{"report_id":"edd664da-1372-4ddb-8847-9e894635cc05","version":6,"status":"done","tags":[],"date":"2025-11-22T08:49:50Z","url":{"schema":"http","addr":"nhrv7.com/","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"nhrv7.com/","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"title":"国产精品在线观看｜日韩在线影视：无码免费视频+高清播放热门资源","dom":{"size":125083,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (63379)","md5":"ad744664bcd00f7feaec9a125916c687","sha1":"a078d9c78acf07777f52dc96e125d8bd6df4d6fd","sha256":"1c5bc0cf0e3341fe478733798925a4e48baba220e0011e728090380785900c57","sha512":"e72cf92ef036d87fb4105a1f741580e99c2500f24bfe7290f00313474cb092c309991ba8ada366d47a9b97163c9add4ce2a160540355190c4f2949e79591785a","ssdeep":"1536:rNykYvvDOpUWkQ01O9kUvgOQXmI/3k79v0ThREkIalT9IQvPRskyUcTHOZRMVHvu:5MmU","tlshash":"3fc3546853240c2c602b83e4f2a1b73891fd92dada0f496cf67d4172978fc56aee71d4","dom_hash":"domhashb6aecfa0c4e9680faef09aa581291ecb","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"nhrv7.com/","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-27T08:49:50Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"nhrv7.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-08-02","domain_rank":290492,"first_seen":"2025-11-22T08:49:51.352193Z","last_seen":"2025-11-22T08:49:51.352193Z","alert_count":216,"request_count":72,"received_data":1355646,"sent_data":30285,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"nhrv7.com/","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ab9506462b5f5b932f9f6296c6680402","sha1":"e0d39949f25daadc0cb2b15cde47b6af249303c2","sha256":"7014fdbbf36eb324e13bc1b889feda93749a1f3af993f702f7a96374d3a3b549","sha512":"d8380f13981353e3b54db8c48a20f676365699c075688693c5ba77979f7e14e56938a29ce13c81462761c01ec61da412815eb9d83f5c55c5a142eaf4429a3f57","ssdeep":"","tlshash":"e9d0950f1c001c741f950179103ee58cf061110c6192c51144cdd4415d30ede08197cc","size":241,"data":"","first_seen":"2025-11-22T08:49:58.058461Z","last_seen":"2026-03-21T11:41:49.739449Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/assets/index-CfuI9dw8.js","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c21e804544775e939e6371e167c34581","sha1":"ea66126163bb7a389056e513b6dc8a35e4a7a305","sha256":"04ffd63472715045419c9e18cf3faf096502c77c3429330c12124f875570849d","sha512":"7888a93dacaa782a0e1b4395b0dd97863b2e4403c33c2302c82f105e2d3b34e4a1c6eef841ef8cc6e1b58abb543a16cb6b247a69a0beba4b4ee071cd4137a14e","ssdeep":"3072:NLdBO/ZQC1sKYrotMzKbFg6LZfVcce+Rbgyp0SzOcH4/x:Nh/qsKPba6BGcOcHK","tlshash":"6b444c98b1a5ffad6f6306b110bf511a723d1e16d81e4870f024f86966b400bb5abfdc","size":277706,"data":"","first_seen":"2025-11-22T08:49:58.042281Z","last_seen":"2025-11-22T08:49:58.042281Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"nhrv7.com/24.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.760Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /24.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/1.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /1.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/34.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.787Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /34.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/3.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /3.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:28 GMT\r\netag: \"d6155e55117f4a90204547ab046734fd-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC227YRQ0D77N69AZ4KZ92\r\ncontent-length: 24376\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8ESCXfWo9vuiZOLorgHIwGdERzvXrFdA%2B9TU%2Bk4WktUepGXfxm8zpEbha4XOd5joBZzkmOtQj%2BOc12vVRin4uR9a2Hg6uALiKg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b2bbf120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":24376,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"4c1fd4cc1a7fd1321bd497c3fb2eddb8","sha1":"b43a8d88837a99a9479ae8b5b2240d2152fb5e20","sha256":"b04b9bde2fd532c72b260ad92fd0b78e520def3f0694a2ba402f87655323956f","sha512":"88fc9f91404bbe6844c44872b61873de49f2a189df6e9c9e62726f259fb0ef9072bb887c3bce492c8b6f3e036124d0f0eb4ac64b8d9ef32f59d6bc4cc03ec11e","ssdeep":"384:m1zLDYG2xI00NsJk8IO9oFt9V+fOQMtMTu6gtKznNeUt2Y8Thxm2oLBW9ULt:S8xQNsJkdO9oZVH2u6tYUt2Jy49K","tlshash":"91b2e113584ddc54d8b969ff2fc4798b30816e32436ae2216fccd9898b71c580ed99f9","first_seen":"2025-10-21T09:00:55.134494Z","last_seen":"2026-04-03T13:50:18.716155Z","times_seen":76,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/10.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /10.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/12.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.868Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /12.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 2\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\netag: \"609d543cebbab30f4bc69b4e1b719fc7-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC227WN53Q621PGTHX66J1\r\ncontent-length: 31551\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=od8SIUvgJDAJoyVYF59PBRoR%2ByOyWCygUpRRUw0XSLDhSoEqVdLwwGoWyiV%2FshxuSohBPDLZ94T0Ew1bOs7qk5wDmsd4KJh1pQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b3bc8120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31551,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"09d3a3522e1cbf8a506544bf5456a16c","sha1":"a5399f71718f6f28c09f0757aa18d9a05834e42a","sha256":"56e0f549a12bd5e212465aa356ba746663b504234cfa03d72373e68179a146eb","sha512":"e83a226ad498d6bd106832fd172d5ae3d2f22df021ab51d91a9786480c5bacc83bcfde6741b6fdc43245f989f3e4688f88cd2da06cf4424a52bbfdc66541c744","ssdeep":"768:+etVM8vftjHRIXmJEVANxpgcGum4BizUjlsajoctrhb:+eH9tjHN9TGum4BiIlrZ","tlshash":"f6e2f2bee0415910d11395656195f3cc8cf72b3ebb41d189fb625b60c314afaabc684f","first_seen":"2025-10-26T02:11:47.784589Z","last_seen":"2026-04-03T10:23:16.426092Z","times_seen":59,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":255,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/26.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.894Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /26.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 2\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\netag: \"850928374dcff80ade30e0ef30719de5-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC229QD9QJD2E12CKF92P8\r\ncontent-length: 23590\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GpDxuaLUgq%2F9zkyGjlVN54GEukSyCeWIpJkwqymH838%2FFnaEPbdfiINABYicsAHKxkouFcwrX8tWBOGouK57cssdvwutvaSMJQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b4bd8120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23590,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"8923d65b376d4636047697bcf33ce2ff","sha1":"3784af588fc8a8ca004c7f46ca4ff4b1dc5d6b25","sha256":"b562b17cb1a60109ba32a734f9d57c5c64c326121c72bbbb828823ac8192c303","sha512":"aea1aa009c6e431f77e57c539d8fa3f138c735134e81a7d495ff6338c8a7ef0d0d8f1ab3b8f38fc729282452cfd31286bf553442b8a7ee2fc742bf05bf4ed5d3","ssdeep":"384:zyw06VZ8S7477JeJ21TKAh19XpEh4as+GymdOq2bHOorjcL+hdKeqar0PJSjLxCH:z90qDy7Jy21uAhbXlam5kqe/coFqJP3H","tlshash":"01b2e0752fe8b1eac2358531aa52b2328074ce01b69fd6253c74ec51b4f3e1a24b4937","first_seen":"2025-10-26T02:11:47.791176Z","last_seen":"2026-04-03T13:50:18.734045Z","times_seen":33,"resource_available":false,"data":null}},"time_used":293,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":292,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/27.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.895Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /27.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\netag: \"7192ac0080c085f6e1f86cdd85dc3ac5-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC229GYF613V1G672H25DR\r\ncontent-length: 28164\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7LKQE7lWhQPu8WpPbdNCiA2jTZc4ggitqQ8PRncsL8R%2FZ3Kv5RKp4fFkBg2fxNSn9bcmQ9I09BJdTXMy3p%2FEd9QS6kjw%2FiX2%2Bg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b4bda120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":28164,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x744, components 3","md5":"efac1c096921664cf624b0dedf234c17","sha1":"893f420dcb02950eb64ac656a3248ff5f03de5c8","sha256":"4f823e18a213497351c4f733f0273408610e625c5da72096261df1ed44f7e185","sha512":"587ddd87b5236bfe2ce53dd4274be81c346edbe838c0d56a65804aa85d98665b32903e89805a6f80d10b6460259302fe755c89b8e4d64d2e3d73126800c31527","ssdeep":"768:Z+l4ktMlbsRS4STjmySGfKlP4vQIsPsN3qYW2D:Xvlb0yNjKWYQN3qYWe","tlshash":"edc2e0c2b32d8214e39f3618f4960a7c11dc3a0a4e9b59f0c9977416bc982eec5de5ce","first_seen":"2025-11-02T13:19:49.3534Z","last_seen":"2026-03-23T15:35:45.070757Z","times_seen":32,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":283,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/34.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /34.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:28 GMT\r\netag: \"4b2d94edb4cb1ef5a2aa44bda467851e-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC227VH35TX05PFEYEYSRD\r\ncontent-length: 21263\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pBhOQErTCTsUZIG9S%2BiW4lzUB6BtPv%2FCv92IubsFWowhZ3Y%2FXkf7D%2BWUeFcG3cFItq3eWnFVYxkOQa9o4mJX8nezsyzWQO9UMA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b5be1120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21263,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x744, components 3","md5":"05580faafbc506c4b4f171a801fdbe2a","sha1":"68b4d70a5b59ea4d0f23d3ab2f1b31a61eb9f5a0","sha256":"2d17c5456f00ea0778b79b1e8c0a631718a649fcaa467b6e6ea5a6d72ea9c54e","sha512":"949ba0dcd5a00a13eb9d229fb47aa1e7dd101e9589c8e10e3955b6f64f3f0c7fffb9e59cbb596e822a4268491d8f77cc92e58a30cbf6dae4263d2a32996a77b8","ssdeep":"384:tqYLdjukVoBf5mmJV66ORaSM2JtzIQQIlFtkQebBMsu+37Gbe:th5VoBf5T68ryzIELCd3F","tlshash":"c0a2e154910a1cf3b5f5c43683b22b3687cfd086d93390bf1a1c7d456f22296ee8d096","first_seen":"2025-11-04T10:22:13.299756Z","last_seen":"2026-03-08T23:29:22.419637Z","times_seen":21,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-22T08:49:27.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 22 Nov 2025 08:49:28 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 2\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wBA2oAOMxnaRlOd7yfTbDyAQ%2BLrnaQ2tvt2n4Ym%2FbaxtGPQE833LydsJ201fOA4VMAUMDAbYEubSHWiPa60758VI%2F0ckm8O2ZQ%3D%3D\"}]}\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KANC21BZEKMTNWGX92BE7G9E\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9a272c747c034c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1496,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (330)","md5":"9ffe5b68d5e0a60c35e1ed4bbd592c5c","sha1":"96b221c23a556e5a88185ab14c72dc6f5086e924","sha256":"0c9c76c7f74476f6504a8d6f89cc1b9afc19c7a7bde3cccc793be09b2496e1a2","sha512":"767f35b5dc11227f539c74edb541743ff49a1e34bc994195692139a7908afa5de3c746bfb8a256c006e9cb387a641d4d41c2248b728993d23eda88567eae24e1","ssdeep":"","tlshash":"bf31ce179d9098090324a2642ee4e67ca263eb59530ccb01b0f9507f4b45feb4db7bda","first_seen":"2025-11-22T08:49:58.028922Z","last_seen":"2025-11-22T08:49:58.028922Z","times_seen":1,"resource_available":false,"data":null}},"time_used":414,"timings":{"blocked":55,"dns":28,"connect":1,"send":0,"wait":303,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/13.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.725Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /13.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/16.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.735Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /16.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/18.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.740Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /18.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/29.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.775Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /29.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/30.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.899Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /30.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:28 GMT\r\netag: \"91ba57ce2c39023ad80694dbfd0fbaa0-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC228JVX1HYF2E927SC0HR\r\ncontent-length: 31329\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PCh6ovvZMxTndoH4CFuQYqDPQQCsq4TIBbUsFCOo5qBLHdl2c2fSsvtc31bUQqlunRV%2FMHTNJiX4h29SrxEG8HeCH6TMJZbYqQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b4bdd120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31329,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x751, components 3","md5":"576bb309cf34749591b8086f8c64ffe2","sha1":"b05813360c7c821db5f64c3cc273e84c51307b32","sha256":"aec244eb2b2cbf5b8806826fc38b307b4f6e33e2f3dac1284b921e59ff850771","sha512":"0c3f9c9f9cf79f748910c1a8e62894ee86261e614db72227ecdb591912e764ffdd2eb2ca2de4bbbd61de449e51dddd74e33baf709d778bc9d88694b23125f72a","ssdeep":"768:wQvg/OgxYLn/v1A/qCa5TdE9bknSKhEMOg8PUOIUEgaKqA1t5:ZsM/7Ud4SUO9Egfqa5","tlshash":"6ee2e16aa3671a8ebb05c23495551200acdff908de2a4f8f780e1cd777624e6e5f908d","first_seen":"2025-11-02T13:19:49.335706Z","last_seen":"2026-04-03T10:23:16.378031Z","times_seen":34,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/assets/index-DMKeVCRF.css","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /assets/index-DMKeVCRF.css HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 15740\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Sat, 22 Nov 2025 08:49:28 GMT\r\netag: \"9afa2553a9f328a081bb69f52fd7ea80-ssl-df\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KANC21Y9G07YZ681K50TRK7F\r\ncontent-length: 3991\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZuwIRc%2FNWG0mV%2BLP0tDr%2FpU5RxjpafPOOy%2FV7M9qseVQ3pNd%2BcP5qR1S1TGfweA4rmqaU1LPf3%2FAKZMAWcsS1zJ3Bb7c7m6Ypw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9a272c77fb3b120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20588,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (20587)","md5":"8b5819e40b49497d8c3e25278b7ecbff","sha1":"2371c41d93bd36a89a271c5f8a44a92a36461ae3","sha256":"7765ccd803ff24a18860bac0c51afdaa94a8a40d93bbea38318719f868adf0ce","sha512":"92bfdf8095fb60424f89cbcb44ea08ea0f7823f9e9f6ca2d6342ce83d72d7f1fd9286f563f9e2384cb894eccd6620532f177b5f33e26e5ec1bf2744370319cd0","ssdeep":"192:O9JyW9JyyxwONBnysfTsfKTE6WysNygYm375ooT4rn6sfkGlKKbsf3xQLovE:kwufTE68IWT4rnxr","tlshash":"ae92831e6b20103f7c6b91e5c6d5b66eb22af0c0de3a55eabd824111abd37f70c97504","first_seen":"2025-11-22T08:49:58.030662Z","last_seen":"2025-11-22T08:49:58.030662Z","times_seen":1,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/11.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /11.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/31.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.784Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /31.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/33.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /33.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/17.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /17.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\netag: \"26b8753b2d56b528df50b6e84c3b6b65-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC226DY9XHWF28ASHVWHFD\r\ncontent-length: 23218\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Hc%2FNQkvSz91aKP1XnWvHycVBg7PaDQMVjQ05c3sA1ShRgBWx2T%2BBrmwzWRtDNaEJzK7Lik90xX5G6kZSA0t2tBupW2uDx7q61A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b3bce120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":23218,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"3ede6763fc0931c0111969eccff1bc70","sha1":"f44227f486a23640fc629c6093b52667b2a92d1b","sha256":"a512b9fd7ba82692398281fe5d92dd58cdf8575436b00fa2e427b36c7308a2ad","sha512":"97eb6316bfbf6ab5ee2cb6602222120bbbb63490cb027d21f49838fa03ea00b31cb2abc474de05a3df1d4e61de0562d4d20abe616f6fa5f9555fe1d6520f61ee","ssdeep":"384:DDNfrMGudjVuz288JxdMlOOM40j/kxeqcZ7qASkwOr:DDx9udjVuedMlzKQxez7JSknr","tlshash":"2fa2d09013771d17e33681742286ca236d12995274caefffed522d228c3ef162bdd688","first_seen":"2025-11-02T13:19:49.31524Z","last_seen":"2026-04-03T13:50:18.748523Z","times_seen":49,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/8.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /8.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/21.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.752Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /21.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/vite.svg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:29.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /vite.svg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\npriority: u=6,i=?0\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tv2F6EH4azbLj9JcsRzNIIA4qBPLMiiIyyaYdS9iFVKeLyx9NsMJJryz9UVTOL%2BkhfyO57tQuJKH6Gvftys01BsTdmlr3FTGmg%3D%3D\"}]}\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KANC22RQ09CZ4XH3J8TDJ2XG\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\ncf-ray: 9a272c7e2c19120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1496,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (330)","md5":"9ffe5b68d5e0a60c35e1ed4bbd592c5c","sha1":"96b221c23a556e5a88185ab14c72dc6f5086e924","sha256":"0c9c76c7f74476f6504a8d6f89cc1b9afc19c7a7bde3cccc793be09b2496e1a2","sha512":"767f35b5dc11227f539c74edb541743ff49a1e34bc994195692139a7908afa5de3c746bfb8a256c006e9cb387a641d4d41c2248b728993d23eda88567eae24e1","ssdeep":"","tlshash":"bf31ce179d9098090324a2642ee4e67ca263eb59530ccb01b0f9507f4b45feb4db7bda","first_seen":"2025-11-22T08:49:58.028922Z","last_seen":"2025-11-22T08:49:58.028922Z","times_seen":1,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/2.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /2.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\netag: \"0bb22f89d977c544434578522e06d445-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC2290KW93F3F59SXP2WPY\r\ncontent-length: 19659\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZdmN1166zYKMJ3ItRh4QDekWffWGjq5nlNWiePoAzSs0cFpjx2KHnLN%2F%2B48gkN8Dbfh698MADcrErGHSrNKBkfqZvFopkA%2BbWQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b2bbd120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19659,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"b047e965088a1da09808c616dd2e501e","sha1":"206a50cb2431fbb4ef2155275c5fccd6c1a9940a","sha256":"aa04cd02434fea105036f220ffe4518a642aa3aedef11239cdc5ffa16301dd9f","sha512":"9bd5f716b6f29e58e4f7e493e461211400101cd7bb7cee3979dd4eea3beae678cdfad87b57bb300f68bb967181c94cd426923314624a3dc00f343750656f3d07","ssdeep":"384:9b3dcP8toh33nc8ejS9oXIsvtkRCk36+7zEBwp8EJjV4bVdJ4x1xycmI:ZyP8oHcHW9etkUk3H7zEBET4jJ4xfyc5","tlshash":"ca92d0410965cd65fda512be5abcca6d87294e5c04cab952673c304b4c20bf90c6d4bf","first_seen":"2025-10-21T09:00:55.127398Z","last_seen":"2026-04-03T13:50:18.747557Z","times_seen":73,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/28.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.897Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /28.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 2\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\netag: \"511f6205816018bd670076ae9fff7f78-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC229P9RSKKPEMY5EWAJ4A\r\ncontent-length: 40714\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MT%2F0ve8K0q9PWomCMfHAN5EpIAo1nODtcCXc%2FBK%2BT2i2KJ4SkNuZ61Y6KxdBFZmUMVp0tYY1k%2FR7ajjt3edCQ%2FC%2Fb4MwE%2FrwPw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b4bdb120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":40714,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x742, components 3","md5":"485bfa72961bc7db5b54d5c02f0847eb","sha1":"a7990ce4c5590aeb6dbc005ecbb61cdc29b98902","sha256":"4e44c66839c2a177270e93ffbc72db14966d104de64ddff55b8abb218cbe39d2","sha512":"2cf5a8804e65b23d438c4413322a90dbff6902ee5760d29a15f30087e25c2b8922169d88fe370648291197c28fa8712ed311398d760641c90db94437a2e93f65","ssdeep":"768:x178A8hY+aPqIxyslZ9J9FXzIea/2FCH0y8S8PMLknkkGHg:586+aPjksl7tXzIeK2kD82kkkGHg","tlshash":"3903f1a6c6af53cfe2c5fbef16b586e421816d414a17c5906721c649e03d89a38edb30","first_seen":"2025-10-26T02:11:47.771075Z","last_seen":"2026-03-24T04:55:36.088816Z","times_seen":31,"resource_available":false,"data":null}},"time_used":407,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":404,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/33.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /33.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 8688\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:28 GMT\r\netag: \"cbbbd3df951a35868d3dc8f96d6f6754-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC22B3FX3CWEQXJP7AKY9W\r\ncontent-length: 42198\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AmtTYT9fqyfBluy8%2FlrEtNtV49pazSyqNcw46Hq3MkRBawtHxA8qdbA5r3NJkO1xXn1WGMV6Uv1fVVnKlN0vFX2gwo4%2BeHIRkA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b5be0120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":42198,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x739, components 3","md5":"f4b822e282eef666232a7c8da9a4b51c","sha1":"f04c0fb41ee9ccda518b8d9566531c28236c8d34","sha256":"d5cc0e49df144ea3438b01c3ab52b123e1f4440e98723bb35a27c34567556b6d","sha512":"f7c6f095d9a8fdb99a0b871f31db3d5146f9b631dd3c9aee5735db10c33d8373b00270188dd7cd4a7e20a979f62f0eb72b4b58837b7c3085f37c1933fa458a83","ssdeep":"768:rrVy0OdoJLNWAn7N3RIzVQOXsIzA+yoSQuPNawYr:rrVy0OdikI7EU5ZQMTu","tlshash":"f613f16db3841951c2da20f3f5944da0cfb7a59a4dd13e8bc1069fa46881ed4fd8a3c2","first_seen":"2025-11-04T07:48:16.517928Z","last_seen":"2026-03-23T15:35:45.088107Z","times_seen":24,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":140,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/10.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.866Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /10.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\netag: \"f70f96c7413d6776556af4888aa8a64b-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC22841YDB7QT1F01PJTAG\r\ncontent-length: 35922\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d7beEPn8q3F3VJDqzalhYeJ5iuOQ32XSiWwYf%2FgZJYZt0cRsDxPF4yXIxgWJfLvDLRDe2LmiTHuhtFyca5lvSzmpQNOChEnH5g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b3bc6120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35922,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"2a3148e611d35f8f015a33c942a58907","sha1":"fcb0aa1726b5a6650c74b98ab7d3ad8e4c514de3","sha256":"a9015c4e67b7b55ab36d506fa96d6bc14931855c3556ba192245af90c7fa0bc3","sha512":"3c356a1f197295f8eefb214330e6abdbd8cdb914139ace0a1a59900db3ad2a3810a10b601cc6678184fd92600154b65333e00a93a999e2787bf8b510f9014ee1","ssdeep":"768:Gc9RoEiuGGMGLwEnkt2gPuVkA+Tezo0DYXcf/MQNUL3/fjmq6:GcpiuuGpnkt2DnEezoq0XLzmq6","tlshash":"09f2f1a02acf7702d64158f555160f8cb76f59b8bcc4109f40a42cb7cfe6e78e9b2642","first_seen":"2025-10-26T02:11:47.783131Z","last_seen":"2026-04-03T10:23:16.44015Z","times_seen":66,"resource_available":false,"data":null}},"time_used":368,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":365,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/11.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /11.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 2\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\netag: \"3faedac2011492e162f7d34bdfb46e04-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC2295NV88BPFBBEFS34BN\r\ncontent-length: 24414\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NX9uT7iUj9yOvAKj7rUSSA%2Fx3mbxXhXUwUFByhcL2PAM8vtbjV6IiCjc7m3zIIpYN22EsQUww5JXB4z09URBgbeVqWXR59PYuQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b3bc7120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":24414,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x734, components 3","md5":"8724a89ba0a2a6ed560144d9f3c90c25","sha1":"d69217397efbe5d1eb9bbd0777c15b84d90d508e","sha256":"d268e795f3c87816013159515d17deab4ca3bea267a538933c9bb16ecad0916c","sha512":"41f8bfd47d96683df343274aa883744ff07fd45e4e2557c50ef44763df3f4365669aeb0dc641d3c5cbfccfd3d2084ebca555e0d9640152e889d96c74c92662b6","ssdeep":"384:7n0OmuJophhvhsPdQPcxDHwunZ3PU8P6Fm2+5pRsWinK2/9GtoL1dHm/+fbG1V7/:7QGophhvhsK2HwaB1y0oPmObSV7Bl","tlshash":"57b2d024d2f74850ef306b66421f07da361d2a5ed26252fa8716987c26ff9c45583c8e","first_seen":"2025-10-21T09:00:55.161718Z","last_seen":"2026-04-03T10:23:16.359596Z","times_seen":62,"resource_available":false,"data":null}},"time_used":293,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":292,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/31.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /31.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\netag: \"9ced0893854d26f774f55eb64562bec1-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC228F3RQ2ZQMMYJ1KZ2TK\r\ncontent-length: 34594\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1VoFd3pssG3QjEs4IjbDT6jSyMolW6ImeHjc0zCCi6oIainVemGV5FJHMJ4bfxJh2VUptb6a1rT70wz5yIENR7d19ExddLEDkw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b5bde120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":34594,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"071cd4c590665249d9ca3dab9432701a","sha1":"6f62ced86b7116f7cc1be59ecbac09492d9c7546","sha256":"319f9284752dd5e748db6927598850d58d6af32b8033c0ed8612ea0ddb31c8f8","sha512":"ee610e37cdbcd80ad29a026a96bfa0f84d8f1259d030e102112958839f3e0ff7f5b99f71c6e6c8ced7228e1b05507d11ed209ba7ed165c7a388162a59ac19fc2","ssdeep":"768:aAuyUbeP9DO2FL/zZQxLtFs963anYXP/KpJR2Eb:aA13P9i2F3ZQBt6MXP/mBb","tlshash":"42f2f29e8150d841da699f2d2ba05f0190b4fb4006ba45e3e5ef1811ef161e237fbae6","first_seen":"2025-11-04T10:22:13.262768Z","last_seen":"2026-03-24T04:55:36.088264Z","times_seen":21,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/32.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.902Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /32.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 52967\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:28 GMT\r\netag: \"64e37fe52df2dce1d8146e4f2f7740fb-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC227KHY8HP3PY2JNJ3DF9\r\ncontent-length: 39824\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O%2BA6OkcIp5YrP2RD%2FNmWLsF1h8Om0da2TIrgHeMr2aDy6oNdN6TcAdZxXBticIMw1WLFaYRYqszrT8x7%2B%2BFaRu1swSjpkwHGDg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b5bdf120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":39824,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x744, components 3","md5":"b7878732aace6b2dee82deb6ff3c1bc7","sha1":"8da0e45533459f015a44c2356ca21eefefd3d742","sha256":"d738a2f97b9db18f7f379ff1952037edbd270a6f6bc19b2a014760223336cd6b","sha512":"f121ad6ced7a703a54159caa1c4b158f755d33f53d8d1338ea1151bc3ae402f024d5ebacecbfbdfa6e2c6b8ba2bcee076c58c3d92ce14108eeedcec971c263f4","ssdeep":"768:gfJt/juMXJIEVQmvXNHGEFQwmPwR39nCOEhyN75B6wfDdjQI:Mhh5r7XNmE7v3VEhy3BjJjj","tlshash":"c803f2160761dbe38006a61f92043fcae44a735172eb1bffc621bca7907778516f809b","first_seen":"2025-10-26T02:11:47.795094Z","last_seen":"2026-03-16T07:04:41.037932Z","times_seen":23,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/5.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /5.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\netag: \"528e333e8d2c2dbaccad004a0c2beaa8-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC228DH8206M7BMZHKZ3JW\r\ncontent-length: 24936\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pvzil6ZMZ%2F6sKh6nAITqXwm%2F4%2FsiGqFzurfc7FZ4UrbuRH6ATbDnFnnA%2FLj6KyOODq53PrlUpDoQAx1jtIY%2FYEUAkx7O4FyssQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b2bc1120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":24936,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x751, components 3","md5":"00e1a0b301529fd948a60b92e0b709f5","sha1":"89e4d69d291d3b7608ac0bb7b72a43419bfe273f","sha256":"c19be3076f4fcbd97c66147350090e01f9e6da68980c71acd5fa10cec98f46b3","sha512":"d1290fe4ea6c2b78a3cd4f989073a86f069c5bc1bb476b813bdd59e21617fe1072c3f59b45bb7ef2ab225ef25aadf2eeeb5859a8c39c350942d24dd53cdf2628","ssdeep":"384:kj+qykArWNNrJnmL6dDoTfOJSv9GfVfyWvkjcTpBR51DEdf8CJDlT+PL/5PraSDR:mJyjCn+yD6GioR51AN86T4NPrlDnwzLO","tlshash":"fbb2e137c387c060fbf089b568ad2231a8979e297647537936ebc8a78ed25817246c46","first_seen":"2025-10-21T09:00:55.159103Z","last_seen":"2026-04-03T13:50:18.75498Z","times_seen":72,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":280,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/7.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /7.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\netag: \"61ba27b9b2099bcad4bc6d909686814a-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC228QWMQZJW6998XKGYRH\r\ncontent-length: 35738\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GeNOLz4zpZXciVTWH2dJwpbG7f7nTtBdUWdvrtFRLtU%2F2pGpZDGIgIMcKQL%2FNjCvbstZhJyH2AZqm4TE7YMBsFtzEjgIIR02QA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b2bc3120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":35738,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"c285d385c0560b4d3e98543f19d3fb26","sha1":"bb526dcd2a83c18c81384ab7a5ca4735b196af16","sha256":"6c6a14472f906ce8384ec75b3470978ab63fd54addfccac089e49e8b0c64d0bc","sha512":"b3922437a597e201308f009b19074aa6c7c1614c10f7d035f55767bbe5245b6e8a6892e43f3fa1cd45edce06ffe4b99be1faf9e569bb22f20715b7672f52cfd4","ssdeep":"768:7SgAmck/T9ZIemdRspgwCDKqFKVqQj7hQtzl33dUeRCAns6AcmmJJdNG:vT//xKemdRshpqMj7h4N3GWs7cmmJnNG","tlshash":"d9f2e12ea3f1c26cb12313acb6c0c37b39755397478351fa76b902157413d9679c9a8b","first_seen":"2025-10-21T09:00:55.130871Z","last_seen":"2026-04-03T10:23:16.438384Z","times_seen":74,"resource_available":false,"data":null}},"time_used":398,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":395,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/assets/index-CfuI9dw8.js","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /assets/index-CfuI9dw8.js HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 25221\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sat, 22 Nov 2025 08:49:28 GMT\r\netag: \"f53fae9a4a7316e104b0578a7befed83-ssl-df\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KANC21X4YX52EYVBTE5NB301\r\ncontent-length: 75884\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=j1SRb%2BdzDU0bV9H6iDGrnB%2FYN6Velu6vs1PpWYsJkutbBTTRnpVTMBjLdfJ6QeA4I1lZPWtdn%2Fj1uM%2BsYtaQIF%2BblmxmuHJ6yA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9a272c77fb3a120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":277706,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (37509)","md5":"c21e804544775e939e6371e167c34581","sha1":"ea66126163bb7a389056e513b6dc8a35e4a7a305","sha256":"04ffd63472715045419c9e18cf3faf096502c77c3429330c12124f875570849d","sha512":"7888a93dacaa782a0e1b4395b0dd97863b2e4403c33c2302c82f105e2d3b34e4a1c6eef841ef8cc6e1b58abb543a16cb6b247a69a0beba4b4ee071cd4137a14e","ssdeep":"3072:NLdBO/ZQC1sKYrotMzKbFg6LZfVcce+Rbgyp0SzOcH4/x:Nh/qsKPba6BGcOcHK","tlshash":"6b444c98b1a5ffad6f6306b110bf511a723d1e16d81e4870f024f86966b400bb5abfdc","first_seen":"2025-11-22T08:49:58.042281Z","last_seen":"2025-11-22T08:49:58.042281Z","times_seen":1,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":188,"receive":57,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/5.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /5.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/14.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /14.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/19.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.747Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /19.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/22.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /22.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:28 GMT\r\netag: \"b8bda1b8f31ac1467ef44332badc4a8d-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC227ZKBVPTF31QJNA148Q\r\ncontent-length: 37964\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dPKMBTh%2FnDcO7vcFPkLFkX2%2B6U08LPpYKR45zShSzNrOUXrMUzHtGDC3pVMoxSlzApBXdAT3wTSEKoayasMba0fiTOgv6IZdwg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b4bd3120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37964,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"f51a5651d0b8eeb42e1c7e9f09a02ddb","sha1":"225eb492cc9f4821111c20998ab4ed257745fc70","sha256":"bf9a2d83f85e98fae2aef59885b39071fb980d479f198dcfd89e0cf39dde7922","sha512":"f143afd6251be96550728bbd47c9d351a25d7b270d94e93d0da741770695a7f568881e1ed3e59770dfa7df1b4fb29975ea3e09fafe874ddf2e348fad109cae87","ssdeep":"768:1YqV6yqMLfjOC49TsCn+cwL0yAIHrfDPfqXcnEw9ow:jVDqCrOBJZ0L00rDPNnEw9V","tlshash":"4a03f19d8f6c093787a79df1d360d3e23b3a931983e7ba765e85105619fde800708c1a","first_seen":"2025-11-02T13:19:49.349414Z","last_seen":"2026-03-23T15:35:45.08153Z","times_seen":45,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":159,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/22.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /22.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/30.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /30.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/1.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /1.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:28 GMT\r\netag: \"7b3c89afc771ef54a29c92749de9523e-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC227WJCZ5PRHRC20SBJWG\r\ncontent-length: 27665\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cjwsh37sYF0oadkzWNA4gsKzO6BHpCHTEfhApsD35Z%2BeHb7kAVfi9JJEpy%2Fzh4ts0LygMsV%2FhcC1XdE4GFJwQEFi9Uw7D%2FrViQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b2bbe120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27665,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"10ee0552448ef8549d22fc25537faf5d","sha1":"9fa895f89eba947de32708f2744f421d7f7fe89b","sha256":"79ebccdf4d5bea311f02f72d45bb0b0a25b9d1539e3ab48a0f6eedc0f031868c","sha512":"6ba53774e557ceae97196c30abcab6c5a8b0a71280ca10326b27404f2bd0aa0c097e628b4fba7fc35e6be5f73c1409b310dc5ca2e67f33d70f9daf37f02fbc9f","ssdeep":"768:xcn66C3KE2SmvGpoyI4qVwdC7QeMBMBs8Bh:uI6cxhI4qF3YMBs6","tlshash":"eec2e1feffa94f8ff07af660125c2306ab844a5b68814150e2d80654e9f649cba5f904","first_seen":"2025-10-21T09:00:55.150023Z","last_seen":"2026-04-03T13:50:18.746718Z","times_seen":78,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/9.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /9.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\netag: \"da2f10deee4ec5db7f383fa3a791a763-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC227XPKT13SMGMCTRZ86E\r\ncontent-length: 24661\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b0du3oOZFopdPe3t33ixAufetZst20nxw%2BbKJG5Q3rGuzn6nnoeV0KzBsn8f2Z14u7JjJ1bf3jgyLr%2BDCMOPCVi7TK8BiBKW4g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b2bc5120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24661,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"b4d049f4eabda031c38aa7793e823db0","sha1":"07dd01affa0bb1807697851b94aac5d88c7a007b","sha256":"f0cdd086f039475a16b9671f9328dfc05b5a45b32f4e67203ea1158bfd84f902","sha512":"f017c2d817600559addcbd11e40fca273e4e96cd84bb5157b7c696c922dc8d606e7b972b2b128ce2afa84f61ccd75a8384043311de7c876872de25b5bb3a763d","ssdeep":"384:Pkd0ej7U91TOpVNLhCFGRkB1+XpHd+rSkYk5mc658CxdYMIjFT95wng:PkKeVLiYP6hiVyTvkg","tlshash":"10b2d02aa3ab4425cd5dc03169fe3ec14571ec2d82f148f7858087b6974ea8d1a6d3f2","first_seen":"2025-10-26T02:11:47.775103Z","last_seen":"2026-04-03T10:23:16.330282Z","times_seen":64,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":252,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/16.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /16.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:28 GMT\r\netag: \"ca0b54f703bd5d0f8c6605e0e5eeb60a-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC224VRGN1CJXRBHZXXB3S\r\ncontent-length: 34226\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=enkWUiPHLchpYJPFLnKHPNU72U4O7XR2OMhEokNrl44Lx75QR11ZfaZpPwruZXC9nSD%2BRJ%2FxqWzwPo7A3RLyi7%2BVOxjkVrPejg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b3bcc120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":34226,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"51fb75a25da3d210c98b974c1a982ccd","sha1":"9c8251f381e401eb14af4be1540fde91f51d04ec","sha256":"b49092c61bb2e56b7e886340f21e39f17fb13eea11e77bb06c41a8f88d43a784","sha512":"24a3f1d6e097ad506046642406fd5a06a7803bb17f2ead8b54b0c2ffa8c6b4b09802e15996b7f18440d4eb396c920c0ca8018556ed9e442fe5acf83653a679d9","ssdeep":"768:F66ullW+9R3vCtbZaYOlXuBTw5Q/gZKhVmnGdmdXn5xYgQ7PaJz:F67DvCbZaYm+65KCKhEnGEBAA","tlshash":"b5e2f1789f77c04af3ac96fbb7fc1309a8f6659e481d20cc5aac4912c877642ca06dd4","first_seen":"2025-10-26T02:11:47.787317Z","last_seen":"2026-04-03T10:23:16.371999Z","times_seen":55,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/21.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /21.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:28 GMT\r\netag: \"86cf81ef43a8ae57ed2b60e9423eb93e-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC226W6BKMX2KGHJB1GRMZ\r\ncontent-length: 20947\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uWcaP9sl%2BHtbsNkh1z%2Bdv5UrKbLWp%2FvfIDmEVE5FlsFXqlLj5O3Oj8tnnarIZokBgrFknj6o%2BZk2mUjsamC%2F5teGGbLdM2jobA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b4bd2120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20947,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"08323566ae7d668bfa413ddbdfa8d5ef","sha1":"49e79603a5b434efe722abfdc143e13860070ed3","sha256":"a75f896b209ef1a1eba27036dafc7c5d85525a5014fd83d678d0d26ce0e5b80c","sha512":"548a948e0c30412043d92b7ae6c0715961b6c80737325dffd773c9bf283b1cae3f80ecd221e9bdaad52b4ac12026c070ef490a7d6e6690869ceec621077e9912","ssdeep":"384:w5ypVZXIs7JKHRMXstOn+vCU7OmQtUwQ3edpWjsUKd0vCvW05ojnzWGPnhJw3bHD:QypHZKy8lKUSPs+UjWMfh+cI","tlshash":"6e92e1feb708f207ee572afec4605b42b0fc9a11b77185c8cfc9ec612554e0a686ca55","first_seen":"2025-10-21T09:00:55.121907Z","last_seen":"2026-03-21T11:41:49.711384Z","times_seen":47,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/24.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /24.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:28 GMT\r\netag: \"9bf2b21eec4945b3cea6b83e168d02c0-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC2284R4W09RY4864GDPC7\r\ncontent-length: 21626\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AWno9p5h1KvK%2BLS6rpjyULS6iv2PdozibnQb%2BN%2BB%2B1a0DYQV7x0Mk7jp0jXB7E5gPd3ZGHDQ72LtRbPRoIvUh916jp6a%2FZAnmQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b4bd5120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":21626,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x725, components 3","md5":"437c4f5c8e45fd0b324f3c0d6f1d637e","sha1":"b48ecdab0686dcb4809d7cfff860343e8f457fce","sha256":"55d51a4c47fb9b989bb66b0bd8cbdb3310c031807338e8d00e78f754b1876173","sha512":"0d34a6e0dd59436553918c37b6c408a4a1dbe72d6f6ac4389cd5b96a03638e999aecbc9cb59f069af3f8f0f3cc2ed2fb14ddf5d02ab9c8e3b5e798613ce73bdb","ssdeep":"384:QSK04rKsuCx/QcJKA3qlzsQ7QzzZTo9ok0vclVXJbAtMLiWgbjsHOW:QJ04QCFe/mlzzIN0vclVatSgbjsuW","tlshash":"a0a2e1934bb41abccd4c0371faea4bbb075e762e071607d52a90b555a1e3dc0bb404e9","first_seen":"2025-11-02T13:19:49.360539Z","last_seen":"2026-03-22T01:00:16.528563Z","times_seen":40,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":143,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/3.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /3.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/13.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /13.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\netag: \"8ae4b12057097bda40b4cfadb87103ea-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC229GQ5BN93XP18ATEY63\r\ncontent-length: 28577\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=45InJhMfKBM3TLrlu2DFue%2FgMGeDtkhhvTaK9kcEMHgK%2BV6gvtL6qYPEpR997nodK13s9v8eSCPmTH47Y0JDUHBHHCsEjJws0w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b3bc9120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28577,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"4a4d1abd4e7dd24899fd301172bd5931","sha1":"967be622ec47329cb70a3ccd90604189d51c83b7","sha256":"6c8fbca333c2cadac86dd47fe5c4fbef6373abc52d0a12bf48439944aef21325","sha512":"cc72f018f9ce5fa71160f654718c62b65ebf891eece8269a69020e4c7ec91bee6f9a8d70ea8232e178578b164f84b37a3eb686524ee816e0c6f87e12cbfa47e6","ssdeep":"768:TNrR3F/pSqKXlYi/YFFmh6jjY5yhsZ9XRG9D:9rRSqKVYi/YFFmh6jjYk89Xu","tlshash":"1ad2e1d3bb5e6786b2578d28d16d23833738e4661d4fab3a910935206c4707b1f20fba","first_seen":"2025-11-02T13:19:49.347145Z","last_seen":"2026-04-03T10:23:16.350586Z","times_seen":57,"resource_available":false,"data":null}},"time_used":296,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":295,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/14.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /14.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 2\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\netag: \"f450402fd24e0f465d8972bb61682514-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC229P880F32K734DSM4DW\r\ncontent-length: 32512\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fmA%2BAaYitgPFPFMEmzebO1Ssgn%2B2CIhAj1U%2BAN5Z9L3QsnjhqcPYbBYuOeyd5eW8pE%2F2%2BVfAR4l0rgIIirw7K5KXpVhwNBZptQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b3bca120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32512,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x731, components 3","md5":"81f03d12aa9b60d6ab51bcf9fc3296d6","sha1":"1cb263cedb44b8f9d83577254bf0175f32f15956","sha256":"a46883d95bc03cf7e661d0099a4c7c91ea30149070624c001b4bb535c62915a3","sha512":"c84b88749913d84f4af70314ca557fb99deab451b13e5bf34cbb3c01af3d36ed8f4cd75815b8daa131e42baf3606d43ccc519017eac139c79258158408f80dd3","ssdeep":"768:D7yzjEHNRi6RmejS30oZpagrE4VxIEahZWyIgmIC:vgEhRO30oZ1rnxXahZW3","tlshash":"3de2010a60721c5003de293ad9dd80a8e70982011d96776eac5b0c5bc7749bfffe954f","first_seen":"2025-10-21T09:00:55.153426Z","last_seen":"2026-04-03T10:23:16.353017Z","times_seen":56,"resource_available":false,"data":null}},"time_used":311,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":308,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/15.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /15.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\netag: \"883bdcd75d69f6b992d1d2aa7149fa38-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC227ZSY789GWQHND32GEN\r\ncontent-length: 45155\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xTdFefl%2BLHZ9%2BPXCGEf2XSN1s119jqo5gQjzI0kaw4Ey%2B0FB5R3vSfKvCgav4M4PDMZcvqs3J22MUIQipsEbWvTF%2B%2F3qVotpWw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b3bcb120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45155,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"2af49b06a7faf90fc84bc3552de9920c","sha1":"11bc4a2833b747ebc7967786694c88d9b19c60d7","sha256":"906c3b548a6404e89f6f2d2f9185ce2c023ef40f46ae5e8b4f5aca069c0d458c","sha512":"4f764b7a5a315a7aa23259ade576547b9323fcd279b6b7cd13be107c79dd7fce441ede353d86985cc8da80b214a190159e1958303159ec3cec58910e9457de67","ssdeep":"768:QKD943irgzN8ueYsLeNn7kweQO4e9A6e9/9e24RQ6GDMGSuRpf/BgzMTOY2:5D9VrgzOJxeGwZO4YmFeRRQ6GEuvCVD","tlshash":"d113025157ec25ade22cb2f1bd816738e7b4b55cc50232dda1a4649293c4ec3b1f164f","first_seen":"2025-10-26T02:11:47.768603Z","last_seen":"2026-04-03T10:23:16.339059Z","times_seen":59,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/18.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /18.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 2\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\netag: \"eff8784543f65ee821c4180f92a53e98-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC229N297C7Q1DW353Y3A5\r\ncontent-length: 35122\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ot%2B3VuVz5MJwz2asC%2F8ahW47pWXcHFo%2BR1ticUxx9P6QzOoY7w5xWQ%2BykCFxp4QWLyUMPPRtV9DinnikMDt397o8IdLwxiHWBQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b3bcf120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":35122,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"2ab5990a44198068ee4a84949321244e","sha1":"e2577d1cc24fe2baec3ee4c5c16b08660c8314af","sha256":"9ec444ced011de319502bb82efb60169002269f59c67dfc2d8156f70c9516c96","sha512":"0f6c354e282ff519f8171d0ba8ac85768356da9cadecb650f84fc229df9a25d8c8ef44c9542d19ccdc3d7c113965d1352b5f22c2225b1e8b508c8d85c7cf205d","ssdeep":"768:rdPztAtjDXLZqbE9ecMt7JMX9Y//jPJ1EUFbNY5WPrjTvV:rqsbE9fMt7JUYrJyoJYAPbV","tlshash":"1df2f15c3b9199e293f500f464835025538dc0f3948e6b2eb5d106f9e8feaf68854f8b","first_seen":"2025-11-02T13:19:49.358604Z","last_seen":"2026-04-03T13:50:18.749077Z","times_seen":53,"resource_available":false,"data":null}},"time_used":357,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":354,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/19.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /19.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 2\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\netag: \"4a4b8d7ac1e1a0d1f3f01f7876785fb1-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC22901PYRP7JXSFXYR6FS\r\ncontent-length: 41312\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zmBXYOo6m4ltGF%2F2ngVkuGKho4d%2Bd1ioZ%2B6iELu%2B8GMjC2BXiNRua8EIHjVRcf11Nu0RVOYyHlhAdeNzB5tOaQShAFU%2F%2BUiKuw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b3bd0120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":41312,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"c2f5121a4658e3937d5f36622c565691","sha1":"c48e76d3b5a20f7783ef8c3bb9a754192efd7070","sha256":"c44a367e881afe2498db78a60b443c72a2e2d00517eacf458796563fde9a9304","sha512":"e86866930995cd1f4d88c34ea44419735b763aec276034f3ca79b1995e4ccc5ecbd5d4ff72d1322a218a98036adabd42629be5239236e93abdebcf652190e984","ssdeep":"768:DnZ4DK9g7YCS7gXuYpMk0ZbdeQeH0eDWPeo4gypi1bzc7xq7YtY5g:DqDvnSkXYIQeH0eiW/41bzcxqo/","tlshash":"7e03f1f27ee242d5fa10f6265b29107dae821f8dc43d62fc74ad944cbf62094b6845ec","first_seen":"2025-11-02T13:19:49.321227Z","last_seen":"2026-03-24T04:55:36.083727Z","times_seen":48,"resource_available":false,"data":null}},"time_used":371,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":369,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/6.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /6.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/12.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /12.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/20.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.749Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /20.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/7.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /7.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/9.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.699Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /9.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/17.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /17.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/32.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /32.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/4.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.859Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /4.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 15739\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:28 GMT\r\netag: \"78728b501b5aba442a7f2ab9a9694ea7-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC22843RXHJGBA3C4YM9T3\r\ncontent-length: 35012\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7msF7TsCtcRAx92ACbJx5hnoSY3QxyB9tNNXaIHs7yGqn4xKuiar%2BmsbMpCXLDN1RF4m5MFLUK4v%2Bjc0IupY7hcPvefumJh3lg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b2bc0120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35012,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"3d104b8512114e0cb36bb81532d4d3d9","sha1":"6f08ebaf873e9084d1d77d0d52efce8ce99d1dc0","sha256":"766f7531e0a898ea2018b1e78f15c9243e0e4d9e05bf84aed4ad89eb130f73bb","sha512":"763e256974764444a5d40382e089b777abab5fc1a91815f3557df893b663f178e451adf179006c9430ca26407ca32cff76fa8c37e3039f69dad0d408d5114d20","ssdeep":"768:9RZ81wE9nyvPLDaUsjdacthazHsZzQGs+uGfKdENET3sEb2+:9R+2E1ynLDdydvhLZzQGs19dWrEP","tlshash":"6af2e16c87fb8ff3f84b6c64d1f4d0f9920479ab648e6378358484532787ac54a21987","first_seen":"2025-10-21T09:00:55.141097Z","last_seen":"2026-04-03T13:50:18.717486Z","times_seen":72,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/2.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /2.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/4.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /4.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/25.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /25.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/27.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /27.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/28.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.772Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /28.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/6.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.861Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /6.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\netag: \"a5c2192cbc285ca4f5bcb5e0ceef7e48-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC228HH7GF6D63TYWWFEKK\r\ncontent-length: 35034\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w6%2Ft%2BFCtHxwgnijKgM8rnxfnMLVhjRRxIhq65iuxNoGP8Kn3tBSXmnkbjrU8XrySQT%2FnZg0FL2ATT%2FBb15Rgx1C3oyZEKBE8Fw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b2bc2120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":35034,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"96053ef0124383416b928d037dbd12ec","sha1":"700d679026ce38443a1de6e8984f08a4162489af","sha256":"21fbf4f8b483bf8ff1efbe13e6b9021bdf7d55f25869eb88b13889dde71ec693","sha512":"8cb925bdc82c6bd166146f191c48e91062bbe8df1701ac4f7309328568a1193dbf14b909db4a20ef28a2e559c9dd5d507ed1e5f573142a1fae409b1c5a1803bc","ssdeep":"768:ggNGF1hsX67Vg1kgsF8GseanrFFi12ZwqamEnZIkQz9FDDjZAM:ggwb3ZEkbS3ean5Fi13mEnK7hFXjp","tlshash":"b4f2f136dd8ce8b9f3b636f4c5c6b170aae41107ed46a51ea612c6d1319513e47b07c0","first_seen":"2025-10-21T09:00:55.144058Z","last_seen":"2026-04-03T13:50:18.718644Z","times_seen":70,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":202,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/23.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.890Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /23.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:28 GMT\r\netag: \"68306a7d7bb91fbfd7946b2b65a9172e-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC227ZTMCHVG9SFMYVW1TQ\r\ncontent-length: 22084\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nbeLKbIpZ1oWTqrQOmxRtKF7XfeUV%2FLvwsj%2BOSvbhljbaQx4vJ40UjUf9vJlHmBu%2F51IBqrGB865OvTkHFErjvs0Kcn%2BJf8tOg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b4bd4120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22084,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x733, components 3","md5":"971c3a3d92d3d933225b698d52d11d59","sha1":"3c5be70a63ed2cc138e70d27af2922373c3f69dd","sha256":"bad2175b76f86f59a72e7fafb360837dffd361493eb21f133ac871910f0ef4dd","sha512":"ed1cfa270c3ecbf1802a2b82d60954ccdaf9abb97981a78ed26584e43b0b5e881e2594f1b34e59c66dde9f6c44d38b4d116b0389d8b2660854acfd0580663a10","ssdeep":"384:scb11UY5FfSsp98FnYGone5AMoreSw55Wm2F4k37L6UvtJGKVRoqHx:Bb1RRGoneyZavkreU35VRoSx","tlshash":"b8a2d039ddf8d799e445813c0184ea754b593890530d29db4cb8862e372b6c73eefa85","first_seen":"2025-10-21T09:00:55.173217Z","last_seen":"2026-03-23T15:35:45.084977Z","times_seen":41,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":137,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/15.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /15.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/20.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /20.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 2\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\netag: \"1bc17100335aff7529d20fda6a2dd4ce-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC22A9735PQRKEDFJ48J04\r\ncontent-length: 30943\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d7ScCjWaPmGjFtFBYDHueIZCruOOpfZlLKsLVndWU0PHiZgtG%2FxG%2BP%2Bv1obOZ3TgXRuNqVgrvpHx%2BwvISINnYSHezB8F7zrNWg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b3bd1120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":30943,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"04ff2b4e831c7cedfaee94476ad8875b","sha1":"32f0cdec2e322e708a59e8f5fda083599e58093d","sha256":"7100a38f21817a075fa655b3bc657a53d369547d6d03ffdd945c5ebeee14bed3","sha512":"a5f38c2bfca66f77d99f8f077f482f073baf1b0b07934fff448a406a73e4969cbb942cbd14ead26b2f66e6950d8ab8bcdd9031c52212e62f3885172cc725ba00","ssdeep":"768:Mvl1nFj91llOm5bZkFhEFZdkncL+qYnPsUgJdTq:ylxVTllj5bZM+FZqncL+qgE3q","tlshash":"5fd2f24946c6e761f65c0b39d97f60f6a7058f83462af1473288778c0fab6588fe1481","first_seen":"2025-11-02T13:19:49.367455Z","last_seen":"2026-04-03T13:50:18.739504Z","times_seen":45,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":312,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/25.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /25.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 2\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\netag: \"a568466f46ef3654dc3199d91b095257-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC229443E1KGPVC6D4JFCC\r\ncontent-length: 18432\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nkoFn5lLcN4vwRYksFikXce2gqx6DpEkMPkCINRb4Ju2bYqCIN5A9NvObltcajr3GzPrNT3UPLtA5opmipa0IIlM7vYSiuQ%2BpA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b4bd7120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18432,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"f237169cc7d0be9fb3fb6962640bb460","sha1":"5bf1674fde858c727063da240e8c889a62caf04d","sha256":"cbff13ab0581cec0cedca7b231e539e17a349b3e081665fab1d1c1f86df577d9","sha512":"e0f22b0557d4ca4626e7dd980b62db7fc8be2fbb5f92b3fa7bb8b67b6e805857e04349437fca5859f55e696036fc9526ddb8cb874c3e28bb4d99c9e72de81fba","ssdeep":"384:O0CJNb1wOuQ6kloHovE1UnTxAwi4AnPYTURGmj6ZG80/FBX8:JCvb6DklXvEyTuP4AnPYTUIM809K","tlshash":"4a82d0890bb66d38d200487df2bd2f09b1604f256cd01bee3bda85bd9d566b80b814de","first_seen":"2025-11-02T13:19:49.337686Z","last_seen":"2026-04-03T10:23:16.354857Z","times_seen":30,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/29.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /29.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 1\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\netag: \"1294d9e75ba5c706b8e49a0ba9fee8f4-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC22B4KK23RW0J1D76K8WD\r\ncontent-length: 23634\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q5GqT5e3pwR4UwM0S5frunaEz6D8iuou0QiTW4QO9e4LaO%2FiJzOp1Nwi9Uv1qBtBXZgl2yCHBCCKpJX1uOtJnvAGO7rFQbmPwg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b4bdc120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23634,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x767, components 3","md5":"f68b01aa6d5266224eb77271b99fe7e0","sha1":"023e68d6e91536566004b739e0b47e37ba75dae6","sha256":"ac9362e31d768b606f8ddcb0a7596917c8312d1ae36c551b275797a58b463216","sha512":"85e3005ed03456b19f62c74d757ee31542b3feee4ac10eb4eecf353145b0533c3acdf4412943d07bb7ec82b5f04369188814ab0e619810d71000d159bd20716a","ssdeep":"384:fVLBXcIPOosJMwkJB1WLtLagGsbhjflEIuCKEYxR7F4X+1nnBWKvGW/c:dNcKsRkJB1ITJVZEIKZF4X2Y","tlshash":"54b2e14991cf2f3ad9a08370864bec01d61ded42d9acd6dafdd8066722dd6132b792c0","first_seen":"2025-11-02T13:19:49.333446Z","last_seen":"2026-04-03T10:23:16.348064Z","times_seen":32,"resource_available":false,"data":null}},"time_used":449,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":447,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/23.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /23.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/26.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /26.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nhrv7.com/8.jpg","fqdn":"nhrv7.com","domain":"nhrv7.com","tld":"com"},"ip":{"addr":"104.21.30.12","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nhrv7.com/","date":"2025-11-22T08:49:28.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nhrv7.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 14:38:12 GMT","end":"Sun, 25 Jan 2026 15:36:46 GMT"},"fingerprint":{"sha1":"23:0C:75:96:F1:AC:A2:EC:7A:AB:3E:48:E6:7D:35:A6:12:C8:86:56","sha256":"62:4F:27:E6:EC:09:01:B1:4B:93:D2:C8:5B:DE:50:87:5E:31:3B:48:68:84:47:12:9C:AB:DC:73:0A:37:F8:83"}}},"request":{"raw":"GET /8.jpg HTTP/1.1\r\nHost: nhrv7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nhrv7.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Sat, 22 Nov 2025 08:49:29 GMT\r\netag: \"f121e454c7ee9dcbeb3ece9f2557cd79-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KANC229PG0REVMQY2JVQWFM9\r\ncontent-length: 26305\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=J4sh8rZsT2VM5DUz84iAuOcuIGJRm%2FJQU%2BkENm5kP2lbNDSoC%2FFal8SVIK2tW5R4avTezds35v0OvfNPOghbzdgMWB5HrBoKLw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9a272c7b2bc4120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26305,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"9c3fb377e87a07f40622c36fe4e7f987","sha1":"c3e88b3918ffb7c0a217e5678d3a8c1575e874f5","sha256":"259027187620c96ebcf1e2868ac6bb672acfe7d946c3279da753af4c491b0c3c","sha512":"9c04d4130f53ef04314ed750af48379f1ec0a9d920472d00423fa46f577c259b27310442ba592b54cb849bd4eb91420b7857d628c5e8e5ceb52923ae511dd3c7","ssdeep":"384:dDGWy8Phw0jlkW3TDJ48V6l3fy6wpdsV2ZnKSJ4p+QFhMvyQio8k5c4q3NMk:5GEPhw+3TDS8VLIUZKSUnMKQioh5cr2k","tlshash":"84c2e118ea5dd9efd7a4f735cde92b19d3428f2242cbca1d509284389d537f834852c9","first_seen":"2025-10-21T09:00:55.146944Z","last_seen":"2026-04-03T10:23:16.33472Z","times_seen":70,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":311,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-22","alert":"Sinkholed","trigger":"nhrv7.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}