nAccess-Control-Allow-Credentials: true\r\nSet-Cookie: guid=f5d06024-54ae-44ee-9456-e7aa60ef7f0b; expires=Wed, 31 Dec 2025 00:00:00 GMT; domain=vmuid.com; path=/; secure; SameSite=None\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"71babc0fb0a43e36de85d40d66d30e45","sha1":"a3e204db11fde365dd154fd9294acdcc2e9d896b","sha256":"00148e9e1b9ba9db8d06f73cb2085fa45fb37aa750b82e80e24f8be64458cfb1","sha512":"cf0f84c3f59dbaa9e8adad2e774b5702a041f69955787907a4791a82a8a3b378b19648518898d38a9c76c635bfd2cec0e0e47b2189c1e760006077cce6ec44b5","ssdeep":"","tlshash":"32a02202f800033f82a8328000b83e3008e0a080822a30c80808002b820330be000080","first_seen":"2025-10-12T13:56:27.811553Z","last_seen":"2025-10-12T13:56:27.811553Z","times_seen":1,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"vmuid.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 13:55:57 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa84fe-d1b\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9HQmd4x3ow2fo4cbWXTBlMwXh2yT7QSmbMScXTnaGRrNSkRmccDB7LNHr0sOQigW06N8rYAy1owkYaQLdnmSbklnZWSL%2F4xv0qq17%2BVa\"}]}\r\ncf-ray: 98d7190c483cb500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3355,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"039a6734d79ed9aa51cf81c52479c5fe","sha1":"9cf29c4ea1a3880681d50c7228374f8073b7778b","sha256":"a15bad73fc8907795285b78a4a1a1bf5e7f68b4d39988b9bb165444819cf9eb1","sha512":"879f067d02f582c2ff8f9c0308cbb44b24964136c4d8074f1a1b200169b520bb49fdd2b290772dfbc3ca432fba2ce9d5b1a398eb14746613cc942dd7567fa1d9","ssdeep":"","tlshash":"3a61ba966b670a04b51ad0ab3f667b4723084007995fed757fc8620ccfc92a8d6d378e","first_seen":"2024-02-12T03:25:01Z","last_seen":"2026-04-27T15:32:25.282255Z","times_seen":2477,"resource_available":false,"data":null}},"time_used":497,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":497,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/impr.gif?sid=H4sIAAAAAAAC_1RSTWgkRRitTvamIP7gTZiDBwWZdE93JjPuYdm4G4nGJGYjQTxVV1VPylR3tVXd05PxEgzIggdnb3rrvEk2qEEU8SgsEy8SFLYFMYfNxaNHYcGLyEwGoh_0972P14f33lcfH-QXxEdOz9ff0n2pFJ2br7u1l7ZkwnVha6ubNc-tu9drWzJpBtdrvXEz3Vc9P6i7L9deF2xHzzVcz3U916stSSMi3ZubsJDpSdurt9160Kh78wF65v-7zR1Y6oB3L8gzkLx66o_oPUg2QhJ_c0vYnUynr9yOc0UzbdDlx-8kO4kuEsRXMDIOouR4-je0rQj5bAY6OZ46gO4ejh0glBWZef4RwuR4KhNh9-hSaaggEoT8CRTdEYQaQdIRmN6H5A8JwDhW15DE91e1KejuJUvHbEWuPf4LsqjItUfPIYm_XlSyV7ujVZ5JnVj0ohKyN4LsjJDmp8j6M5DFKVj2EST_hcw9XkESH65ZpSF5OXEvoxGodZCPP-kgjxzkqYOYn9cCtxUwj_rNqM3ZghvQIOAidNuthuvSNltAzsayBsjSAZgagJk9pGYPO_Lew-B7mPwB7HYJyx3YrCLO23vo8hKFICgsQUEJCklQZARFtzziyjZseZ8rm4fedDam0y-HOusc0COddURCQM0AhpeHMv3A7oNls8N-ZPlQjxsNs3JIQ14epBfk6XFwzrv_WOyI8xp1_UYYcN9nLSpos0WDqB22goY_3_SCMIpgZQlpZyaZ9GVFFqqfkMqKkE9_R0hPYdUpmJwFzV8ALUrQ7RL95IRLkxrd260zHYPrEml2Ddmuc6AuyLPDjc3FB5P73fz7cwh2duO3aFJgpkRqSrwvfyToqLvDDV2Qww1dWPLtWprJWPbp-LZ3MpqJ2S_fFLuFNnz5lh18cZONiTE82RQ2W6EJl0nHkq8WJefCLGnDBPlh2W6JcD2324u5SfJ0Zf21peU4NcJaqZMRqKyI8-HPYLIiT75xe_JuX1z-BCzdg02vdFpNEKYOlCRQ4oxMCzQsYf-zh1f4wN5Fxzig2T6SuETXlOiqElQNYPPZYZaasxu_-pNCqJxhqIxzGCqj7l3mZOV5LfJFg7lua6Hp-a1IeH7AWTTfCtq8SV3fF8hstf3nd-rfAAAA__-3vUr2WgQAAA==","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:58.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 21:51:40 GMT","end":"Thu, 01 Jan 2026 21:51:39 GMT"},"fingerprint":{"sha1":"AC:0E:0A:1C:AA:E5:DB:3D:5E:08:F6:26:F1:1D:98:65:42:D8:4F:97","sha256":"24:D8:C8:0C:EB:CB:B6:51:7E:D6:F0:16:2A:4D:4C:93:AF:30:D4:E9:B0:FF:9D:5C:C7:9E:8F:A5:CE:E2:1A:E1"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSTWgkRRitTvamIP7gTZiDBwWZdE93JjPuYdm4G4nGJGYjQTxVV1VPylR3tVXd05PxEgzIggdnb3rrvEk2qEEU8SgsEy8SFLYFMYfNxaNHYcGLyEwGoh_0972P14f33lcfH-QXxEdOz9ff0n2pFJ2br7u1l7ZkwnVha6ubNc-tu9drWzJpBtdrvXEz3Vc9P6i7L9deF2xHzzVcz3U916stSSMi3ZubsJDpSdurt9160Kh78wF65v-7zR1Y6oB3L8gzkLx66o_oPUg2QhJ_c0vYnUynr9yOc0UzbdDlx-8kO4kuEsRXMDIOouR4-je0rQj5bAY6OZ46gO4ejh0glBWZef4RwuR4KhNh9-hSaaggEoT8CRTdEYQaQdIRmN6H5A8JwDhW15DE91e1KejuJUvHbEWuPf4LsqjItUfPIYm_XlSyV7ujVZ5JnVj0ohKyN4LsjJDmp8j6M5DFKVj2EST_hcw9XkESH65ZpSF5OXEvoxGodZCPP-kgjxzkqYOYn9cCtxUwj_rNqM3ZghvQIOAidNuthuvSNltAzsayBsjSAZgagJk9pGYPO_Lew-B7mPwB7HYJyx3YrCLO23vo8hKFICgsQUEJCklQZARFtzziyjZseZ8rm4fedDam0y-HOusc0COddURCQM0AhpeHMv3A7oNls8N-ZPlQjxsNs3JIQ14epBfk6XFwzrv_WOyI8xp1_UYYcN9nLSpos0WDqB22goY_3_SCMIpgZQlpZyaZ9GVFFqqfkMqKkE9_R0hPYdUpmJwFzV8ALUrQ7RL95IRLkxrd260zHYPrEml2Ddmuc6AuyLPDjc3FB5P73fz7cwh2duO3aFJgpkRqSrwvfyToqLvDDV2Qww1dWPLtWprJWPbp-LZ3MpqJ2S_fFLuFNnz5lh18cZONiTE82RQ2W6EJl0nHkq8WJefCLGnDBPlh2W6JcD2324u5SfJ0Zf21peU4NcJaqZMRqKyI8-HPYLIiT75xe_JuX1z-BCzdg02vdFpNEKYOlCRQ4oxMCzQsYf-zh1f4wN5Fxzig2T6SuETXlOiqElQNYPPZYZaasxu_-pNCqJxhqIxzGCqj7l3mZOV5LfJFg7lua6Hp-a1IeH7AWTTfCtq8SV3fF8hstf3nd-rfAAAA__-3vUr2WgQAAA== HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl15816950=1; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[4323737]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:58 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nVary: Origin\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nSet-Cookie: iprc_l+ef8f2c91b52b2a46c278aadab53ff506=4323737; expires=Mon, 13 Oct 2025 13:55:58 GMT; path=/; secure; SameSite=None\niprc_l:4323737=1; expires=Mon, 13 Oct 2025 13:55:58 GMT; path=/; secure; SameSite=None\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 662a5c9e382eb00b59fc46afb25b6a42\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-12T13:55:54.264Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unblocked.surf","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Sep 2025 17:45:34 GMT","end":"Fri, 12 Dec 2025 08:58:58 GMT"},"fingerprint":{"sha1":"DE:FB:70:01:C2:20:57:F0:69:25:01:90:DB:D4:2B:C1:22:26:63:C3","sha256":"05:CD:5B:D9:9F:C1:63:EB:98:C7:46:F1:57:D5:54:9E:CF:63:0D:2F:42:03:B6:28:CA:B4:B3:1F:60:64:13:89"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: otakustream.unblocked.surf\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 13:55:54 GMT\r\ncontent-type: text/html;charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cY5wHftq934CUclpmMrMfcQvOThEKEAC9Gu4y2Z3IPZqH6ObJLdSnHjZyOQmdX%2BtSPzqGqY6lz1o9n%2F68aNlyBskylwQmBB7o63LwkwrNAMfmQSV7W3DEQ%3D%3D\"}]}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 12 Oct 2025 13:55:54 GMT\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 98d718f979d70b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":57629,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (54377)","md5":"eab94dff5e915886846683bd7b178d32","sha1":"fd9e5408176c23cab2d4be78b5dbcfee89f8ff57","sha256":"f293a52055a5eea1f7fa2d80213b1bec756da15b00ba384c9a9d8dd8f5b8125b","sha512":"0e4ef7be9e54592a92e1179f3074d932e21ff72fb94a7a43d6b1bdc46d74ab7d0f8f54cc7986b33383e06482895ea5490e2349f9c7d67f46895542f1e20e6cb1","ssdeep":"768:1ZTnH4QDSydjV6hD1ZfGL93qqNpBuEWx/C:zH4QDSymffGL93q4pBuEWx/C","tlshash":"3b4341226804cc26835b49d939b1672462fb830ac79b2985f4b9c7f92befd6cd733415","first_seen":"2025-10-12T13:56:27.814562Z","last_seen":"2025-10-12T13:56:27.814562Z","times_seen":1,"resource_available":false,"data":null}},"time_used":698,"timings":{"blocked":213,"dns":3,"connect":1,"send":0,"wait":273,"receive":0,"ssl":206},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"otakustream.unblocked.surf","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/wp-content/cache/autoptimize/css/autoptimize_059185088f753f88cc6bae6f78fafc48.css","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unblocked.surf","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Sep 2025 17:45:34 GMT","end":"Fri, 12 Dec 2025 08:58:58 GMT"},"fingerprint":{"sha1":"DE:FB:70:01:C2:20:57:F0:69:25:01:90:DB:D4:2B:C1:22:26:63:C3","sha256":"05:CD:5B:D9:9F:C1:63:EB:98:C7:46:F1:57:D5:54:9E:CF:63:0D:2F:42:03:B6:28:CA:B4:B3:1F:60:64:13:89"}}},"request":{"raw":"GET /wp-content/cache/autoptimize/css/autoptimize_059185088f753f88cc6bae6f78fafc48.css HTTP/1.1\r\nHost: otakustream.unblocked.surf\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:55 GMT\r\ncontent-type: text/css;charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qUxR3VgQzLm9anF35MD9ZuoGDwOdTMJ8sAm5MHHerjcFK%2BkYs3IFSe%2BNAdersFcS7Kmt6TW40hr23MG%2FE3X7tDQNrrNPQwnHRFCdE9qF4ieZUGvuuMY9eg%3D%3D\"}]}\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 12 Oct 2025 13:55:55 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98d718fcac74b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":322694,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (41724)","md5":"4e1b0ab894f9f1568a51f597a3222cac","sha1":"ad366d67a89473c84c5972eae6023ca7150d91ea","sha256":"e8c49b56a29210858a26ce452d2978ee7cf4b23e0c2bb88e26ad8dec64204471","sha512":"63dcc6fef40787211d4aff13c5476bc6ef1fd5845ea8f67e1c22ee07ba46d4900aca7d5d524c491080be8fc9bc699aaa52a6979bf8d728791e50083d0b3e9910","ssdeep":"3072:hVLyt7ZKY7ML6YVA3JQLEMH2UtHDJg186Gh/P3a2TFs:hV+tRML6YVA3CLEMH2UtHDJg186GnK","tlshash":"6264c723f191362db027c91565d07bbd263ec416d2621ffef427bb648b865ca0673a0e","first_seen":"2025-10-12T13:56:27.818979Z","last_seen":"2025-10-12T13:56:27.818979Z","times_seen":1,"resource_available":false,"data":null}},"time_used":331,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":82,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"otakustream.unblocked.surf","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.044Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 21:51:40 GMT","end":"Thu, 01 Jan 2026 21:51:39 GMT"},"fingerprint":{"sha1":"AC:0E:0A:1C:AA:E5:DB:3D:5E:08:F6:26:F1:1D:98:65:42:D8:4F:97","sha256":"24:D8:C8:0C:EB:CB:B6:51:7E:D6:F0:16:2A:4D:4C:93:AF:30:D4:E9:B0:FF:9D:5C:C7:9E:8F:A5:CE:E2:1A:E1"}}},"request":{"raw":"GET /a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:55 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 29960\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 02fda56e04f9052d2d6013ca37fbb9ca\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":76546,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"ce965313d83639f794092022d57b1739","sha1":"916b1cb1d306ade0695c61beb215484e3dafd697","sha256":"b525812062879c81f39fb11ff3419280cf89f34b5a5998de2f3b5a1e699f2635","sha512":"65baeaa525585cc53925e800e2762a3ec1bde83c350c8c595f019c6de32bd49567a50ca24230712f1635db73089bd0cb6d39a3139541b4367a86aa2ada28e1d1","ssdeep":"1536:ic4Bys1/N5gpvcZFr378CgGJWH1EaTmj2wK/Y:gmvcLkGJWH1ECmaG","tlshash":"7473d9883f96b0a403a2b4b3252fd50ee13a4d52658cf4d8da1794d8ed6cf1bfa39914","first_seen":"2025-10-08T14:56:19.02822Z","last_seen":"2025-10-12T17:53:19.128317Z","times_seen":12,"resource_available":true,"data":null}},"time_used":818,"timings":{"blocked":295,"dns":42,"connect":93,"send":0,"wait":98,"receive":97,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"msdoj.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8","fqdn":"msdoj.com","domain":"msdoj.com","tld":"com"},"ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"msdoj.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 00:32:12 GMT","end":"Fri, 28 Nov 2025 00:32:11 GMT"},"fingerprint":{"sha1":"A8:56:C4:4B:26:AD:D5:72:31:67:E8:75:28:D7:6C:F5:D6:A1:E2:B5","sha256":"65:DA:95:54:55:5B:C8:18:65:43:99:33:52:5B:EF:99:EF:5E:0F:AC:FB:6E:F7:6A:27:0B:3B:6A:69:3C:78:C7"}}},"request":{"raw":"GET /sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8 HTTP/1.1\r\nHost: msdoj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://otakustream.unblocked.surf/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 12 Oct 2025 13:55:55 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 64136\r\nConnection: keep-alive\r\nCache-Control: no-store, max-age=0\r\nAccept-Ch: Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64136,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (64136), with no line terminators","md5":"34117b158ca852d4ab2edcfa01854ac8","sha1":"d8ffd66ea1d02c229f1fd7cae1842d739f3832e0","sha256":"11a84af9f839e2b057f936f3195ba5384f8521e57c77acc201304dbf362e1f0e","sha512":"9e22988221a73939cc1873ee9771fc672c8008787c69636d7f77615548bd4ef57cd9f9cef29e10750de4f210206ffa5e225d042e69707d934a2bd7729f4617ef","ssdeep":"768:hCflSCRC850RCX+4D+R8WyX+86wA6C8CflJu4sTJ+zaXeXgtA9zk4sTJ+HXJpZ61:qvV50gPowAzJfTq3F","tlshash":"ab53d698b5d2f1a102c370b8543f6106b2366929248dc098f7b5ded5ad78d6ea633f3c","first_seen":"2025-10-12T13:56:27.826785Z","last_seen":"2025-10-12T13:56:27.826785Z","times_seen":1,"resource_available":true,"data":null}},"time_used":334,"timings":{"blocked":119,"dns":18,"connect":31,"send":0,"wait":63,"receive":34,"ssl":67},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/notifications/other/adzilla/big/2/index.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:56.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Oct 2025 15:30:46 GMT","end":"Tue, 06 Jan 2026 16:29:13 GMT"},"fingerprint":{"sha1":"CE:BB:4F:68:2C:89:90:90:9F:0D:E4:DC:37:55:B5:DC:41:49:D6:F9","sha256":"52:3F:5E:43:C5:77:DF:EF:E5:AE:11:CA:C1:74:9E:6B:A8:63:B6:7A:C9:7F:8F:58:EF:05:C6:35:2F:C7:D2:9B"}}},"request":{"raw":"GET /sb/notifications/other/adzilla/big/2/index.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 13:55:56 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Tue, 09 Sep 2025 11:23:16 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Wzt3zjyM5UF22dIdMEJR13kx3Oonb8WjxAhqgdWyudV2CzeftzgUXf7EFq%2BH9%2BKPkhw4zQS3AR2AV0FlEJeqmbWrIv57ux0RZn8MBi4%3D\"}]}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98d719079f8bb509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":844,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"e3a2c9d994fe6c8d6beb127a100d3030","sha1":"da7e6974835b1f2a612825fdb05ae928edb816b6","sha256":"fdb2a8a5d0f3f9933b4d33b2cad3205d5e99aeed720383cf8c70b668d19ec117","sha512":"7ea95545c1685584d39b4a3e88a3d29d514125282b5f272e747b01f0d62a3d7560bddc88e03fb2c60e2733105f3c5e025f31b24f5369d5e97290cd2a53185547","ssdeep":"","tlshash":"7301049f2dae92f724c230a6be313edad4d6e18b4a0744103bee04104745b708e2324e","first_seen":"2025-09-14T23:01:21.732181Z","last_seen":"2026-04-26T20:38:46.484301Z","times_seen":110,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":29,"dns":5,"connect":1,"send":0,"wait":117,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/3d/81/bb/3d81bb97268ef5728376a4b8c41e5769/1680149067.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/3d/81/bb/3d81bb97268ef5728376a4b8c41e5769/1680149067.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 13:55:57 GMT\r\ncontent-type: image/png\r\ncontent-length: 70486\r\nserver: nginx/1.21.6\r\nlast-modified: Thu, 30 Mar 2023 04:04:36 GMT\r\netag: \"64250a54-11356\"\r\nexpires: Tue, 14 Oct 2025 13:55:57 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70486,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"5b12f832c47768efe99140878896a06e","sha1":"e4ad174888c105b49055b901cf85ea28fdf08718","sha256":"cd602fed63cebb83565961dae66555978c2e1927388e50c7fb2ee0bb70939fb0","sha512":"7cae7180c69b456dd973f5430e88eca4b0fcf150c999bf14d44601906a320290bb494ee6330a8d33dc0b2ee295dc335eda1e1c6a2a394a31abca690667be1196","ssdeep":"1536:ZF2THgeV1DYIau/86djX5X01YjA/K9NF+Hp8CB2fRHCr:ZF2zgeov8dLC1Di9uJXYfA","tlshash":"9563026fd9fc60573afb58489928afcbd87e91578710d304e164868d008f9cef21b792","first_seen":"2023-06-24T15:48:47Z","last_seen":"2026-04-27T14:50:48.583252Z","times_seen":935,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":67,"dns":23,"connect":19,"send":0,"wait":36,"receive":28,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:58 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\netag: W/\"65aa84fe-3c2\"\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=47NUXNmY57QCRllYOXWCcqAR9tSFRCJNOvMnQI4wgCLY96wewQmuK5mXAIRkD%2FZ8bcZwzVJ%2By7P4bPOSKKyJ6LjSVt%2BHFEdev0n5UUR%2Ba9I%3D\"}]}\r\ncf-ray: 98d7190daec749c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":962,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"0013fbb3bd9e7300fa1bc9f62501dcf0","sha1":"447e4a8994979e2e158b9beff79b94e7d1b29508","sha256":"4cf18df81115ddab6967dc82096077ee024223dac3c6ffc9b810bffb7780a20e","sha512":"288a5e82fdbfdadf11f5a15ed40b54b67dd43fd83f0666abf85ebc0f14ef3b6e5e9104c3491fdb85b40e5556b252d933ee8cbe6e381e96e01170e76c60003dc6","ssdeep":"","tlshash":"e7117d37156882f06257f027a15729d6ee32029ee81a5707721c06cd0ec47b913fa6e7","first_seen":"2023-06-25T06:36:24Z","last_seen":"2026-04-27T15:32:25.267519Z","times_seen":2577,"resource_available":false,"data":null}},"time_used":443,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":442,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:58.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 12:56:02 GMT\r\nexpires: Fri, 09 Oct 2026 12:56:02 GMT\r\ncache-control: public, max-age=31536000\r\nage: 262796\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-27T16:19:40.943419Z","times_seen":766333,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/wp-content/uploads/2019/05/100502l.jpg","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unblocked.surf","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Sep 2025 17:45:34 GMT","end":"Fri, 12 Dec 2025 08:58:58 GMT"},"fingerprint":{"sha1":"DE:FB:70:01:C2:20:57:F0:69:25:01:90:DB:D4:2B:C1:22:26:63:C3","sha256":"05:CD:5B:D9:9F:C1:63:EB:98:C7:46:F1:57:D5:54:9E:CF:63:0D:2F:42:03:B6:28:CA:B4:B3:1F:60:64:13:89"}}},"request":{"raw":"GET /wp-content/uploads/2019/05/100502l.jpg HTTP/1.1\r\nHost: otakustream.unblocked.surf\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:55 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZmAMj0%2BYrdVwz%2FQzARPyTlONEjAPzfeoLE8HtBxUc6pLqx%2FK5P750OfJojwTtcMsJ9%2FuwboHrmV0MYzxjNDBXp84ElccrmqHpt51%2FpW%2FKvTaBMydMcenCQ%3D%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 12 Oct 2025 13:55:55 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98d718fccc85b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37687,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 424x600, components 3","md5":"e4faad5aa879e17e3e6670343b034d4c","sha1":"c3958d9ed57388d26b881418854653f41c2a1c3d","sha256":"d653eb5627cba0715341b18fd38d0048d6ccd082c2de9be89ee69e6513a5889f","sha512":"d6cb2930c25d14f9c6e068db38f89fa0752ca011536fd2a95881207d758bd54f9c74b5081db08c837580187e0071806d0808da4372ce7d9622f77e819d1df79c","ssdeep":"768:M6xFwzH+XXbevlth88JNJ+Vd9CVEcIwB6Eq29LfgqQRy58YO3X6ld7WSLC:9mHoav3WkAdUFIS9LflOM8Bn6j7WSLC","tlshash":"6a03e12338ccd85adcaec6be2739c14c750d7715fbeb20abb129144983f61e67a050ac","first_seen":"2025-07-16T15:44:51.446118Z","last_seen":"2026-03-25T03:25:34.328723Z","times_seen":31,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"otakustream.unblocked.surf","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.125.105.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 13:55:55 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://otakustream.unblocked.surf\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=f38dfe87-c3e3-46cc-ac98-39b63ca5cb2f:3:1; expires=Wed, 10 Oct 2035 13:55:55 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"4e529ea88e7f11deafa1c55a8c3c9cda","sha1":"5f60744ebc569f59b1d3a754d83f837912b5bf40","sha256":"bb1462a4d9d8de13b3f4724fc8efec8c19eb53174ca47a0d7020a369f637e476","sha512":"e9a663d4fe1e2529833050a1d3a3f53b67fe3d3fd972f97e8f6b3d6cdf76def0c665bdea47a1003ef9b81ade27a1eb9af7a12554b7215124740bd6bbf5a8dec8","ssdeep":"","tlshash":"f29004055053d504315d0d17455504144f43dd110117fd1d7501c44013c010037c4513","first_seen":"2025-10-12T13:56:27.846015Z","last_seen":"2025-10-12T13:56:27.846015Z","times_seen":1,"resource_available":false,"data":null}},"time_used":349,"timings":{"blocked":-1,"dns":1,"connect":24,"send":0,"wait":43,"receive":0,"ssl":268},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/sbar.json?key=a032b4d33c8aea68a4f9b84235614bff\u0026uuid=5583e2ed-0c00-44e9-b116-f22f8f4bdb11%3A3%3A1","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:56.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"directlycascade.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Sep 2025 11:12:27 GMT","end":"Tue, 09 Dec 2025 11:12:26 GMT"},"fingerprint":{"sha1":"76:17:4A:20:73:64:94:52:3B:6A:50:E2:7C:F7:F5:73:52:38:47:A4","sha256":"66:CD:95:7F:5E:D7:56:27:7A:6F:3B:80:CB:84:DC:89:A0:F0:BB:44:49:55:B4:81:76:24:2E:38:E3:FC:78:29"}}},"request":{"raw":"GET /sbar.json?key=a032b4d33c8aea68a4f9b84235614bff\u0026uuid=5583e2ed-0c00-44e9-b116-f22f8f4bdb11%3A3%3A1 HTTP/1.1\r\nHost: directlycascade.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:56 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4682\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://otakustream.unblocked.surf\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=5583e2ed-0c00-44e9-b116-f22f8f4bdb11:3:1; expires=Sun, 19 Oct 2025 13:55:56 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Mon, 13 Oct 2025 13:55:56 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Mon, 13 Oct 2025 13:55:56 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Mon, 13 Oct 2025 13:55:56 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Mon, 13 Oct 2025 13:55:56 GMT; path=/; secure; SameSite=None\nu_pl22675059=1; expires=Mon, 13 Oct 2025 13:55:56 GMT; path=/; secure; SameSite=None\nsleca032b4d33c8aea68a4f9b84235614bff=[4323733]; expires=Sun, 12 Oct 2025 13:56:01 GMT; path=/; secure; SameSite=None\r\nHost: directlycascade.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 67e69d47cb7f79379c8d626778665439\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6010,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"83cadb44af53e47301300c19d1b69428","sha1":"e2c55834937e6f9d5ff0970ec736ba5c5f203ac5","sha256":"60ed66f043a3182a455975510a2cd9747a2e16e3c56644d4dabae011a9ad731c","sha512":"11d9046bd60538a38d646deb7e5f95bbecbe111a3cdc9b6b0b25986709e7f73c986c99d7e6a25bbb54e42de076293e092b6eb3ba262d7bc6ddfaff19d95978ff","ssdeep":"96:9zcjP25ERoJ86jVRY6rKcujucPAZQ86Lf5Njf/RJXZIlKLS62TyYqFRiJL35:9zi25ER6c6GcClAZQnLfH7XSlX6oyY7D","tlshash":"e0c19dbf189975726aeade15380a9efb1ee13d0af859098cde514f7cd0516a68383320","first_seen":"2025-10-12T13:56:27.850457Z","last_seen":"2025-10-12T13:56:27.850457Z","times_seen":1,"resource_available":false,"data":null}},"time_used":308,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:56.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 28 Aug 2025 13:14:02 GMT","end":"Wed, 26 Nov 2025 14:13:48 GMT"},"fingerprint":{"sha1":"7A:B2:21:7F:72:E3:39:3E:95:5D:FB:ED:BB:1C:7E:88:C4:7A:B1:B3","sha256":"FB:1D:6D:AF:DA:57:8D:9A:8B:B2:CC:FF:A2:55:C8:F3:71:3D:49:77:06:FC:4D:6F:16:91:61:6F:89:1C:A3:CB"}}},"request":{"raw":"GET /gid.js HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 13:55:56 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://otakustream.unblocked.surf\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=080260347c674ceeffd7b614fc0547e8; expires=Mon, 12 Oct 2026 13:55:56 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 98d7190639e74e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"c7d5641789b437e36c310ab9d0a65433","sha1":"fe9608f7af7646822199d057dd2c0812ee5772be","sha256":"5e8679bcbc91fbc91a922b2fa392446ad3770ec1ae4e5e8cf2a8c951622bf4f7","sha512":"34084d654638d5348fd01f40835900e3c9ce3f37a8767a9e4464284bf37a2bae6970146dbb2637cc1eca9a9113d268f7e550185289cf019224b0e67c2c1c3cb3","ssdeep":"","tlshash":"91a002b0185809d494901e393b8a9a5340944199b549636841e6d052299765c4647349","first_seen":"2025-10-12T13:56:27.853341Z","last_seen":"2025-10-12T13:56:27.853341Z","times_seen":1,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":60,"dns":1,"connect":1,"send":0,"wait":34,"receive":0,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/ren.gif?sid=H4sIAAAAAAAC_1RSTWgkRRitTvamIP7gTeiDBwWZ9Ez3zM64h2Xj7ko0JjEbCeKpuqt7Uqa6qq2qnp6Ml2BAFjw4e9Nb502yQQ2iiEdhmXiRoLAtiDlsLh49CgteRGYyEP2gv-99vD689776eD8_Jz5yerb2lhpwIehCs-a5L21yyVRh3JUNt-7VvGvuJpet4JrbnzTde7XuBzXvZff1ONpWCw2v7nl1r-7e5jpOVH9hyoJnx516rePVgkat3gzQ1__fTe7AUAesd06eAWfVU38k74FHY8j0m5ux2bYqe-VWmgtqlUaPHb0jt6UqJNJLmGgHiTya_Q1lKkI-m4OSRzMHUL2DiQOEvCJzzz9CKI9mMhH2Di-UhgKxRMieQNEbIxZjcDpGpPbA2UMCRAwrq5Dp_RWlC7pzwdIJW5Erj_8CLypy5dFzkOnXi4L33TtK5JYradBPSvD-GLw7RpafwA7mwIsTRPYjcPYLWXi8DJkerBqhwFk5dc-TMahxkE8-7iBPHOSZg5SduYHXDqI69VtJh0VXvYAGAYtDr9NueB7tRFeRRxNZQ9hsiEgMEeldZHoX2_zew-B76PwBzFYJwxwYWxHn7V30WIkiJigMQUEJCk5QWIKiVx4yYRqmvM-EycP6bDZm0y9Hynb36aGy3VgSUD2EZuUBzz4we4js_GiQGDZSk0ZDW45oyMr97Jw8PQnOefcfg-34zKWe3wgD5vtRm8a01aZB0gnbQcNvtupBmCQwvAQ3c9NMBrwiV6ufkPGKkE9_R0hPYMQJIj4Pmr8AWpSgWyUG8phxnWnV36lFKgVTJTJ7BXbH2Rfn5NnR-sbig-n9bvz9OeLo9PpvybQQ6RKZLvE-_5GgK-6O1lVBDtZVYci3q5nlKR_QyW3vWGrj-S_fjHcKpdnSTTP84kY0ISbweCM2dplKxmXXkK8WOWOxvq10FJMflsxmHK7lZmsx1zLPltdeu72UZjo2his5BuUVcT78GRGvyJNv3Jq-2xeXPkGU7cJklzqNIggzB4ITiPiUzAo0LGH-s4eXeN_cRVc7oHYPMi3R0yV6ogQVQ5h8fmQzfXr9V39aCIUzCoV2DkKhxb2LnAw_c5uN0G-12604abHEZ37DZ52mF3cC2mkFnaAJa6qtP78T_wYAAP__S9XaKFoEAAA=","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:56.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 21:51:40 GMT","end":"Thu, 01 Jan 2026 21:51:39 GMT"},"fingerprint":{"sha1":"AC:0E:0A:1C:AA:E5:DB:3D:5E:08:F6:26:F1:1D:98:65:42:D8:4F:97","sha256":"24:D8:C8:0C:EB:CB:B6:51:7E:D6:F0:16:2A:4D:4C:93:AF:30:D4:E9:B0:FF:9D:5C:C7:9E:8F:A5:CE:E2:1A:E1"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSTWgkRRitTvamIP7gTeiDBwWZ9Ez3zM64h2Xj7ko0JjEbCeKpuqt7Uqa6qq2qnp6Ml2BAFjw4e9Nb502yQQ2iiEdhmXiRoLAtiDlsLh49CgteRGYyEP2gv-99vD689776eD8_Jz5yerb2lhpwIehCs-a5L21yyVRh3JUNt-7VvGvuJpet4JrbnzTde7XuBzXvZff1ONpWCw2v7nl1r-7e5jpOVH9hyoJnx516rePVgkat3gzQ1__fTe7AUAesd06eAWfVU38k74FHY8j0m5ux2bYqe-VWmgtqlUaPHb0jt6UqJNJLmGgHiTya_Q1lKkI-m4OSRzMHUL2DiQOEvCJzzz9CKI9mMhH2Di-UhgKxRMieQNEbIxZjcDpGpPbA2UMCRAwrq5Dp_RWlC7pzwdIJW5Erj_8CLypy5dFzkOnXi4L33TtK5JYradBPSvD-GLw7RpafwA7mwIsTRPYjcPYLWXi8DJkerBqhwFk5dc-TMahxkE8-7iBPHOSZg5SduYHXDqI69VtJh0VXvYAGAYtDr9NueB7tRFeRRxNZQ9hsiEgMEeldZHoX2_zew-B76PwBzFYJwxwYWxHn7V30WIkiJigMQUEJCk5QWIKiVx4yYRqmvM-EycP6bDZm0y9Hynb36aGy3VgSUD2EZuUBzz4we4js_GiQGDZSk0ZDW45oyMr97Jw8PQnOefcfg-34zKWe3wgD5vtRm8a01aZB0gnbQcNvtupBmCQwvAQ3c9NMBrwiV6ufkPGKkE9_R0hPYMQJIj4Pmr8AWpSgWyUG8phxnWnV36lFKgVTJTJ7BXbH2Rfn5NnR-sbig-n9bvz9OeLo9PpvybQQ6RKZLvE-_5GgK-6O1lVBDtZVYci3q5nlKR_QyW3vWGrj-S_fjHcKpdnSTTP84kY0ISbweCM2dplKxmXXkK8WOWOxvq10FJMflsxmHK7lZmsx1zLPltdeu72UZjo2his5BuUVcT78GRGvyJNv3Jq-2xeXPkGU7cJklzqNIggzB4ITiPiUzAo0LGH-s4eXeN_cRVc7oHYPMi3R0yV6ogQVQ5h8fmQzfXr9V39aCIUzCoV2DkKhxb2LnAw_c5uN0G-12604abHEZ37DZ52mF3cC2mkFnaAJa6qtP78T_wYAAP__S9XaKFoEAAA= HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl15816950=1; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[4323737]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:56 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 641c20f1d9e8dbd2ea29b5e30e02a7d1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:57 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\netag: W/\"65aa84fe-1499c\"\r\nage: 1254991\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r0JQ6vv08vPw25bfTdjabEGLMu3EA96XmkBRU77%2Fpi1rweCX3EXKuvUULvgDU%2Bkv523%2BkNILlv1DTkse%2F8oveRU6ckldS5V8Qn0d0qDJ\"}]}\r\ncf-ray: 98d7190d5b15569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84380,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32025)","md5":"4a356126b9573eb7bd1e9a7494737410","sha1":"8258d046f17dd3c15a5d3984e1868b7b5d1db329","sha256":"22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5","sha512":"005c3102459dbf145df6a858629d6a6de4598fafe24cd989d86170731b0c3b3c304da470cf66bfd935f6db911b723df0857b5ed561906f7f1c5c4e63ed9430de","ssdeep":"1536:/P10iSi65U/dXXeyhzeBuG+HYE0mdkuJO1z6Oy4sh3J1A72BjmN7TwpDKba98HrZ:++414Jiz6fh6lTqya98HrZ","tlshash":"dc83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-27T15:32:25.265227Z","times_seen":16942,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Fother%2Fadzilla%2Fbig%2F2%2Fjs%2Fscript.js\u0026l=397\u0026fd=483","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:58.001Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Fother%2Fadzilla%2Fbig%2F2%2Fjs%2Fscript.js\u0026l=397\u0026fd=483 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:58 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/wp-content/uploads/2019/05/94192l.jpg","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unblocked.surf","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Sep 2025 17:45:34 GMT","end":"Fri, 12 Dec 2025 08:58:58 GMT"},"fingerprint":{"sha1":"DE:FB:70:01:C2:20:57:F0:69:25:01:90:DB:D4:2B:C1:22:26:63:C3","sha256":"05:CD:5B:D9:9F:C1:63:EB:98:C7:46:F1:57:D5:54:9E:CF:63:0D:2F:42:03:B6:28:CA:B4:B3:1F:60:64:13:89"}}},"request":{"raw":"GET /wp-content/uploads/2019/05/94192l.jpg HTTP/1.1\r\nHost: otakustream.unblocked.surf\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:55 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Gulj9%2BSlvRrI9W1mVsqsQO74kg8bHAZoPvVAdAm29Q6YU2cqeOivlVAIlXEVTIzdQsRQ11GysWOsKg4gn%2FOt4z37joToZNr45nv3ehfD87R6DXOLhzf0jQ%3D%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 12 Oct 2025 13:55:55 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98d718fccc82b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30710,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 270x409, components 3","md5":"a5340b42e6674fbcfd1c1b0b7a7698d6","sha1":"b319c54f2960f456fbaac27a0d58d86e5ac22736","sha256":"7fb4e69422a07c9c856a32c6b14d71a41307d637fc79f294904fa70a39c1aaf3","sha512":"a637dc594057f29129fdb8dac058a95c963049ba4b5579e729547333422fbb75801b1d2e6c087080eaa37e256e3fb01f4cc160eabf0dc03703f982046aa66294","ssdeep":"768:5SHQyXkdnwH0Db7wNB5XlBx3zy1d8GrHmj6Uqr:5SHFuv7iBJWd80br","tlshash":"a2d2f280b5c37630eb63dc77243bc29dbac2a458a7d6f32d0515e370d0293aead84e94","first_seen":"2025-07-16T15:44:51.422305Z","last_seen":"2026-03-25T03:25:34.331948Z","times_seen":31,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"otakustream.unblocked.surf","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"matomo.hellohi.me/matomo.js","fqdn":"matomo.hellohi.me","domain":"hellohi.me","tld":"me"},"ip":{"addr":"172.67.219.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hellohi.me","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Sep 2025 02:30:09 GMT","end":"Wed, 10 Dec 2025 03:27:45 GMT"},"fingerprint":{"sha1":"77:E9:73:0D:B1:FF:D8:33:D2:70:E5:D7:AC:43:15:25:3B:5E:8E:B7","sha256":"1F:E0:AF:A2:3A:69:98:87:C5:49:EF:0B:41:08:52:24:C5:3A:2B:56:AD:92:AD:93:7F:5C:00:22:3F:66:FE:4E"}}},"request":{"raw":"GET /matomo.js HTTP/1.1\r\nHost: matomo.hellohi.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sun, 12 Oct 2025 13:55:55 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gki%2F56KgweDYZ49cJcyI5cO%2F6QG7xUp16gRi%2BN7niN%2FaiBzRjASF245qD4ed8rlEH5pfo4eEep9rKDMDj2erEcWxSvgLiLQ3swohHMPhvw%3D%3D\"}]}\r\nage: 48\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 98d719010f69712b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":263,"timings":{"blocked":112,"dns":5,"connect":5,"send":0,"wait":14,"receive":0,"ssl":124},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/ren.gif?sid=H4sIAAAAAAAC_1RSQWgkRRStzgYPehCNeBMGTwoy6e7pmUy7BzGukWA2idlIBEGoruqelFNT1VZ1T0_mFAzI4sXZmzc7b5INahBFPArLxNuCkPFiDpuLR0-LkLPMZCD6of9_v18d3ntVXxzml6SGnF5s3tV9ISVdrFfdyms7QnFd2Mr6dsVzq-7tyo5QjeB2pTdppvumVwuq7uuV92LW1ou-67mu53qVFWHiRPcWpyxEehp61dCtBn7Vqwfomf_vNndgqQPevSQvQvDx838lH0OwEVTnxzuxbWc6fePdTi5ppg26_ORD1Va6UOjcwMQ4SNTJ7DS0HRPy9Ry0Opk5gO4eTRwgEmMy9_ITROpkJhNR9_haaSQRK0T8ORTdEWI5gqAjMH0Awc8JwDjWN6A6D9e1KejeNUsn7JjMX_0DUYzJ_JOXoDo_LEvRq9zTMs-EVha9pITojSBaI6T5GbL-HERxBpZ9DsF_J4tXa1Cdow0rNQQvp-5FMgK1DvLJJxzkiYM8ddDhF5XAbQbMo7VGEnK25AY0CHgcuWHTd10asiXkbCJrgCwdgMkBmNlHavbRFg_Og19g8kewuyUsd2CzMXE-2EeXlyhigsISFJSgEARFRlB0y2MurW_Lh1zaPPJm05_NWjnUWeuQHuusFSsCagYwvDwS6Wf2ACy7Newnlg_1pNEoK4c04uVheklemAb39KMrtOOLCvWbjdD1l0KPLiUBC5sRi7y46fk132d8qQkrSgg7N82kL8bEKS-RijEhX_2JiJ7ByjMw8Spo_gpoUYLuluir01xFUrN2zKuCg-sSaTaPbM85lJdkYbi1vfxoKuOTBYOYPSazAjMlUlPiU_EbQUveH27pghxt6cKSnzbSTHREn07u9l5Gs_iZ796P9wpt-OodO_j2bTYhJvB0O7bZGlVcqJYl3y8LzmOzog2Lya-rdieONnO7u5wbladrm--srHZSE1srtBqBijF59umXYGJMFs5vTd9t_e43YOk-bHqj02qCKHUgBYGMb_7TqIT9zx7d4EN7Hy3jgGYHUJ0SXVOiK0tQOYDNbw2z1Dx-64_atBBJZxhJ4xxF0sgH1zlZcVGp-1Gt0Ww24qTBkxqv-TUe1t04DGjYCMKgjsyOd__-Wf4bAAD__2-8SJhaBAAA","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:56.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 21:51:40 GMT","end":"Thu, 01 Jan 2026 21:51:39 GMT"},"fingerprint":{"sha1":"AC:0E:0A:1C:AA:E5:DB:3D:5E:08:F6:26:F1:1D:98:65:42:D8:4F:97","sha256":"24:D8:C8:0C:EB:CB:B6:51:7E:D6:F0:16:2A:4D:4C:93:AF:30:D4:E9:B0:FF:9D:5C:C7:9E:8F:A5:CE:E2:1A:E1"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSQWgkRRStzgYPehCNeBMGTwoy6e7pmUy7BzGukWA2idlIBEGoruqelFNT1VZ1T0_mFAzI4sXZmzc7b5INahBFPArLxNuCkPFiDpuLR0-LkLPMZCD6of9_v18d3ntVXxzml6SGnF5s3tV9ISVdrFfdyms7QnFd2Mr6dsVzq-7tyo5QjeB2pTdppvumVwuq7uuV92LW1ou-67mu53qVFWHiRPcWpyxEehp61dCtBn7Vqwfomf_vNndgqQPevSQvQvDx838lH0OwEVTnxzuxbWc6fePdTi5ppg26_ORD1Va6UOjcwMQ4SNTJ7DS0HRPy9Ry0Opk5gO4eTRwgEmMy9_ITROpkJhNR9_haaSQRK0T8ORTdEWI5gqAjMH0Awc8JwDjWN6A6D9e1KejeNUsn7JjMX_0DUYzJ_JOXoDo_LEvRq9zTMs-EVha9pITojSBaI6T5GbL-HERxBpZ9DsF_J4tXa1Cdow0rNQQvp-5FMgK1DvLJJxzkiYM8ddDhF5XAbQbMo7VGEnK25AY0CHgcuWHTd10asiXkbCJrgCwdgMkBmNlHavbRFg_Og19g8kewuyUsd2CzMXE-2EeXlyhigsISFJSgEARFRlB0y2MurW_Lh1zaPPJm05_NWjnUWeuQHuusFSsCagYwvDwS6Wf2ACy7Newnlg_1pNEoK4c04uVheklemAb39KMrtOOLCvWbjdD1l0KPLiUBC5sRi7y46fk132d8qQkrSgg7N82kL8bEKS-RijEhX_2JiJ7ByjMw8Spo_gpoUYLuluir01xFUrN2zKuCg-sSaTaPbM85lJdkYbi1vfxoKuOTBYOYPSazAjMlUlPiU_EbQUveH27pghxt6cKSnzbSTHREn07u9l5Gs_iZ796P9wpt-OodO_j2bTYhJvB0O7bZGlVcqJYl3y8LzmOzog2Lya-rdieONnO7u5wbladrm--srHZSE1srtBqBijF59umXYGJMFs5vTd9t_e43YOk-bHqj02qCKHUgBYGMb_7TqIT9zx7d4EN7Hy3jgGYHUJ0SXVOiK0tQOYDNbw2z1Dx-64_atBBJZxhJ4xxF0sgH1zlZcVGp-1Gt0Ww24qTBkxqv-TUe1t04DGjYCMKgjsyOd__-Wf4bAAD__2-8SJhaBAAA HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl15816950=1; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[4323737]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:56 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: c97a39d9f6bc307b38e427de4ff9252e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/impr.gif?sid=H4sIAAAAAAAC_1RSQWgkRRStzi4e9CC64k0YPCnIpHumk5lxD2JcI8FsErORCIJQXVU9Kaemqq3qnp7MKRiQxYuzN2923iQb1CCKeBSWibcFIe3FHDYXj54WIWeZyUD0Q___fr86vPeqvjjILkgdGT3fuGsGUik6v1D1K69tS81N7iprW5XAr_q3K9tSL4a3K_1Js703g3pY9V-vvCdYx8zX_MD3Az-oLEsrYtOfn7KQyUkrqLb8alirBgsh-vb_u8s8OOqB9y7Ii5C8fP6v-GNINobu_nhHuE5qkjfe7WaKpsaix48_1B1tco3uNYyth1gfz07DuJKQr-dg9PHMAUzvcOIAkSzJ3MtPEOnjmUxEvaMrpZGC0Ij4c8h7Ywg1hqRjMLMPyc8IwDjW1qG7D9eMzenuFUsnbEluXv4DmZfk5pOXoLs_LCnZr9wzKkul0Q79uIDsjyHbYyTZKdLBHGR-CpZ-Dsl_J_OXq9Ddw3WnDCQvpu5lPAZ1HrLJJz1ksYcs8dDl55XQb4YsoPXFuMVZww9pGHIR-a1mzfdpizWQsYmsIdJkCKaGYHYPid1DRz44C3-BzR7B7RRw3INLS-J9sIceL5ALgtwR5JQglwR5SpD3iiOuXM0VD7lyWRTMZm0268XIpO0DemTSttAE1A5heXEok8_cPlh6YzSIHR-ZSaNRWoxoxIuD5IK8MA3u6UeX6IjzCq01F1t-rdEKaCMOWasZsSgQzaBWr9UYbzThZAHp5qaZDGRJvOICiSwJ-epPRPQUTp2CyVdBs1dA8wJ0p8BAn2Q6UoZ1BK9KDm4KJOlNpLvegbogt0abW0uPpjI-uWUh2GMyKzBbILEFPpW_EbTV_dGmycnhpskd-Wk9SWVXDujkbu-lNBXPfPe-2M2N5St33PDbt9mEmMCTLeHSVaq51G1Hvl-SnAu7bCwT5NcVty2ijcztLGVWZ8nqxjvLK93ECuek0WNQWZJnn34JJkty6-zG9N0u3P0GLNmDS651OkMQJR6UJFDi-j-NCrj_7NE1PnD30bYeaLoP3S3QswV6qgBVQ7jsxihN7OO3_qhPC5HyRpGy3mGkrHpwlZOT55W4LmrM95uNxaDejEVQDzmLF5phiy9Sv14XSF258_fP6t8AAAD__5PU2EZaBAAA","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:58.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 21:51:40 GMT","end":"Thu, 01 Jan 2026 21:51:39 GMT"},"fingerprint":{"sha1":"AC:0E:0A:1C:AA:E5:DB:3D:5E:08:F6:26:F1:1D:98:65:42:D8:4F:97","sha256":"24:D8:C8:0C:EB:CB:B6:51:7E:D6:F0:16:2A:4D:4C:93:AF:30:D4:E9:B0:FF:9D:5C:C7:9E:8F:A5:CE:E2:1A:E1"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSQWgkRRStzi4e9CC64k0YPCnIpHumk5lxD2JcI8FsErORCIJQXVU9Kaemqq3qnp7MKRiQxYuzN2923iQb1CCKeBSWibcFIe3FHDYXj54WIWeZyUD0Q___fr86vPeqvjjILkgdGT3fuGsGUik6v1D1K69tS81N7iprW5XAr_q3K9tSL4a3K_1Js703g3pY9V-vvCdYx8zX_MD3Az-oLEsrYtOfn7KQyUkrqLb8alirBgsh-vb_u8s8OOqB9y7Ii5C8fP6v-GNINobu_nhHuE5qkjfe7WaKpsaix48_1B1tco3uNYyth1gfz07DuJKQr-dg9PHMAUzvcOIAkSzJ3MtPEOnjmUxEvaMrpZGC0Ij4c8h7Ywg1hqRjMLMPyc8IwDjW1qG7D9eMzenuFUsnbEluXv4DmZfk5pOXoLs_LCnZr9wzKkul0Q79uIDsjyHbYyTZKdLBHGR-CpZ-Dsl_J_OXq9Ddw3WnDCQvpu5lPAZ1HrLJJz1ksYcs8dDl55XQb4YsoPXFuMVZww9pGHIR-a1mzfdpizWQsYmsIdJkCKaGYHYPid1DRz44C3-BzR7B7RRw3INLS-J9sIceL5ALgtwR5JQglwR5SpD3iiOuXM0VD7lyWRTMZm0268XIpO0DemTSttAE1A5heXEok8_cPlh6YzSIHR-ZSaNRWoxoxIuD5IK8MA3u6UeX6IjzCq01F1t-rdEKaCMOWasZsSgQzaBWr9UYbzThZAHp5qaZDGRJvOICiSwJ-epPRPQUTp2CyVdBs1dA8wJ0p8BAn2Q6UoZ1BK9KDm4KJOlNpLvegbogt0abW0uPpjI-uWUh2GMyKzBbILEFPpW_EbTV_dGmycnhpskd-Wk9SWVXDujkbu-lNBXPfPe-2M2N5St33PDbt9mEmMCTLeHSVaq51G1Hvl-SnAu7bCwT5NcVty2ijcztLGVWZ8nqxjvLK93ECuek0WNQWZJnn34JJkty6-zG9N0u3P0GLNmDS651OkMQJR6UJFDi-j-NCrj_7NE1PnD30bYeaLoP3S3QswV6qgBVQ7jsxihN7OO3_qhPC5HyRpGy3mGkrHpwlZOT55W4LmrM95uNxaDejEVQDzmLF5phiy9Sv14XSF258_fP6t8AAAD__5PU2EZaBAAA HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl15816950=1; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[4323737]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:58 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ccc743ab910f0c7792fbba6b911bbeb1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:58.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 12:56:02 GMT\r\nexpires: Fri, 09 Oct 2026 12:56:02 GMT\r\ncache-control: public, max-age=31536000\r\nage: 262796\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-27T16:19:40.943419Z","times_seen":766333,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.043Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 21:51:40 GMT","end":"Thu, 01 Jan 2026 21:51:39 GMT"},"fingerprint":{"sha1":"AC:0E:0A:1C:AA:E5:DB:3D:5E:08:F6:26:F1:1D:98:65:42:D8:4F:97","sha256":"24:D8:C8:0C:EB:CB:B6:51:7E:D6:F0:16:2A:4D:4C:93:AF:30:D4:E9:B0:FF:9D:5C:C7:9E:8F:A5:CE:E2:1A:E1"}}},"request":{"raw":"GET /a2/86/90/a286902791a7f4c98bcb1e812322cd78.js HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:55 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 29984\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 4ea8720aeea649527738b367fa01990e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":76558,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"a6651c0f4c8c66b6caf8271719e1d5e2","sha1":"d6b88ff7e7e98179864b743df8079e5a30520e27","sha256":"bdd32a886380243adc01f199f6fae93484be5f7b5d369bf60c3ed98789593ce0","sha512":"f1dc871230cfcdedb9045affff57575a9842d6590b6ec152adb44fdba55f89c1b3fa8dc9ad58843ceaa6ec11d3c6c0d2eab67750de588e1767fc30c24956a54c","ssdeep":"1536:ic4Bys1/N5gpvcZFr372CvGJWH1EaTmj2wq/j:gmvcLhGJWH1ECmaj","tlshash":"5873d9883f96b0a403a2b4b3261fd50ee53a4d52648cf4dcda1794d8ed6cf1bfa39914","first_seen":"2025-10-08T10:28:20.528257Z","last_seen":"2025-10-12T13:56:27.863313Z","times_seen":11,"resource_available":true,"data":null}},"time_used":825,"timings":{"blocked":298,"dns":41,"connect":95,"send":0,"wait":97,"receive":101,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.558Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 26596\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 11:47:50 GMT\r\nexpires: Fri, 09 Oct 2026 11:47:50 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 15 Sep 2025 16:30:32 GMT\r\ncontent-type: font/woff2\r\nage: 266885\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26596,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 26596, version 1.0","md5":"dae1850484b86d299c31bc08aaa563cf","sha1":"dca808d6d16965c40bfba4e4b3c8a819f843890d","sha256":"8f80f993e523f2e6c2d097552740fd26331658da23ffad31d26edcdd3aeec370","sha512":"69b34f2652aa731ad29fe49a8cea85ebe4ef402573a10048598667f94b7a7855e534121f22d7749b81762b3176f437de607745df82b71484c4ab7c9f8bfd40e9","ssdeep":"384:nYOl9Z/81DjYTaXQMfCMNASNEVM9mYQdpx1sLt/zEkNKxgmS8AXACAU:pJ8NY2XQk0omjdKvKxgCAXACAU","tlshash":"9ac2e13f487a2046c71227f8ee5fc9b571c360a35ab32345c26748650db0ea93f86776","first_seen":"2025-05-29T21:46:50.299968Z","last_seen":"2026-04-27T16:13:52.801965Z","times_seen":32327,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":82,"dns":1,"connect":23,"send":0,"wait":12,"receive":4,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:55 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 66705c8395fc5d3ca429c5de49187180\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":2,"connect":20,"send":0,"wait":23,"receive":18,"ssl":56},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/cdn-cgi/challenge-platform/h/g/jsd/r/0.31093954321451195:1760099306:PYl1JJi_a61rqQmhSomRc7mzq5WI4fFR_laoGfpN5iA/98d718f979d70b31","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:56.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unblocked.surf","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Sep 2025 17:45:34 GMT","end":"Fri, 12 Dec 2025 08:58:58 GMT"},"fingerprint":{"sha1":"DE:FB:70:01:C2:20:57:F0:69:25:01:90:DB:D4:2B:C1:22:26:63:C3","sha256":"05:CD:5B:D9:9F:C1:63:EB:98:C7:46:F1:57:D5:54:9E:CF:63:0D:2F:42:03:B6:28:CA:B4:B3:1F:60:64:13:89"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/jsd/r/0.31093954321451195:1760099306:PYl1JJi_a61rqQmhSomRc7mzq5WI4fFR_laoGfpN5iA/98d718f979d70b31 HTTP/1.1\r\nHost: otakustream.unblocked.surf\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 12092\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nCookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=aba0f8c6-d4c4-4e82-92ca-6a868e80a4f2%3A3%3A1; sb_main_a286902791a7f4c98bcb1e812322cd78=1; sb_count_a286902791a7f4c98bcb1e812322cd78=1; sb_main_a032b4d33c8aea68a4f9b84235614bff=1; sb_count_a032b4d33c8aea68a4f9b84235614bff=2; pp_main_2200540f09f939738419313a1a090c32=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/plain; charset=UTF-8\r\ndate: Sun, 12 Oct 2025 13:55:56 GMT\r\ncontent-length: 0\r\nset-cookie: cf_clearance=.UN6SCvfVMRetJLeX7bWgoKpThLGDjO2OC4qs18zwoQ-1760277356-1.2.1.1-.947D5KBkbbTIvqmMshWX4U6QvaLNY2qeaYfwcFbUPDQ98dHQICVkTDFlVNBfMoS9l94.BvLTVoAFAXuOydp6rLNJzZIviFAJZTGcW_XFSsnnBASQSV3moFxS.TKVUxUtlXzKPz6p0.qLJ5e5_KB6f2a_MeoCkM1X_j068nK7Rv_JWxFtDkbodvUEgPm32Ix2_A0yeZe0e3UvP_YOK1nJZRzjyHhLncooO8zTcX8hMc; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=unblocked.surf; Expires=Mon, 12 Oct 2026 13:55:56 GMT\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncf-ray: 98d719059cd2b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"otakustream.unblocked.surf","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Fother%2Fadzilla%2Fbig%2F2%2Findex.html\u0026l=844\u0026fd=173","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.005Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Fother%2Fadzilla%2Fbig%2F2%2Findex.html\u0026l=844\u0026fd=173 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:57 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/pixel/sbs?c=1","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:58.484Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"directlycascade.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Sep 2025 11:12:27 GMT","end":"Tue, 09 Dec 2025 11:12:26 GMT"},"fingerprint":{"sha1":"76:17:4A:20:73:64:94:52:3B:6A:50:E2:7C:F7:F5:73:52:38:47:A4","sha256":"66:CD:95:7F:5E:D7:56:27:7A:6F:3B:80:CB:84:DC:89:A0:F0:BB:44:49:55:B4:81:76:24:2E:38:E3:FC:78:29"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: directlycascade.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nCookie: uid_id2=5583e2ed-0c00-44e9-b116-f22f8f4bdb11:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[4323733]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:58 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: directlycascade.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:58.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 12:56:02 GMT\r\nexpires: Fri, 09 Oct 2026 12:56:02 GMT\r\ncache-control: public, max-age=31536000\r\nage: 262796\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-27T16:19:40.943419Z","times_seen":766333,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/wp-content/uploads/2019/03/13357l.jpg","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unblocked.surf","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Sep 2025 17:45:34 GMT","end":"Fri, 12 Dec 2025 08:58:58 GMT"},"fingerprint":{"sha1":"DE:FB:70:01:C2:20:57:F0:69:25:01:90:DB:D4:2B:C1:22:26:63:C3","sha256":"05:CD:5B:D9:9F:C1:63:EB:98:C7:46:F1:57:D5:54:9E:CF:63:0D:2F:42:03:B6:28:CA:B4:B3:1F:60:64:13:89"}}},"request":{"raw":"GET /wp-content/uploads/2019/03/13357l.jpg HTTP/1.1\r\nHost: otakustream.unblocked.surf\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:55 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FMLesdoECkVwc5rqb1W7mEXK%2FHyelpBKhyYjEpWcTUtvYFjdwmKQyUv56h9GXTTTjCpVgu90eZ4%2BrG7%2Fbay2ihhMSNwt2DbN37OOxk9uDrSaKiGpxGW8rA%3D%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 12 Oct 2025 13:55:55 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98d718fcbc7db4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27985,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x450, components 3","md5":"f5c3e1ea8f214395ccb4646a52288ae5","sha1":"6a0cdeceb0748630e24322df2b58f038e4570c33","sha256":"32a0694d69ce825053e8b5fa169ff4a23c5b0e6f0eadf9868557033fcb406b7b","sha512":"1694688790a3a651eac2e2a87297c2141da3236dee7c23cb1f05db2d9ccba32af2f46e231454a5277c14c95eca1f5aec3aee3491e05ab6940f35e4304f5ab1da","ssdeep":"768:JxbpY3l2h7I4knkRQ0932P8hKzsTTKtlbKTZHo5E:JhpelipKJEgQTZHn","tlshash":"59c2e0d77827b534e95af8bd0756a321f62d7c0f7b02874c1de22d902a1b1a4f89f948","first_seen":"2025-07-16T15:44:51.419344Z","last_seen":"2026-03-25T03:25:34.328272Z","times_seen":31,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"otakustream.unblocked.surf","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/wp-content/uploads/2019/06/95414l.jpg","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unblocked.surf","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Sep 2025 17:45:34 GMT","end":"Fri, 12 Dec 2025 08:58:58 GMT"},"fingerprint":{"sha1":"DE:FB:70:01:C2:20:57:F0:69:25:01:90:DB:D4:2B:C1:22:26:63:C3","sha256":"05:CD:5B:D9:9F:C1:63:EB:98:C7:46:F1:57:D5:54:9E:CF:63:0D:2F:42:03:B6:28:CA:B4:B3:1F:60:64:13:89"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/95414l.jpg HTTP/1.1\r\nHost: otakustream.unblocked.surf\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:55 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pr4fw3s9lwL%2B0lHlDmlv1Ppef7noz%2BdcA4YG29K64MhR9GkAvUv9%2BQGWtRg%2FYR9%2B6KSEiDuVUEJwMpWfDfejGLO8k%2BBcIACpln4Tu7nKxkGKDX38vcaZvw%3D%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 12 Oct 2025 13:55:55 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98d718fcbc7fb4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49289,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 418x592, components 3","md5":"c1aabb8ddf18a67b32a345877c18824d","sha1":"4ade04ffd85798d0e6e6d4bfa735cd4c9cdb7c6d","sha256":"0d3c6d81f201b360799d088223519ae79e51950b4314c52b396b943c2c7a99b2","sha512":"9ecf7b495de776d950f3e70a2225e5fe1892ae8cf46f3630d7649cf7bbdc5dfc6691cb5afbfc66e1014dff0b5d4d103abc5eb9bde65f75bf8e88474265d281f3","ssdeep":"1536:/kRuCl24SytIu5/MNCJWd43/xdYYGbaFxX9erq/:3Cl24SyaQC4vxaYWsbsU","tlshash":"8623f11bb48502c2816ad171b7e7e7b6174c38baaf75942e804d9dc39eb85b09d93113","first_seen":"2025-07-16T15:44:51.443804Z","last_seen":"2025-10-12T13:56:27.880676Z","times_seen":8,"resource_available":false,"data":null}},"time_used":286,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":56,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"otakustream.unblocked.surf","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"directlycascade.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Sep 2025 11:12:27 GMT","end":"Tue, 09 Dec 2025 11:12:26 GMT"},"fingerprint":{"sha1":"76:17:4A:20:73:64:94:52:3B:6A:50:E2:7C:F7:F5:73:52:38:47:A4","sha256":"66:CD:95:7F:5E:D7:56:27:7A:6F:3B:80:CB:84:DC:89:A0:F0:BB:44:49:55:B4:81:76:24:2E:38:E3:FC:78:29"}}},"request":{"raw":"GET /a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js HTTP/1.1\r\nHost: directlycascade.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:55 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 29956\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: directlycascade.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: bed3de1c5c930163ad6849f7f07e4f4f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":76520,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6751d07d6345c114ac5682f5b79fcc49","sha1":"e8831053bbb733a7916241b63de7a4b880df821d","sha256":"1f3c86a87513aa4a4de1491eccfce5e02db906b2851ecfe30827c5371a18a027","sha512":"d4338809cdcb09e265e7d128394fba0a1b75cf281e62808c526b05b58a8f9a7e8102bbeddef4927d74042c43babfc5c75ef4a3c64c9ac3e383a60715a19e8805","ssdeep":"1536:ic4Bys1/N5gpvcZFr378CgGJWH1EaTmj2wqOk:gmvcLkGJWH1ECma/","tlshash":"0a73d9883f96b0a403a2b4b3252fd50ee13a4d52658cf4d8db1794d8ed6cf1bfa39914","first_seen":"2025-10-08T08:36:23.096286Z","last_seen":"2025-10-12T13:56:27.885458Z","times_seen":21,"resource_available":true,"data":null}},"time_used":760,"timings":{"blocked":268,"dns":14,"connect":95,"send":0,"wait":96,"receive":95,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/opensans/v44/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 19304\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 11:49:59 GMT\r\nexpires: Fri, 09 Oct 2026 11:49:59 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 15 Sep 2025 16:31:17 GMT\r\ncontent-type: font/woff2\r\nage: 266756\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19304,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 19304, version 1.0","md5":"1ab20c159c8cf68283eae05c7d8a25aa","sha1":"f8c87ecaf523138096f926201df2379633e3505a","sha256":"3b50909a098195a8a3fda73fe29c260724e6f9ca624dd750cb8af7cb0c9198e2","sha512":"68db4f537178b380c45d209276432fc46fe13c6f0250486cfbed71d8ccf894f9650d90aad4648f6d376408476bb52a7ca62fd2ca2f1276c50dfcc6091a28ad98","ssdeep":"384:+/NZ1h0ruzwahfbbCPpzmfttzNyVitnDOpUtmiy4TxVcmuoWn7FYgZV/sc:wQuzwaQP0HNyVi9DOpimiydJk+5","tlshash":"5082cf855d4fc1b6dd8260a6e58c684068ba2a1235593ee783fbe4cadf3f919a1014ac","first_seen":"2025-09-17T02:13:44.663193Z","last_seen":"2026-04-27T15:48:24.267533Z","times_seen":6464,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":76,"dns":1,"connect":8,"send":0,"wait":9,"receive":4,"ssl":84},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensanscondensed/v24/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/opensanscondensed/v24/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 16480\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 06 Oct 2025 23:19:03 GMT\r\nexpires: Tue, 06 Oct 2026 23:19:03 GMT\r\ncache-control: public, max-age=31536000\r\nage: 484612\r\nlast-modified: Mon, 08 Sep 2025 18:05:54 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16480,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16480, version 1.0","md5":"29c06a7423fa8b3bf06203691b8b6d86","sha1":"d843de87aed977b9d8dea19d3a171bd83a94efea","sha256":"de9f0e7b6e092b8a7ac503e4467565bacda3a7692590dd987ffd32bffb2da6a9","sha512":"9c014fe230d37215122cc681b5686f187300c4dbf417c8898b9703e4b463e6c55f0c34b18a869283d8ad9057d4ac3360e62c74bcb9f18cc2801e0455b64d061b","ssdeep":"384:A0gje0PjziJW2GSgdPoGF6pablfd6lVOCMeGIIts9xz:cjzPPiQ2LgdgLud6LiLtqz","tlshash":"3d72c00cc6ec24a3bd623bbc5db5d06292250c616f495a3c7d8f7c8a2d0a01cbee5d1a","first_seen":"2025-09-09T09:23:07.937461Z","last_seen":"2026-04-27T14:54:45.157379Z","times_seen":3466,"resource_available":false,"data":null}},"time_used":384,"timings":{"blocked":176,"dns":1,"connect":11,"send":0,"wait":11,"receive":1,"ssl":178},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:56 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3430\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: aa65390d0de035de8d8455b3b42807f1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6293,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6293), with no line terminators","md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"resource_available":true,"data":null}},"time_used":437,"timings":{"blocked":-1,"dns":36,"connect":92,"send":0,"wait":96,"receive":0,"ssl":213},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 13:55:57 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa84fe-13361\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BOMNRY5Esvt90bqO%2FLQuXrJtkbF%2F7XBtRdivICiVHXg3xuL3ogxYJD3ybuje1gjgRrhI9i%2BqfDT%2F1iqF9AVV9h86WkCFy6b9VULkYHh5\"}]}\r\ncf-ray: 98d7190c4839b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78689,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3d4123dbfb33d27a5cfdfcfa91df6783","sha1":"e7d0eeeec54b848f0bc3da8685fa3bc88429d660","sha256":"cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887","sha512":"75c8a48dc207595e201b50b87ff68782112a21aded9f15f14185c07d40f0151d6afe74a2b278aa575caf12ac422e8166316296ed7b6573ea24e667cca4af51dd","ssdeep":"384:jvuAuF81dghu3ublZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uLu7uNKwZiMUL6Vpaj7F","tlshash":"22731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-01-20T06:37:31Z","last_seen":"2026-04-27T15:32:25.129463Z","times_seen":10939,"resource_available":false,"data":null}},"time_used":465,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":465,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:57 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QYUt2942KRx49b7AKKD3vO2%2FMpmxyjYNVsSzeKlzG%2FI%2FTXiZLEjPblO3mhuosxXymNOQEy4PtqGxM1gHEKgps%2ByqdIzhDt1bDl7xpjREIrM%3D\"}]}\r\netag: W/\"65aa84fe-13361\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98d7190c6ea849c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78689,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3d4123dbfb33d27a5cfdfcfa91df6783","sha1":"e7d0eeeec54b848f0bc3da8685fa3bc88429d660","sha256":"cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887","sha512":"75c8a48dc207595e201b50b87ff68782112a21aded9f15f14185c07d40f0151d6afe74a2b278aa575caf12ac422e8166316296ed7b6573ea24e667cca4af51dd","ssdeep":"384:jvuAuF81dghu3ublZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uLu7uNKwZiMUL6Vpaj7F","tlshash":"22731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-01-20T06:37:31Z","last_seen":"2026-04-27T15:32:25.129463Z","times_seen":10939,"resource_available":false,"data":null}},"time_used":446,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":445,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/wp-content/themes/otakustream/static/assets/img/basic/otakustream_white.png","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unblocked.surf","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Sep 2025 17:45:34 GMT","end":"Fri, 12 Dec 2025 08:58:58 GMT"},"fingerprint":{"sha1":"DE:FB:70:01:C2:20:57:F0:69:25:01:90:DB:D4:2B:C1:22:26:63:C3","sha256":"05:CD:5B:D9:9F:C1:63:EB:98:C7:46:F1:57:D5:54:9E:CF:63:0D:2F:42:03:B6:28:CA:B4:B3:1F:60:64:13:89"}}},"request":{"raw":"GET /wp-content/themes/otakustream/static/assets/img/basic/otakustream_white.png HTTP/1.1\r\nHost: otakustream.unblocked.surf\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:55 GMT\r\ncontent-type: image/png\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=df0Dg673Qj563faaOX7pcCNOiuKoHJLV9bGSQ08OTaDJgdSuo4CuXMih16rWBPgGVnQgOSCesWEdD0Vke3chcqpDA5sfcw5o0iyQwF7shREThEDL8XvzUw%3D%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 12 Oct 2025 13:55:55 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98d718fcac75b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17518,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 476 x 96, 8-bit/color RGBA, non-interlaced","md5":"8c0e2533c3426b1f629e0116ae2d1555","sha1":"965fd5a176a5b16fc0afd3fd26cae47a4cadc66e","sha256":"3e00e452404fae09c88b927981a7ccb1ccd157ad77d5f573e57458092e012307","sha512":"ee617d34df16389ebda61a1d58ae883cb89244fab640ec3de519d1f18920d00bbc7708be3745c7b926c01e3c3ed9e4bfe855b9f86cd6e904747e6e297a34e676","ssdeep":"384:JGOrnNnhr2SUkPt9EC8pYXfw3JgbHLmIA9undEW+UXW:JvtV2Six+w3Cb5sgRm","tlshash":"ea72d0c64c488b4c48fe75c5ad3f13db98ad5222b4622d252d479efa46c5c00d67a78b","first_seen":"2025-07-16T15:44:51.427387Z","last_seen":"2026-03-25T03:25:34.337188Z","times_seen":32,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"otakustream.unblocked.surf","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 13:00:44 GMT\r\nexpires: Fri, 09 Oct 2026 13:00:44 GMT\r\ncache-control: public, max-age=31536000\r\nage: 262511\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-04-27T16:20:48.546736Z","times_seen":225538,"resource_available":false,"data":null}},"time_used":381,"timings":{"blocked":173,"dns":1,"connect":21,"send":0,"wait":10,"receive":2,"ssl":171},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:300,400,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"04:E6:D3:58:E3:A1:E3:05:2B:C3:56:5D:68:BB:1B:0A:08:C6:E3:FB","sha256":"25:4C:B3:A3:9A:E1:D7:FD:25:B6:BF:E9:AA:97:95:20:5D:F2:15:EA:41:46:B6:6B:01:17:19:26:EC:EF:D3:CA"}}},"request":{"raw":"GET /css?family=Roboto:300,400,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 12 Oct 2025 13:55:57 GMT\r\ndate: Sun, 12 Oct 2025 13:55:57 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"a90fc2bf15e304ef3fa4e7f75b6a8608","sha1":"0f8c2853b49a7c206d75af99117482d80a60f869","sha256":"6e10be4b6befecf6f3d1ae34b727939e6da334a1f2d815fd325ba9c455520772","sha512":"0d1a14e11c436dadf51cc489592867eaff3cae2c4a95748d2a25614c984560ad3588fb95e2aaafd4060d4954594951d09e71ab36e9859fb8590198811f156fc4","ssdeep":"384:pwf5wgwPwrwyUw/qY4+w4wYwpwfMw1wWw6wyhw/qY4XwNwtw4wfdwkwDw3wyQw/P:pc70afUQRptmJKBLfhQE8YTYHw+fQQVl","tlshash":"b472ed91041700009b835ce223cebf35fe5f92117141d0b9abfd9b6badcbc6652693ad","first_seen":"2025-09-08T23:24:40.129975Z","last_seen":"2025-11-18T23:33:55.863403Z","times_seen":3582,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js\u0026l=962\u0026fd=459","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:58.162Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js\u0026l=962\u0026fd=459 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:58 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/app/apx19.js","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.042Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unblocked.surf","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Sep 2025 17:45:34 GMT","end":"Fri, 12 Dec 2025 08:58:58 GMT"},"fingerprint":{"sha1":"DE:FB:70:01:C2:20:57:F0:69:25:01:90:DB:D4:2B:C1:22:26:63:C3","sha256":"05:CD:5B:D9:9F:C1:63:EB:98:C7:46:F1:57:D5:54:9E:CF:63:0D:2F:42:03:B6:28:CA:B4:B3:1F:60:64:13:89"}}},"request":{"raw":"GET /app/apx19.js HTTP/1.1\r\nHost: otakustream.unblocked.surf\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nlast-modified: Fri, 12 Sep 2025 22:15:41 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"68c49b8d-23df\"\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Atozgp9h7xXLRXN8%2BJxn7nI5wyVVu%2BQDYkrhjbbpoViiqkZFpLvfYQ%2FZhcoozGrgbW1wwtWAADJ8d0fWRSPegPAkoXUFU2e1p99A2Xgp5g0rvfD%2BT%2BVqjQ%3D%3D\"}]}\r\ncf-ray: 98d718fccc86b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9183,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (9183), with no line terminators","md5":"2344c3f05f624d595f6fb920e4d74ded","sha1":"eb4d1404ac2d5eecd307f4588aeeab5c8ef463f1","sha256":"3a28fe59e4a2af96d8edeeb12d7040c574cf71fa88fccb5cf49e9c0a1d4e4c7a","sha512":"b1660b062c77332a119e159c5c69d3f75d375915a33f141503232f424c4fdd990998a883c271efb94e8eb909f7837d235354ecae15b58fc23ab9d1908170e831","ssdeep":"192:yfBLCNsvzXnQQuWYQVN6nYaRB5c5FM/MR6Adpf04u7w2Br:4gNYXnrYtBONxpf05r","tlshash":"62126cc87ac7f00b53ed8a53ae1a66b8117b946362a47907d3bcf6cd15e920bc179cc4","first_seen":"2023-03-07T12:40:02Z","last_seen":"2026-04-26T20:38:47.14126Z","times_seen":3539,"resource_available":true,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"otakustream.unblocked.surf","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"directlycascade.com/22/00/54/2200540f09f939738419313a1a090c32.js","fqdn":"directlycascade.com","domain":"directlycascade.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"directlycascade.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Sep 2025 11:12:27 GMT","end":"Tue, 09 Dec 2025 11:12:26 GMT"},"fingerprint":{"sha1":"76:17:4A:20:73:64:94:52:3B:6A:50:E2:7C:F7:F5:73:52:38:47:A4","sha256":"66:CD:95:7F:5E:D7:56:27:7A:6F:3B:80:CB:84:DC:89:A0:F0:BB:44:49:55:B4:81:76:24:2E:38:E3:FC:78:29"}}},"request":{"raw":"GET /22/00/54/2200540f09f939738419313a1a090c32.js HTTP/1.1\r\nHost: directlycascade.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:55 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 35232\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: directlycascade.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 671a536ce289501bd68c32e0bf290858\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":98372,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9ddae1e036317181560bbc28419575b6","sha1":"4186cb9a8207fb7c20612d963a16fe2eb3ffc5f8","sha256":"a4200a9f1a412569a7bbffd6f14247673d53ab95ade56bac2221626269c51c9e","sha512":"07b49fa070e97b330873e5dd1ab565a4b4c229835eb04975d000ecd1c8009134d5874d20553a982f13f47db17ca69421243419fdbcc2b6e159f5f043dafd7ec8","ssdeep":"1536:cY+Z/qOJv+PThsgBLPkpzNluQTFDeBsbZum+iQ1G5SmqA0oFHXgG3D7HROgXP:cY+3gBL2lj5qBsbZuQEG5SbA0eXgG3DH","tlshash":"f7a3b8887f80f05f42b7607a623fb10bf19a4d41d59ce95ce163eca12e7831bd53aa64","first_seen":"2025-10-11T00:19:44.693666Z","last_seen":"2025-10-12T13:56:27.912947Z","times_seen":3,"resource_available":true,"data":null}},"time_used":747,"timings":{"blocked":263,"dns":13,"connect":92,"send":0,"wait":96,"receive":95,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"directlycascade.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8","fqdn":"vmuid.com","domain":"vmuid.com","tld":"com"},"ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"vmuid.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 16 Sep 2025 01:59:37 GMT","end":"Mon, 15 Dec 2025 01:59:36 GMT"},"fingerprint":{"sha1":"84:BD:C5:EF:9D:1D:34:8C:A0:22:2D:D2:FB:A2:D3:F5:74:5F:7A:90","sha256":"30:7E:44:EB:16:94:91:A3:8A:D6:C1:32:D3:2D:D0:B9:A7:40:77:14:44:AB:8F:B5:EE:45:E6:8B:43:50:B5:55"}}},"request":{"raw":"GET /script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8 HTTP/1.1\r\nHost: vmuid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 12 Oct 2025 13:55:55 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 10178\r\nConnection: keep-alive\r\nCache-Control: no-store, max-age=0\r\nAccept-Ch: Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10178,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (10178), with no line terminators","md5":"dedd352338543b137f608adc8d0d4aa8","sha1":"100edb4e8fef9b6da043d51135077e68d2a61b22","sha256":"b338a91ba1d2ab7c3a7a0dd659426f5ffa4cd699be38e2bed5075c4d3e773a48","sha512":"e2fab4d95d5baa013a7c248945156524478341282dcffc462fb2de318f55ba29dcafba0db3abcfb6399c6164f6f630f06d48a7323b73f8ea05d5978cd60a4c5c","ssdeep":"192:ATn+ip4qxJ/gzuvu3fo8idwqnOqgStYc1qRP44+PHlCXXZE7904AxF:YbRJYz3oe+3tYGGx+NGXZCAn","tlshash":"2b22b5c9b2d2f06443d77161942f2007f23b2869b54dc498eb66e8d3bcb045ea227f79","first_seen":"2024-01-26T05:18:07Z","last_seen":"2025-12-29T12:17:25.567723Z","times_seen":3656,"resource_available":true,"data":null}},"time_used":292,"timings":{"blocked":113,"dns":33,"connect":35,"send":0,"wait":34,"receive":0,"ssl":73},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"vmuid.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:55 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a28bcb4e1141cdf1373bedb9c77c87c9\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":175,"timings":{"blocked":78,"dns":0,"connect":0,"send":0,"wait":27,"receive":18,"ssl":52},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/favicon-16x16.png?v=kPxJnMLPQR","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:56.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unblocked.surf","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Sep 2025 17:45:34 GMT","end":"Fri, 12 Dec 2025 08:58:58 GMT"},"fingerprint":{"sha1":"DE:FB:70:01:C2:20:57:F0:69:25:01:90:DB:D4:2B:C1:22:26:63:C3","sha256":"05:CD:5B:D9:9F:C1:63:EB:98:C7:46:F1:57:D5:54:9E:CF:63:0D:2F:42:03:B6:28:CA:B4:B3:1F:60:64:13:89"}}},"request":{"raw":"GET /favicon-16x16.png?v=kPxJnMLPQR HTTP/1.1\r\nHost: otakustream.unblocked.surf\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nCookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=aba0f8c6-d4c4-4e82-92ca-6a868e80a4f2%3A3%3A1; sb_main_a286902791a7f4c98bcb1e812322cd78=1; sb_count_a286902791a7f4c98bcb1e812322cd78=1; sb_main_a032b4d33c8aea68a4f9b84235614bff=1; sb_count_a032b4d33c8aea68a4f9b84235614bff=2; pp_main_2200540f09f939738419313a1a090c32=1; cf_clearance=.UN6SCvfVMRetJLeX7bWgoKpThLGDjO2OC4qs18zwoQ-1760277356-1.2.1.1-.947D5KBkbbTIvqmMshWX4U6QvaLNY2qeaYfwcFbUPDQ98dHQICVkTDFlVNBfMoS9l94.BvLTVoAFAXuOydp6rLNJzZIviFAJZTGcW_XFSsnnBASQSV3moFxS.TKVUxUtlXzKPz6p0.qLJ5e5_KB6f2a_MeoCkM1X_j068nK7Rv_JWxFtDkbodvUEgPm32Ix2_A0yeZe0e3UvP_YOK1nJZRzjyHhLncooO8zTcX8hMc\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:56 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yNkl4Fovapofi7UJwx5SSUtp34QriGKxu70bGm2daHPIhRWdhkSRX11h5GJYvFM3k2CbQ5UvQR%2Frqv9fZsyqEyFAxJaSqxwKMSvk6pOnLQAx6Ec17BjhEw%3D%3D\"}]}\r\nset-cookie: view=1; Max-Age=86400; Expires=Mon, 13 Oct 2025 13:55:56 GMT\nPHPSESSID=gfofnh29l3a360gfbpl25mhrni; Path=/\r\npriority: u=6,i=?0\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\nlocation: https://piraproxy.biz\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98d71906bcdcb4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"otakustream.unblocked.surf","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/other/adzilla/big/2/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/other/adzilla/big/2/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 13:55:57 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 09 Sep 2025 11:31:02 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"68c00ff6-960\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w%2BMB8TLsiRtKd4A4PmltVLL%2BWjUovhPJXdGxzLJbP5yDbGCXzDX%2Byb5lNrtLnOopKuGgyHQl%2B%2BviYt7D8341PX9D1qizMqCxzvxHAL5W\"}]}\r\ncf-ray: 98d71909ce1db500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2400,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"0bc9349d725e520dba5fb47062bb19be","sha1":"c9806f980f8eeaa8a76fc52dbba16d33694828a8","sha256":"0edf1ad930f16d22e747289baa84a2e99619bea81b16afd2b16410d2b240cf46","sha512":"cea8acfcc154ac659921060e590e0a586c8f25e56e473237d2dbb35acd473144ad74f27c3963fec582516f096e2ea085b67d76e3bda2bbfe1c6377380e6dd2d3","ssdeep":"","tlshash":"c04104556b7b1608712fe5b779122b0b67284017af0fdc74afd224489fc52ae427378b","first_seen":"2025-09-12T13:40:28.503848Z","last_seen":"2026-04-26T20:38:46.668589Z","times_seen":217,"resource_available":false,"data":null}},"time_used":584,"timings":{"blocked":69,"dns":6,"connect":1,"send":0,"wait":443,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/other/adzilla/big/2/img/close.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.162Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/other/adzilla/big/2/img/close.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 13:55:57 GMT\r\ncontent-type: image/png\r\ncontent-length: 7809\r\nserver: cloudflare\r\nlast-modified: Tue, 09 Sep 2025 11:23:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"68c00e30-1e81\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 2774911\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jAbz%2Fi%2BuuXvSY5hDXqTWDXLJKRDblKiR2io9jfHHgvY8R%2B%2FpfjWOxf3S5F7xGr67HU4R3GNOlaScBKczOtsI8Hr%2F8ZQCEGYhlxB6sAto\"}]}\r\ncf-ray: 98d7190a3e83b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7809,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 497 x 496, 8-bit/color RGBA, non-interlaced","md5":"6539fb8abde26b7251e0bb75238b31b9","sha1":"299a695c323c7fc62d32d3fe6c44b30b5faf158e","sha256":"6e8293050852070c444df1c2b5eaeac4234c22e43d882857a0ce6fedc5a5ccf4","sha512":"de65c6b52e01bad6b1f5db45f50e8caa5427ad1a32569c8d8e95ba77437c8651b4496036b1dd9a497b18ac3100835003c9e7bf6ae01cd5a34fc57b7c253e0ec3","ssdeep":"192:QEQvSbknZCYBeAZPoUptQFzXFHVGHYJXreHZ0Hi1Okynft:QrawnZClAhDQFzVHV3JmFQt","tlshash":"e4f18d6db98b7a4147c96704dd84e527ff2b0bd68995f4285cd4ae03ec70bb90a043b5","first_seen":"2025-09-12T13:40:28.346731Z","last_seen":"2026-04-26T20:38:46.833183Z","times_seen":223,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/wp-content/themes/otakustream/static/assets/img/bg_footer2.jpg","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.536Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unblocked.surf","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Sep 2025 17:45:34 GMT","end":"Fri, 12 Dec 2025 08:58:58 GMT"},"fingerprint":{"sha1":"DE:FB:70:01:C2:20:57:F0:69:25:01:90:DB:D4:2B:C1:22:26:63:C3","sha256":"05:CD:5B:D9:9F:C1:63:EB:98:C7:46:F1:57:D5:54:9E:CF:63:0D:2F:42:03:B6:28:CA:B4:B3:1F:60:64:13:89"}}},"request":{"raw":"GET /wp-content/themes/otakustream/static/assets/img/bg_footer2.jpg HTTP/1.1\r\nHost: otakustream.unblocked.surf\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/wp-content/cache/autoptimize/css/autoptimize_059185088f753f88cc6bae6f78fafc48.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:55 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YiHq050fHFbeWyidR3Z5%2FesRI%2Br5GKe5%2BLAQKDNdply1wYtaZuZ%2FXWcrsbRro%2BF25gps1%2Bnm0Fezw%2FDobbMrw%2BE3oDH20B5ChgazwlO6i%2FY4flYgO3CF%2Bw%3D%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 12 Oct 2025 13:55:55 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98d719000cb0b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":153555,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1902x1080, components 3","md5":"457cbc1571bcb23f607bf61c9ff7fc7d","sha1":"5ad8b0b2edef2f0783e9e497555be1aee1c3341f","sha256":"c0dbf36b58a6538c3104119053e8c0992543c92ae9c7700a045f17c3c381357b","sha512":"58648ce901fe71ba0c19a9ce3da560155aae025c1234ed225177ac4075a919de1a251bf9a96ab14dd62507335e6b0828de06fcd27a38a187f3a2201cd53c7deb","ssdeep":"3072:NslSXSWzx35OJRymjOvSUz5rixcRFcjTA9DElPzUeKhP:alSi+6ymjNUtriGRSHA9IlLTKhP","tlshash":"05e31280c7d5f102f4cdd5b9e15f382a748bbb4f318c6d5262a2896a4ba831dbd17077","first_seen":"2025-07-16T15:44:51.497419Z","last_seen":"2026-03-25T03:25:34.348301Z","times_seen":32,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":57,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"otakustream.unblocked.surf","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/cdn-cgi/challenge-platform/h/g/scripts/jsd/e9c9e9d67513/main.js?","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:56.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unblocked.surf","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Sep 2025 17:45:34 GMT","end":"Fri, 12 Dec 2025 08:58:58 GMT"},"fingerprint":{"sha1":"DE:FB:70:01:C2:20:57:F0:69:25:01:90:DB:D4:2B:C1:22:26:63:C3","sha256":"05:CD:5B:D9:9F:C1:63:EB:98:C7:46:F1:57:D5:54:9E:CF:63:0D:2F:42:03:B6:28:CA:B4:B3:1F:60:64:13:89"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/e9c9e9d67513/main.js? HTTP/1.1\r\nHost: otakustream.unblocked.surf\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=aba0f8c6-d4c4-4e82-92ca-6a868e80a4f2%3A3%3A1; sb_main_a286902791a7f4c98bcb1e812322cd78=1; sb_count_a286902791a7f4c98bcb1e812322cd78=1; sb_main_a032b4d33c8aea68a4f9b84235614bff=1; sb_count_a032b4d33c8aea68a4f9b84235614bff=2; pp_main_2200540f09f939738419313a1a090c32=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\npriority: u=3,i=?0\r\ndate: Sun, 12 Oct 2025 13:55:56 GMT\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 98d719046cc9b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9964,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (9964), with no line terminators","md5":"7486968f2724a1a1cebcc7c3a9de098d","sha1":"1ee1b5e608e35e62d487cf17cbd283b4c77b3523","sha256":"d398f1bbbb7e7ae1e3146fb29deee5e033c16d830489c681aba759bbcbd22daf","sha512":"44e95521d3a1a965b3d2914aa408d7ce000cff37ad3deac3db63c6dfe2b80fc01a446df1696741ff7eaf0bc03a9f4b9c731358ae391a8a6b673ac78ad18c0019","ssdeep":"192:lUriAbHANQgVSNRaaWrcqYewkxaS51jNKo6CrAfAeAiPL:ATgVQqcPs17roADiT","tlshash":"c022e9cfaf0eb46c42f02da5205b35de9859cebda03e4c1e893099f97d21a49704ed9d","first_seen":"2025-10-10T13:00:40.89127Z","last_seen":"2025-10-22T10:36:24.019585Z","times_seen":660,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"otakustream.unblocked.surf","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=aba0f8c6-d4c4-4e82-92ca-6a868e80a4f2\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=a032b4d33c8aea68a4f9b84235614bff\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=13","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=aba0f8c6-d4c4-4e82-92ca-6a868e80a4f2\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=a032b4d33c8aea68a4f9b84235614bff\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=13 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:57 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 1\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 1829979603d186cc79849fa11c48987f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":661,"timings":{"blocked":280,"dns":1,"connect":94,"send":0,"wait":96,"receive":0,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:57 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\netag: W/\"65aa84fe-1499c\"\r\nage: 1254991\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QueB8FfIxNutFvOhWhf8mvW%2BCLOCpVFE760RcAE5ieps3YlpL0ykMAz%2Fi8MZAuqWsGZMg%2FgNjfEHwf1WqxSLftweF5DGBLFY3TYqp26k\"}]}\r\ncf-ray: 98d7190d3b13569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84380,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32025)","md5":"4a356126b9573eb7bd1e9a7494737410","sha1":"8258d046f17dd3c15a5d3984e1868b7b5d1db329","sha256":"22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5","sha512":"005c3102459dbf145df6a858629d6a6de4598fafe24cd989d86170731b0c3b3c304da470cf66bfd935f6db911b723df0857b5ed561906f7f1c5c4e63ed9430de","ssdeep":"1536:/P10iSi65U/dXXeyhzeBuG+HYE0mdkuJO1z6Oy4sh3J1A72BjmN7TwpDKba98HrZ:++414Jiz6fh6lTqya98HrZ","tlshash":"dc83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-27T15:32:25.265227Z","times_seen":16942,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=468","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=468 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:58 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css\u0026l=3355\u0026fd=511","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.998Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css\u0026l=3355\u0026fd=511 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:58 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/wp-content/themes/otakustream/static/assets/img/basic/otakustream_black.png","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unblocked.surf","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Sep 2025 17:45:34 GMT","end":"Fri, 12 Dec 2025 08:58:58 GMT"},"fingerprint":{"sha1":"DE:FB:70:01:C2:20:57:F0:69:25:01:90:DB:D4:2B:C1:22:26:63:C3","sha256":"05:CD:5B:D9:9F:C1:63:EB:98:C7:46:F1:57:D5:54:9E:CF:63:0D:2F:42:03:B6:28:CA:B4:B3:1F:60:64:13:89"}}},"request":{"raw":"GET /wp-content/themes/otakustream/static/assets/img/basic/otakustream_black.png HTTP/1.1\r\nHost: otakustream.unblocked.surf\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:55 GMT\r\ncontent-type: image/png\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ynjdwZoAOQGhW%2BQolqVyeET0buAP5QBp6JMkG3ZSxDoDOfOfJJNj8k9TXOBdvnL8C81CEbGIPzsmHjWF83BleJtw59d5ggKLSg7Yrsov0nK8qzdktHLB2g%3D%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 12 Oct 2025 13:55:55 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98d718fcac76b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14641,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 476 x 96, 8-bit/color RGBA, non-interlaced","md5":"85adaa94772a0cb8129fb534a391b278","sha1":"505f749ce737035985c40432bcc4fe7bad114129","sha256":"3151983ddf95ad3f0bc8038b28c634d43b885039de8a2f5247711c1982b8d633","sha512":"1cd8298b98e76b212890ecc449895ae5f350f851b4ed85d9afd456deabc04e758ea05d10a2aa8f4d0416b3c65b2693a00bf1f2a01b0dc75daeb8428bb0f91196","ssdeep":"384:PakyP6+7v822TK9VwfYX1fAqig3DD0tFCx5AvokFC+RQQT:ivREqk8oqfkmQcQT","tlshash":"a062d0a95e9e1be67004e0dbd93a1cbca3c0749b4b15f18ad9d7e960ce38ac9074d533","first_seen":"2025-07-16T15:44:51.467752Z","last_seen":"2026-03-25T03:25:34.319126Z","times_seen":32,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":233,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"otakustream.unblocked.surf","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/wp-content/uploads/2017/12/33541l.jpg","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unblocked.surf","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Sep 2025 17:45:34 GMT","end":"Fri, 12 Dec 2025 08:58:58 GMT"},"fingerprint":{"sha1":"DE:FB:70:01:C2:20:57:F0:69:25:01:90:DB:D4:2B:C1:22:26:63:C3","sha256":"05:CD:5B:D9:9F:C1:63:EB:98:C7:46:F1:57:D5:54:9E:CF:63:0D:2F:42:03:B6:28:CA:B4:B3:1F:60:64:13:89"}}},"request":{"raw":"GET /wp-content/uploads/2017/12/33541l.jpg HTTP/1.1\r\nHost: otakustream.unblocked.surf\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:55 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nus3PznxqZhc%2BDWd7TZC1cD9956Bf3mz9fjN5c48YzBRfZNhTzieMnTFiArqn6nrodqidIL1gDsn26%2BeEUmrWhGcOx14eUWdsDQcOiTwgVaK9avs%2FqNqxA%3D%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 12 Oct 2025 13:55:55 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98d718fcbc78b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31901,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 312x441, components 3","md5":"e064094e9f4558cf73569fa6322fdd18","sha1":"60d13c527b532fcbff77fffc06aab5f56f65e85b","sha256":"c9c14f851b5e27e405b8aa8d86d7dff426b55558021d980dd0f025fb300b978f","sha512":"5a79107fca41896f5b5944ef64a75db215891109d06cd09acd51a5754a16873a2ea911e097f7643ab01bcbfc0f55978c536e557687d94287c1f39d75cbe41c14","ssdeep":"768:qSHB94giB+ACDr8jnCB5420ZHWh3zo9KhiYfrB/:/hHJ/8GI2H3s9Khjrl","tlshash":"a3e2f2d73a476fa277288df381e0d7ef3d5826a104db6a2976dd5f4788449e00ea0d0d","first_seen":"2025-07-16T15:44:51.441474Z","last_seen":"2026-03-25T03:25:34.34623Z","times_seen":31,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":46,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"otakustream.unblocked.surf","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/wp-content/uploads/2019/05/6780l.jpg","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.033Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unblocked.surf","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Sep 2025 17:45:34 GMT","end":"Fri, 12 Dec 2025 08:58:58 GMT"},"fingerprint":{"sha1":"DE:FB:70:01:C2:20:57:F0:69:25:01:90:DB:D4:2B:C1:22:26:63:C3","sha256":"05:CD:5B:D9:9F:C1:63:EB:98:C7:46:F1:57:D5:54:9E:CF:63:0D:2F:42:03:B6:28:CA:B4:B3:1F:60:64:13:89"}}},"request":{"raw":"GET /wp-content/uploads/2019/05/6780l.jpg HTTP/1.1\r\nHost: otakustream.unblocked.surf\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:55 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0g2WsBQdn7SA7moUXo89emvWuyHhpHEIb2yGuH8VzKe2qXYCUVFxYtCE36XExS6LfZXRGF2tPuBZ6KWeV6a1MEpFeX3rWGEv5oGx%2BMK0QKRLzg1Moh6LcA%3D%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 12 Oct 2025 13:55:55 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98d718fcbc81b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35844,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 375x528, components 3","md5":"d31e1ddd178b0fb6142c80aa40310f1b","sha1":"e54b9d8973adca010c6c7d4c5db7092f2f285dd9","sha256":"d2bb234bab28fd83e90d4003c70aab970044d8ec9e8647b85e03b8510557b150","sha512":"d5ad22bf71b5d7d191fa20b57b6caedc1d0dc722af622bf29dba953af1995a526dc54aa90839010973b7f643bb54faa42cb8dc8ce2d3c81f1666847ff29b2042","ssdeep":"768:7tncrp1h8F5qImZUIgV0laDflnS6SVWrxr7qr:xQiF5qG+aDfl+Wrxfqr","tlshash":"eef2e0bf77b5a561865cd73d642db26aaf6ad18c92a3c30fe0004312323ee452f5905d","first_seen":"2025-07-16T15:44:51.462161Z","last_seen":"2026-03-25T03:25:34.350293Z","times_seen":31,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"otakustream.unblocked.surf","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/wp-content/uploads/2019/05/57473l.jpg","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.038Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unblocked.surf","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Sep 2025 17:45:34 GMT","end":"Fri, 12 Dec 2025 08:58:58 GMT"},"fingerprint":{"sha1":"DE:FB:70:01:C2:20:57:F0:69:25:01:90:DB:D4:2B:C1:22:26:63:C3","sha256":"05:CD:5B:D9:9F:C1:63:EB:98:C7:46:F1:57:D5:54:9E:CF:63:0D:2F:42:03:B6:28:CA:B4:B3:1F:60:64:13:89"}}},"request":{"raw":"GET /wp-content/uploads/2019/05/57473l.jpg HTTP/1.1\r\nHost: otakustream.unblocked.surf\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:55 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ckes4AgKnJi5C8S6EpUVtP8VA7m9DauTzXCrxDReL1FHgCzTi5c8vheYUQM5vgZaz95Whd1YezyO%2BdfKhO8zX3ECURBSc31WIKRfjfMPVUMJl7KfQpZp3A%3D%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 12 Oct 2025 13:55:55 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98d718fccc84b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26104,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 252x350, components 3","md5":"c2acf7ee783846049aea1d864c76b788","sha1":"93bee0d771abb419e80f5cc5ae264f7aef0cf89f","sha256":"a155502b262a32464a3b2f965270a54844550b55e158b65f5e1be75e08db8e8b","sha512":"8a74605a278b06c0755c0280e06a87ec41f05d4b9efdc914657b5d1d597beee8289789ec3e0cb0df8cbca7014e965eb37659a2a828c99a765569026b90c6b23f","ssdeep":"768:oA+Nz1YeajvH1fYaJOOZzjPeyaZ3XTMN9oQ1uHkE3cw:obCeMvVfnOsmx3XTG9LWv3","tlshash":"41c2e11472a03f3e680be976439a0cc163425639fcb9fd2f9c2c116dbde929d3ba9510","first_seen":"2025-07-16T15:44:51.47445Z","last_seen":"2026-03-25T03:25:34.32052Z","times_seen":31,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"otakustream.unblocked.surf","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/wp-content/themes/otakustream/static/assets/img/basic/back-to-top-min.png","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unblocked.surf","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Sep 2025 17:45:34 GMT","end":"Fri, 12 Dec 2025 08:58:58 GMT"},"fingerprint":{"sha1":"DE:FB:70:01:C2:20:57:F0:69:25:01:90:DB:D4:2B:C1:22:26:63:C3","sha256":"05:CD:5B:D9:9F:C1:63:EB:98:C7:46:F1:57:D5:54:9E:CF:63:0D:2F:42:03:B6:28:CA:B4:B3:1F:60:64:13:89"}}},"request":{"raw":"GET /wp-content/themes/otakustream/static/assets/img/basic/back-to-top-min.png HTTP/1.1\r\nHost: otakustream.unblocked.surf\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/wp-content/cache/autoptimize/css/autoptimize_059185088f753f88cc6bae6f78fafc48.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:55 GMT\r\ncontent-type: image/png\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zMvP1kxwm%2FtyyI%2Bk502ajvWgd9nx3cSwiXqZ1vuqShyW46HEG1ucH0uzLQvwMVsUM3U%2B2POvecj51Y%2Fx085EqbNFvXUz9vWXJAiWmQn2%2BZlV%2Fm5g2oZmig%3D%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 12 Oct 2025 13:55:55 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98d719000cb1b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5726,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 83, 8-bit colormap, non-interlaced","md5":"b0051ba70ceff0a37d2129d6e25ee9ac","sha1":"7480756a9e8896c72f0c27c5b8acf6ac99c7ff81","sha256":"a15690ed85b4d27fba64e82b457955567d5bcef816ce4a35ad4ae8ce1a5abef9","sha512":"7d81f2bde2cb9f897c69074aeade3d18b9bbffc4755e7357e2aa72036fb661b72a3e0a58243d33ec8060876b88360236c32b5bf0ee358974f74c79e451a4ac50","ssdeep":"96:egKgumQsGwrE2/clWbVtxIvfdeWzisVoxz/0QXmSe4eOggpwzmW+t:xbubsZE2s2tSteWfVoN/5Lbhgb6N","tlshash":"a3c19f6f9dbf4184fc850477d6b1c1233f3251869d9cb885c41f78912fb8739d662209","first_seen":"2025-07-16T15:44:51.480899Z","last_seen":"2026-03-25T03:25:34.351398Z","times_seen":32,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"otakustream.unblocked.surf","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:56 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3430\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: f004bbe4b6a85243de9bc6aa3b4abdce\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6293,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6293), with no line terminators","md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"resource_available":true,"data":null}},"time_used":738,"timings":{"blocked":292,"dns":2,"connect":93,"send":0,"wait":123,"receive":0,"ssl":225},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:55 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 74170f32858ab0b3be0b00b031bd2908\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":1,"connect":22,"send":0,"wait":24,"receive":18,"ssl":52},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/sbar.json?key=a286902791a7f4c98bcb1e812322cd78","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:56.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 21:51:40 GMT","end":"Thu, 01 Jan 2026 21:51:39 GMT"},"fingerprint":{"sha1":"AC:0E:0A:1C:AA:E5:DB:3D:5E:08:F6:26:F1:1D:98:65:42:D8:4F:97","sha256":"24:D8:C8:0C:EB:CB:B6:51:7E:D6:F0:16:2A:4D:4C:93:AF:30:D4:E9:B0:FF:9D:5C:C7:9E:8F:A5:CE:E2:1A:E1"}}},"request":{"raw":"GET /sbar.json?key=a286902791a7f4c98bcb1e812322cd78 HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:56 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 3890\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://otakustream.unblocked.surf\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: pdhtkv=true; expires=Mon, 13 Oct 2025 13:55:56 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Mon, 13 Oct 2025 13:55:56 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Mon, 13 Oct 2025 13:55:56 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Mon, 13 Oct 2025 13:55:56 GMT; path=/; secure; SameSite=None\nu_pl15816950=1; expires=Mon, 13 Oct 2025 13:55:56 GMT; path=/; secure; SameSite=None\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: cbf342150d7a42cb21e411f2e6a245ca\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5315,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"fceb860b554f5c9eb25d7ba3129b7349","sha1":"0897b938d57be40944d35b447367a05cc1040557","sha256":"5c03247920a2283def25ea8cd7688952bafd839f1fde12de2f78888445a5c745","sha512":"b7c6d5f8e636abfa2956317213ff1e5d854ae94ef7f6445a425a0bdd0f7e8d5132dbd86681a40fca585c84ccae4900865739dc5dd4d740b20d79a7006e51d5b7","ssdeep":"96:9zMm9TFFiWM6vBk6Wh1ODfdg54EZtXTa7o3pGdxzw9hQGv67WNzL:9z5zviD3ODlg53tXL3p7v67wP","tlshash":"11b15dbf5a8530d8189aecadd5c61fdcbcc0892378c20a604d5dea6f986164e992a43d","first_seen":"2025-10-12T13:56:27.974529Z","last_seen":"2025-10-12T13:56:27.974529Z","times_seen":1,"resource_available":false,"data":null}},"time_used":302,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":301,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.615Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:55 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a8922a5493f6c5c76512ceb75705dbfd\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":20,"send":0,"wait":28,"receive":19,"ssl":54},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.125.105.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.616Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 13:55:56 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://otakustream.unblocked.surf\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=aba0f8c6-d4c4-4e82-92ca-6a868e80a4f2:3:1; expires=Wed, 10 Oct 2035 13:55:56 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"80cccc6db1b0a57dfbd6883eb254ca06","sha1":"95c792eafc7056f2ea1218427f115085b3a43666","sha256":"554a211b1e7eaaaa5503770c408ba3e8ec5d7db9b9c4888a84c846129cea0e0d","sha512":"6a7f95f5eb5920c7089223598ebdee0bb54961932f00cdc495a3697d7311b39f5e2131945bc54e073a1a3d39bcdad668c6ef8f5d2819357ed49f548b9308459e","ssdeep":"","tlshash":"e79004c351d400714f54f055d4d05134451c0f30353445153470c5415334d1d4544143","first_seen":"2025-10-12T13:56:27.978705Z","last_seen":"2025-10-12T13:56:27.978705Z","times_seen":1,"resource_available":false,"data":null}},"time_used":407,"timings":{"blocked":-1,"dns":30,"connect":24,"send":0,"wait":21,"receive":1,"ssl":323},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 12 Oct 2025 13:55:56 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3430\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 90d68c3278bc5bb1dd5e745ec05c2685\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6293,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6293), with no line terminators","md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"resource_available":true,"data":null}},"time_used":458,"timings":{"blocked":-1,"dns":1,"connect":100,"send":0,"wait":110,"receive":0,"ssl":238},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"msdoj.com/hit","fqdn":"msdoj.com","domain":"msdoj.com","tld":"com"},"ip":{"addr":"178.162.215.162","port":443,"asn":28753,"as":"Leaseweb Deutschland GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"msdoj.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 00:32:12 GMT","end":"Fri, 28 Nov 2025 00:32:11 GMT"},"fingerprint":{"sha1":"A8:56:C4:4B:26:AD:D5:72:31:67:E8:75:28:D7:6C:F5:D6:A1:E2:B5","sha256":"65:DA:95:54:55:5B:C8:18:65:43:99:33:52:5B:EF:99:EF:5E:0F:AC:FB:6E:F7:6A:27:0B:3B:6A:69:3C:78:C7"}}},"request":{"raw":"POST /hit HTTP/1.1\r\nHost: msdoj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: multipart/form-data; boundary=---------------------------70905642515562787403111811332\r\nContent-Length: 1190\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 12 Oct 2025 13:55:55 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 2\r\nConnection: keep-alive\r\nCache-Control: no-store, max-age=0\r\nAccept-Ch: Sec-CH-UA-Platform,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform-Version\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nSet-Cookie: av_sw_hit=1; expires=Mon, 13 Oct 2025 13:55:55 GMT; secure; SameSite=None\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-04-27T16:20:01.718824Z","times_seen":277831,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bvtpk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Sep 2025 16:15:33 GMT","end":"Mon, 08 Dec 2025 17:13:51 GMT"},"fingerprint":{"sha1":"57:53:1B:12:8D:B5:A7:B6:96:E2:B4:FE:90:A1:D8:FA:24:94:9A:B9","sha256":"4E:2A:10:4F:06:F6:4E:34:B3:5A:E6:9B:A2:C7:FC:B2:A4:7D:55:44:3D:06:2B:38:35:A7:52:1D:F2:4E:80:5E"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: bvtpk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 13:55:56 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-trace-id: 64f6ba72e8630c6f3287e897f00e719a\r\ncache-control: public, max-age=600, s-maxage=1800\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 736\r\ncf-cache-status: HIT\r\nlast-modified: Sun, 12 Oct 2025 13:43:40 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O%2F%2FprUSA5T690oDg58Ht9iZFu1P%2Fn7tbl5EQGMfhVSqZDLkC3nKIRIOvFx6gXHzsMliDRdMLslqaEn42DS7XslpcbAD7CSdiDA%3D%3D\"}]}\r\ncf-ray: 98d719045f0fb28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109923,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6c87711a5d2974cd9ee1f91fdf13c865","sha1":"f8ed5f464bf5e473cf28b326f462df2ee5698b70","sha256":"d3f84084e3f7c148c636dc35fe87fc64580db8a3fafdf07ebf6174fa089d2398","sha512":"8da04dcbdb746b2810bee89cd945e4d09a0fa7838ab960b05d5227aadd59759d76a7385f83a58abde5ee52665e4f735e554651b2dda1e70ada87ede0cd3a3be1","ssdeep":"1536:I8zmHlk4JQ9aO4kD9VaZ06GUqo54Az0SBYQ4+DIVV3BWw:jzsJkaO44I06GUb0S6z3xWw","tlshash":"96b33bc6226a241612bf8034445bed0eb5aecd8104cdcdb8e1e5b8662d78b16d3f7fd9","first_seen":"2025-10-08T09:14:17.976464Z","last_seen":"2025-10-12T16:00:36.826808Z","times_seen":68,"resource_available":true,"data":null}},"time_used":582,"timings":{"blocked":275,"dns":6,"connect":1,"send":0,"wait":5,"receive":0,"ssl":292},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/pixel/sbs?c=1","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:58.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 21:51:40 GMT","end":"Thu, 01 Jan 2026 21:51:39 GMT"},"fingerprint":{"sha1":"AC:0E:0A:1C:AA:E5:DB:3D:5E:08:F6:26:F1:1D:98:65:42:D8:4F:97","sha256":"24:D8:C8:0C:EB:CB:B6:51:7E:D6:F0:16:2A:4D:4C:93:AF:30:D4:E9:B0:FF:9D:5C:C7:9E:8F:A5:CE:E2:1A:E1"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl15816950=1; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[4323737]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:58 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/pixel/sbs?c=1","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:58.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 21:51:40 GMT","end":"Thu, 01 Jan 2026 21:51:39 GMT"},"fingerprint":{"sha1":"AC:0E:0A:1C:AA:E5:DB:3D:5E:08:F6:26:F1:1D:98:65:42:D8:4F:97","sha256":"24:D8:C8:0C:EB:CB:B6:51:7E:D6:F0:16:2A:4D:4C:93:AF:30:D4:E9:B0:FF:9D:5C:C7:9E:8F:A5:CE:E2:1A:E1"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl15816950=1; u_pl22675059=1; sleca032b4d33c8aea68a4f9b84235614bff=[4323737]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:58 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.946Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:07:02 GMT","end":"Sat, 29 Nov 2025 00:07:01 GMT"},"fingerprint":{"sha1":"AD:4F:15:9E:60:62:A7:16:BA:4B:37:64:C6:01:6B:2B:99:47:89:BE","sha256":"44:74:EA:98:35:48:9C:28:63:20:61:17:18:F6:2B:0A:57:68:36:F4:EF:B0:67:1E:C0:7C:41:30:13:2C:02:F1"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:56 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 1962b5d5f330b848609a9364c49263d5\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":152,"timings":{"blocked":55,"dns":4,"connect":18,"send":0,"wait":19,"receive":0,"ssl":51},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:56.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Oct 2025 15:30:46 GMT","end":"Tue, 06 Jan 2026 16:29:13 GMT"},"fingerprint":{"sha1":"CE:BB:4F:68:2C:89:90:90:9F:0D:E4:DC:37:55:B5:DC:41:49:D6:F9","sha256":"52:3F:5E:43:C5:77:DF:EF:E5:AE:11:CA:C1:74:9E:6B:A8:63:B6:7A:C9:7F:8F:58:EF:05:C6:35:2F:C7:D2:9B"}}},"request":{"raw":"GET /sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 13:55:57 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Mon, 27 Sep 2021 07:43:24 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bGUVe87VOsH7UrT9MdlI0WiuIbO82NK5fohV5k2ilv2JXQHa6%2F9DK7NNpbZNWoSSI8Lf6oyHlQLXPTXX6p5UQvBVy%2B67fHJCn45ol2Q%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98d71907af91b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1325,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"f6990569c7ffeac1f4a3f6d9eee5da44","sha1":"e7d5e37acf89a8faee252c36fc2c9d6615501d76","sha256":"cc2a9756c81bd570fff8b32e48a413687c33f8abe9c934e743a0769178b4f690","sha512":"be3ebced9d65b29fef8caab46e95f54f1ca645ea5942331c84c964ec033fb7c78506d14eda131948b7f664f1635deaa8d82a63169f9214f72035b087ea104bda","ssdeep":"","tlshash":"a52105692df9c97311e750947b352f1bed92ea87c80a6e0173bc9d684f9ad84cd23407","first_seen":"2023-06-26T22:59:31Z","last_seen":"2026-04-27T15:32:25.365644Z","times_seen":2695,"resource_available":false,"data":null}},"time_used":509,"timings":{"blocked":30,"dns":1,"connect":8,"send":0,"wait":443,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/other/adzilla/big/2/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/other/adzilla/big/2/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 13:55:57 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 09 Sep 2025 11:23:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"68c00e28-13365\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iNl2%2Bbg8hcjZTqGmoMC2QzdhKjuD1p%2FrmW672ywpDaVlmbarx%2FV%2BF7FpbIPpDl4JgmoDYpZvSsuBzCfhf9cQCG94BpzJN33EIzIXMQxK\"}]}\r\ncf-ray: 98d71909be13b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78693,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"5982c5377696d20476871062646b253f","sha1":"8bf2c93fa9ccc908f7df0fb7abb911bbac3e4242","sha256":"4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4","sha512":"92592dac2a817293e8ec1d94bf99df639626a90d524420b01a12210398927c0650cc26fa8e730300096b29961563aa02efb707478c6d51ac8616bb1bde5a0cb2","ssdeep":"384:jvuAuF81dghu3uFlZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uhu7uNKwZiMUL6Vpaj7F","tlshash":"1d731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-02-12T20:28:38Z","last_seen":"2026-04-27T16:13:40.423112Z","times_seen":6799,"resource_available":false,"data":null}},"time_used":583,"timings":{"blocked":65,"dns":7,"connect":1,"send":0,"wait":452,"receive":0,"ssl":55},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Fother%2Fadzilla%2Fbig%2F2%2Fcss%2Fanimate.css\u0026l=78693\u0026fd=532","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Fother%2Fadzilla%2Fbig%2F2%2Fcss%2Fanimate.css\u0026l=78693\u0026fd=532 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:57 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":636,"timings":{"blocked":263,"dns":1,"connect":91,"send":0,"wait":93,"receive":0,"ssl":185},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"piraproxy.biz/","fqdn":"piraproxy.biz","domain":"piraproxy.biz","tld":"biz"},"ip":{"addr":"104.21.56.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:58.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"piraproxy.biz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Sep 2025 21:38:32 GMT","end":"Wed, 17 Dec 2025 22:38:29 GMT"},"fingerprint":{"sha1":"0D:50:8C:D8:AC:93:AD:5A:DC:69:67:11:67:18:1C:1B:99:EE:7D:8D","sha256":"64:97:7C:D4:37:E0:0D:2C:B0:E4:2D:5A:4F:CE:EB:66:CD:EE:86:01:DF:E5:5F:A1:99:7B:05:9A:A9:43:89:E7"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: piraproxy.biz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://otakustream.unblocked.surf/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Sun, 12 Oct 2025 13:55:58 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncf-mitigated: challenge\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=rM4h0L2aheAXA6s0ihQ2LeJ9ka24qItJ%2FPj%2Fy%2F5LHTnNyUTTyOa%2FBQ3Bg3R2Dmozsxn8WoJpqw83y0HqaT5i0oGMCKOA7Phnyh3giAcmYYuED3Hu4ZOuMnR3orbxRKCH\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 98d71912fcd15693-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: chlray;desc=\"98d71912fcd15693\", cfL4;desc=\"?proto=TCP\u0026rtt=559\u0026min_rtt=409\u0026rtt_var=240\u0026sent=7\u0026recv=11\u0026lost=0\u0026retrans=0\u0026sent_bytes=2993\u0026recv_bytes=1207\u0026delivery_rate=6884310\u0026cwnd=254\u0026unsent_bytes=0\u0026cid=a5b1bf5cc0eafd0d\u0026ts=317\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":324,"timings":{"blocked":-1,"dns":0,"connect":3,"send":0,"wait":28,"receive":0,"ssl":292},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"piraproxy.biz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/wp-content/uploads/2019/06/83821l.jpg","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unblocked.surf","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Sep 2025 17:45:34 GMT","end":"Fri, 12 Dec 2025 08:58:58 GMT"},"fingerprint":{"sha1":"DE:FB:70:01:C2:20:57:F0:69:25:01:90:DB:D4:2B:C1:22:26:63:C3","sha256":"05:CD:5B:D9:9F:C1:63:EB:98:C7:46:F1:57:D5:54:9E:CF:63:0D:2F:42:03:B6:28:CA:B4:B3:1F:60:64:13:89"}}},"request":{"raw":"GET /wp-content/uploads/2019/06/83821l.jpg HTTP/1.1\r\nHost: otakustream.unblocked.surf\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:55 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HIV4K4ZOZisRciiwhuI5sOKRWEWq2Tm8T8vBortGDWu5xGwp23%2BHQaAeD6j2sqSRFIdlyKmv8O5i3TSNLU6n54MmUN3rnNAZKlYY4JpcskLaFaS%2FdjAj3w%3D%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 12 Oct 2025 13:55:55 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98d718fcbc7eb4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":63778,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 435x600, components 3","md5":"591b34e59dcf7f7fceb02732b580b175","sha1":"62c3e01a02d1e649dfbad3b365a7f11e5920f51d","sha256":"e3ec1505b48d9d5d96443db3575d68f902baed5df18321451f92ce734dc56fb7","sha512":"a767c908198f903b2683ac34b08b1a3286956b4be1c236f8753541e8fdf14c5ff86f94fb1d02574b1e96d720ae3b52fa8c5638f4259c0979640628360be8ee81","ssdeep":"1536:6ItqGgRAkehlB6dEfoNksIqAO15ZgBkhNtWL:6IIGgzqlUafouZqs24","tlshash":"6953f206f203b244e578d333f52ee6542c6ef7d17899c0ee2a49a0547393f6be125a47","first_seen":"2025-07-16T15:44:51.505224Z","last_seen":"2026-03-25T03:25:34.355588Z","times_seen":31,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"otakustream.unblocked.surf","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/wp-content/uploads/2019/05/25935l.jpg","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unblocked.surf","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Sep 2025 17:45:34 GMT","end":"Fri, 12 Dec 2025 08:58:58 GMT"},"fingerprint":{"sha1":"DE:FB:70:01:C2:20:57:F0:69:25:01:90:DB:D4:2B:C1:22:26:63:C3","sha256":"05:CD:5B:D9:9F:C1:63:EB:98:C7:46:F1:57:D5:54:9E:CF:63:0D:2F:42:03:B6:28:CA:B4:B3:1F:60:64:13:89"}}},"request":{"raw":"GET /wp-content/uploads/2019/05/25935l.jpg HTTP/1.1\r\nHost: otakustream.unblocked.surf\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:55 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w6aGqDC8axb6ULvV0xsQ%2FsbkLkbpCZA5HjcSSSioaRHioGJt%2BsSqcsTCSu%2B3VL0844CX9tcmiWaQ3F1yLPrGUDP0zF6%2FFpYNJDOcXi%2Fc4r5JoRuXVHLASA%3D%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 12 Oct 2025 13:55:55 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98d718fcbc80b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38352,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 319x450, components 3","md5":"31ff5236e65e86a6e3342425842adc78","sha1":"95fd80968f390da1bc0e2dc5a4f62a4d7963740d","sha256":"74c1ebdc57e15acb99814352fe4669c8cb838ec345dc1ec2bcba421d6b9ed702","sha512":"d5acbf2ff6a3c49c3c879afdecc0d1646ab32efa0ace8ba036929336cce623f7aeb60eab3597b98d16468de61f7480b08b813a23db1e05044d67f51f15c9e504","ssdeep":"768:TOLzJBfOqm2m3rYbjmcuyclZuyQorv+KCTUIihXG4eg/AGy8+cuoixA9MA0mo6vJ:KLtBfOqm2m3Sm3L+orvrCTU7R/a8+GuQ","tlshash":"e4030252b5f857db50a3de3919ca08f26f70cfc32a647cce560c1c3456e56462c91bab","first_seen":"2025-07-16T15:44:51.431286Z","last_seen":"2026-03-25T03:25:34.320072Z","times_seen":31,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"otakustream.unblocked.surf","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"otakustream.unblocked.surf/wp-content/uploads/2019/05/64339l.jpg","fqdn":"otakustream.unblocked.surf","domain":"unblocked.surf","tld":"surf"},"ip":{"addr":"104.21.42.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unblocked.surf","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Sep 2025 17:45:34 GMT","end":"Fri, 12 Dec 2025 08:58:58 GMT"},"fingerprint":{"sha1":"DE:FB:70:01:C2:20:57:F0:69:25:01:90:DB:D4:2B:C1:22:26:63:C3","sha256":"05:CD:5B:D9:9F:C1:63:EB:98:C7:46:F1:57:D5:54:9E:CF:63:0D:2F:42:03:B6:28:CA:B4:B3:1F:60:64:13:89"}}},"request":{"raw":"GET /wp-content/uploads/2019/05/64339l.jpg HTTP/1.1\r\nHost: otakustream.unblocked.surf\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 13:55:55 GMT\r\ncontent-type: image/jpeg\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YKepXLFYNf0e7LjHOsyhEDrERJYidtk3EeCM%2Fpkits%2B%2B0FZN6c8YuTdl1QOudXqhsXUdkPkIKStfQk3t%2Ff%2F05E1E2THogoQDiRLyhIn7Xaxyugin6pyR8A%3D%3D\"}]}\r\naccess-control-allow-origin: *\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: MISS\r\nlast-modified: Sun, 12 Oct 2025 13:55:55 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98d718fccc83b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20708,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 250x350, components 3","md5":"e620c8cf14f4f22f2125edd99ea4fc7b","sha1":"11ba2f78f036ff867df64491738bf9cb812e1a98","sha256":"08a940d47af2e0361c5250bd99571736aa7be19dbbe3d130d0282b5bd5f2069a","sha512":"1c6bab7b6238a9e20869f5af82989c0ca38d6d2d6d8640d1f489f2fe390a0e3a6e28f744290523a6fd171396d07e927b32082bd8734e6db5b6c5ebbb07a54b25","ssdeep":"384:jRY/yEVwvsGZOUVUtSAqSs9klbXWavl9yLL8n+lfD8I6wrVDlsE+dxR:d4wEGZO4RSdZvlUJFAIdrRlA7","tlshash":"0492d0163e212096e9cecfbf44a4e8f5922fb22490b64bced358701198be8c705b4ed1","first_seen":"2025-07-16T15:44:51.508422Z","last_seen":"2026-03-25T03:25:34.3261Z","times_seen":31,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":224,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"otakustream.unblocked.surf","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 13:00:44 GMT\r\nexpires: Fri, 09 Oct 2026 13:00:44 GMT\r\ncache-control: public, max-age=31536000\r\nage: 262511\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-04-27T16:20:48.546736Z","times_seen":225538,"resource_available":false,"data":null}},"time_used":286,"timings":{"blocked":127,"dns":4,"connect":8,"send":0,"wait":8,"receive":8,"ssl":127},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 12 Oct 2025 13:55:55 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3430\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 12244c087b8a72bd5f2ac5c98d09cf9c\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6293,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6293), with no line terminators","md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"resource_available":true,"data":null}},"time_used":444,"timings":{"blocked":-1,"dns":1,"connect":104,"send":0,"wait":94,"receive":2,"ssl":236},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"heartilyscales.com/sbar.json?key=a032b4d33c8aea68a4f9b84235614bff","fqdn":"heartilyscales.com","domain":"heartilyscales.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:56.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"heartilyscales.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 21:51:40 GMT","end":"Thu, 01 Jan 2026 21:51:39 GMT"},"fingerprint":{"sha1":"AC:0E:0A:1C:AA:E5:DB:3D:5E:08:F6:26:F1:1D:98:65:42:D8:4F:97","sha256":"24:D8:C8:0C:EB:CB:B6:51:7E:D6:F0:16:2A:4D:4C:93:AF:30:D4:E9:B0:FF:9D:5C:C7:9E:8F:A5:CE:E2:1A:E1"}}},"request":{"raw":"GET /sbar.json?key=a032b4d33c8aea68a4f9b84235614bff HTTP/1.1\r\nHost: heartilyscales.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:56 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4587\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://otakustream.unblocked.surf\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: pdhtkv=true; expires=Mon, 13 Oct 2025 13:55:56 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Mon, 13 Oct 2025 13:55:56 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Mon, 13 Oct 2025 13:55:56 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Mon, 13 Oct 2025 13:55:56 GMT; path=/; secure; SameSite=None\nu_pl22675059=1; expires=Mon, 13 Oct 2025 13:55:56 GMT; path=/; secure; SameSite=None\nsleca032b4d33c8aea68a4f9b84235614bff=[4323737]; expires=Sun, 12 Oct 2025 13:56:01 GMT; path=/; secure; SameSite=None\r\nHost: heartilyscales.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a85a929b5e874db79ce62a2afddc459b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5868,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"e51a830482e47350345c12c77a7b7b4e","sha1":"3ea7bf6e4451853660bab40eccccea67df1ffc6b","sha256":"08e8d2b4db8cc9e11229b47be32b7814dc884a6baf482266f7e7ec4c48f09cb5","sha512":"70d5459ae72525b818ba9fb99ffd5af287ce865f08a371fa92062a1c57cfa1f88811d304e8b53067cea7855084212f5cc8c7f243cf84396ff35ab4f7930b9362","ssdeep":"96:9zNKbQ+sdjFAqP6O6Qpk1FNY/Tl7tp8cZrfRRh96VhWVgfsdjpvkr/qELvYyYxff:9zNKbQ+sFvyO6r1FNY/Tl38cRZt6VIVp","tlshash":"1ac17cfb60043091de4aada549cfefb85d4c38516989c2d646d7ceff8d28b862f012b0","first_seen":"2025-10-12T13:56:28.007341Z","last_seen":"2025-10-12T13:56:28.007341Z","times_seen":1,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"heartilyscales.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=aba0f8c6-d4c4-4e82-92ca-6a868e80a4f2\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=a286902791a7f4c98bcb1e812322cd78\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=13","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=aba0f8c6-d4c4-4e82-92ca-6a868e80a4f2\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=a286902791a7f4c98bcb1e812322cd78\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=13 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:57 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 1\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: bfebdb37dd4660ec484b39eec48d51aa\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":656,"timings":{"blocked":278,"dns":1,"connect":94,"send":0,"wait":93,"receive":0,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=aba0f8c6-d4c4-4e82-92ca-6a868e80a4f2\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=2200540f09f939738419313a1a090c32\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=13","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=aba0f8c6-d4c4-4e82-92ca-6a868e80a4f2\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=2200540f09f939738419313a1a090c32\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=13 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:57 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 0\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 11be26dcdb3ae434374f69c8da89e054\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":652,"timings":{"blocked":273,"dns":1,"connect":92,"send":0,"wait":94,"receive":0,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,400i,600,700\u0026v=20-07","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"04:E6:D3:58:E3:A1:E3:05:2B:C3:56:5D:68:BB:1B:0A:08:C6:E3:FB","sha256":"25:4C:B3:A3:9A:E1:D7:FD:25:B6:BF:E9:AA:97:95:20:5D:F2:15:EA:41:46:B6:6B:01:17:19:26:EC:EF:D3:CA"}}},"request":{"raw":"GET /css?family=Open+Sans+Condensed:700|Open+Sans:400,400i,600,700\u0026v=20-07 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 12 Oct 2025 13:55:55 GMT\r\ndate: Sun, 12 Oct 2025 13:55:55 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25911,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"b1da25ada12cc9fa0d13236035eec87f","sha1":"603a4097b239892cc35c9328dec94fa9f0415ec0","sha256":"d632302cd6b77497e58a57a2d2d13df799849c6454a2d9a77db31ae816f8ae70","sha512":"a4c5fdce8ce03f9d636157512ad20629020b628168a7450a4dfadd997aecf8cb94127999173038f3465385cbaf982c05548f8d68cb96f7b73997f648792d2fe5","ssdeep":"384:+POmxG+CvxoqY49bjVjXqY4ahhqY4tU8qY4Z8h:jiaL3Jbc/","tlshash":"8fc24f91042b645067431dd233ce3e30ee0f92617084d0766bfe8b9aeedad6a63b435d","first_seen":"2025-09-22T04:20:17.437989Z","last_seen":"2026-03-25T03:25:34.331026Z","times_seen":30,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":49,"dns":0,"connect":7,"send":0,"wait":24,"receive":0,"ssl":69},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 13:00:44 GMT\r\nexpires: Fri, 09 Oct 2026 13:00:44 GMT\r\ncache-control: public, max-age=31536000\r\nage: 262511\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-04-27T16:20:48.546736Z","times_seen":225538,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":89,"dns":1,"connect":22,"send":0,"wait":10,"receive":7,"ssl":81},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.125.105.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:55.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://otakustream.unblocked.surf\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 13:55:55 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://otakustream.unblocked.surf\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=5583e2ed-0c00-44e9-b116-f22f8f4bdb11:3:1; expires=Wed, 10 Oct 2035 13:55:55 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"949ab17f914526c14d0cf028fb790648","sha1":"5f4f0b0f8740d88482caf0030d0ff31bb5fe8186","sha256":"5ca5d2021bf4c6394431592c1ac3209589c04b9d06c16f3fc6b7e049a2105746","sha512":"10f562032f056c6bc1f0a2ac1ecf7916795bda37b349105eda374dd24dee459c34df4fbe1adfb99cd7158143f5a397641e09b1667de2b693917cd592ffc5137b","ssdeep":"","tlshash":"4f90047d131f5c45134474445d0311f505344f3050f03c7400544737c40c3310c01143","first_seen":"2025-10-12T13:56:28.013107Z","last_seen":"2025-10-12T13:56:28.013107Z","times_seen":1,"resource_available":false,"data":null}},"time_used":343,"timings":{"blocked":-1,"dns":1,"connect":25,"send":0,"wait":42,"receive":0,"ssl":273},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/other/adzilla/big/2/img/1.jpg","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/other/adzilla/big/2/img/1.jpg HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 13:55:57 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 111559\r\nserver: cloudflare\r\nlast-modified: Tue, 09 Sep 2025 11:23:27 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"68c00e2f-1b3c7\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 2774911\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kpBF5tiX%2F7OEcdniPeBWXOk4SuA2bJdlrd5EOtAxwj1oczN12ZTg6PVH8dGYCO2zXLaceyiTJ2Qk7JozNkOYYVFuAVCn9P6QWf7pizCg\"}]}\r\ncf-ray: 98d7190a3e81b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":111559,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 13:22:59], progressive, precision 8, 800x440, components 3","md5":"8ea42d150a20a7fa76544df0b619da09","sha1":"7b122e82465c774421f075baff5df74c356dda58","sha256":"bcac2efa74b5f4db3b7773cb650813da7fa53147a48c995126ef948faf644e81","sha512":"3bd6d3cfab9b2cc9d08c884d6214a3b559f5ef893a984c0b55a9267a00e2b0b8b0be7cc69c6147401cb16700e96b0b5fb35e4fa340128bb718a7898cfd2f6dbc","ssdeep":"3072:tBK1FgKCJd7bOLlBlQVGjg6lU3LG3gaxy:tmF3GvOLlwkjg3I7g","tlshash":"3bb3f1269be0dd65d4f7bb304a02eae1a715fd24c693710afc0c316b3f725618e89e45","first_seen":"2025-09-14T23:01:21.737138Z","last_seen":"2026-04-26T20:38:47.152446Z","times_seen":110,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/other/adzilla/big/2/js/jquery-3.2.1.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/other/adzilla/big/2/js/jquery-3.2.1.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 13:55:57 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 09 Sep 2025 11:23:23 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zFQM7LbO2l6x2p6WPkSwzRabh7A2yD22y4AVL0kncLdDv3%2F0T01r9X%2B61C2vnedGaUyhH%2FQ9b4bvwV19FJgANQI65ozcFNpfdX6o1fo8\"}]}\r\nage: 2774911\r\ncf-cache-status: HIT\r\netag: W/\"68c00e2b-1fa27\"\r\ncontent-encoding: br\r\ncf-ray: 98d7190a3e88b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":129575,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (745)","md5":"e59a2e92b4756cc61e2e4f3082ee1360","sha1":"c96d002f642bd85adf1e5326bcc0679f9c3ee001","sha256":"42173a3ca70c715370ce99071f892ad61d3fee33dbf15426fa7eee549a4afca2","sha512":"94ab9f4e87fa268a76679ac3484952b84332bb01efb3bda37ec883310eea2536c7b5b50370553571d57beed05179749ba0bef6d53306896f2018ebd037c682a7","ssdeep":"1536:hLkR/QpfICJ5vJBQT6bTGw9S5HY6wm482+a02Yo+eKcGbp7E0bJy+jhklK4dy8Nj:hLkRNV48Ba02YowbCuyMSxtZxc9MuCx","tlshash":"8ac3518976e621319207f07a8d6fcc09b275544f1a8ded057d4c82a5af1883c97bafec","first_seen":"2023-03-08T15:21:31Z","last_seen":"2026-04-26T20:38:46.585169Z","times_seen":2094,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html\u0026l=1325\u0026fd=505","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otakustream.unblocked.surf/","date":"2025-10-12T13:55:57.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html\u0026l=1325\u0026fd=505 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otakustream.unblocked.surf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 13:55:57 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-27T16:20:16.31082Z","times_seen":14285728,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}