{"report_id":"fdaa6420-2a28-41a1-aef7-c1149ac19d55","version":6,"status":"done","tags":[],"date":"2025-10-12T16:14:44Z","url":{"schema":"http","addr":"moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","fqdn":"moviesflixcc.com","domain":"moviesflixcc.com","tld":"com"},"ip":{"addr":"172.67.182.28","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","fqdn":"moviesflixcc.com","domain":"moviesflixcc.com","tld":"com"},"title":"Harry Potter and the Chamber of Secrets Full Movie Watch Online on SFlix.to"},"submit":{"url":{"schema":"http","addr":"moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","fqdn":"moviesflixcc.com","domain":"moviesflixcc.com","tld":"com"},"ip":{"addr":"172.67.182.28","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-16T16:14:44Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":25}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"moviesflixcc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"moviesflixcc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"kettledroopingcontinuation.com","ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":196057,"first_seen":"2025-07-30T15:18:19.355595Z","last_seen":"2025-10-05T22:48:12.397812Z","alert_count":3,"request_count":1,"received_data":529,"sent_data":513,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"wayfarerorthodox.com","ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-08-08T11:06:50.216151Z","last_seen":"2025-10-06T02:42:08.575259Z","alert_count":20,"request_count":10,"received_data":213335,"sent_data":16635,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-10-05T22:12:06.373682Z","alert_count":0,"request_count":1,"received_data":17441,"sent_data":430,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"professionaltrafficmonitor.com","ip":{"addr":"18.198.152.110","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-01-23","domain_rank":16376,"first_seen":"2025-01-25T08:56:07.448138Z","last_seen":"2025-10-05T22:31:22.752325Z","alert_count":0,"request_count":1,"received_data":425,"sent_data":455,"comment":"","tags":null,"fingerprints":null},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2025-10-08T11:21:31.763121Z","alert_count":3,"request_count":1,"received_data":377,"sent_data":419,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-10-08T05:41:48.061731Z","alert_count":6,"request_count":2,"received_data":171926,"sent_data":828,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-10-05T22:12:07.524768Z","alert_count":0,"request_count":1,"received_data":40963,"sent_data":551,"comment":"","tags":null,"fingerprints":null},{"fqdn":"moviesflixcc.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-06","domain_rank":0,"first_seen":"2025-10-11T22:25:12.206474Z","last_seen":"2025-10-11T22:25:12.206474Z","alert_count":12,"request_count":6,"received_data":153122,"sent_data":3272,"comment":"","tags":null,"fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"creative-sb1.com","ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-01","domain_rank":22211,"first_seen":"2025-08-08T09:32:32.509707Z","last_seen":"2025-10-06T03:04:51.602393Z","alert_count":16,"request_count":8,"received_data":2025138,"sent_data":3668,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"torchfriendlypay.com","ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-09-01","domain_rank":191479,"first_seen":"2025-07-30T13:31:49.539518Z","last_seen":"2025-10-06T01:09:45.371726Z","alert_count":12,"request_count":4,"received_data":2076,"sent_data":2279,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.show-sb.com","ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-20","domain_rank":187612,"first_seen":"2024-08-31T03:46:04Z","last_seen":"2025-10-06T03:54:26.655571Z","alert_count":1,"request_count":1,"received_data":2238,"sent_data":485,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"vjs.zencdn.net","ip":{"addr":"151.101.130.217","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2011-12-27","domain_rank":43797,"first_seen":"2012-05-21T08:26:59Z","last_seen":"2025-10-06T03:25:38.605948Z","alert_count":0,"request_count":2,"received_data":648310,"sent_data":858,"comment":"","tags":null,"fingerprints":null},{"fqdn":"i2.wp.com","ip":{"addr":"192.0.77.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"domain_registered":"1997-03-28","domain_rank":4679,"first_seen":"2017-01-30T05:03:40Z","last_seen":"2025-10-06T01:41:50.766356Z","alert_count":0,"request_count":8,"received_data":94604,"sent_data":3905,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"flushpersist.com","ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-07-01","domain_rank":23810,"first_seen":"2025-07-08T10:43:12.76905Z","last_seen":"2025-10-08T01:17:43.238436Z","alert_count":6,"request_count":2,"received_data":1060,"sent_data":1536,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.storageimagedisplay.com","ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2024-09-13","domain_rank":170153,"first_seen":"2024-09-13T12:56:32Z","last_seen":"2025-10-05T22:31:22.777678Z","alert_count":0,"request_count":1,"received_data":65088,"sent_data":462,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.highperformanceformat.com","ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-10-15","domain_rank":366864,"first_seen":"2024-10-23T18:32:34.138968Z","last_seen":"2025-10-06T09:12:23.212319Z","alert_count":3,"request_count":1,"received_data":39280,"sent_data":461,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vjs.zencdn.net/8.5.2/video.min.js","fqdn":"vjs.zencdn.net","domain":"zencdn.net","tld":"net"},"ip":{"addr":"151.101.130.217","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5c57702003ba74cfddceaabd7080025c","sha1":"56d3ab846dc40211487bbe39e8a23b2f49fbf5b6","sha256":"ae02049b08cb94f5288b8f912cbe32dc1eeb4247a02208985b03210688140708","sha512":"0f5a036eedd03d56ac696d47d4e4438bfb55ec7d45970151a57bc53be9fa54fe8a77a8e5f4c09802df723c181fd48131a1fab4fdb4b8325130f55b26c3c6b1ab","ssdeep":"6144:P4BORPNGzTx/o6v/NHSwyHu/SdnNUpbYw8jwbUkY5p/J8qIvAMI9pmcOELTmhPNX:P44RPNL6ryHu/w3/J8BogELTm","tlshash":"3ec43b953394613342da90a7946f4302723a9d6d6808c06cfa3dfeda2de4e49b17bf74","size":595636,"data":"","first_seen":"2023-09-04T19:30:39Z","last_seen":"2026-04-01T17:08:51.0752Z","times_seen":272,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","fqdn":"moviesflixcc.com","domain":"moviesflixcc.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"92666f212531fb03bc7f3b38520ec860","sha1":"019451e63e14039f88b646b6425fb8999314b385","sha256":"9937fed49051265dc6e6143e98595730088a28f130c7116b0813cafe29b35d8a","sha512":"736066e352869a2a3238d326a507b127a767d4ae24e7d95e02c653aac768d29155d5e335cf864b3133931c8876e3f6163a62533110cd0edd278691b3c90be16c","ssdeep":"","tlshash":"aea002241012d510058607cd4c56c50068345575c10f8d8a591b5515698dd046c0fc9b","size":60,"data":"","first_seen":"2023-03-10T19:52:36Z","last_seen":"2026-03-09T22:52:06.762097Z","times_seen":129,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/e2/bd/3a/e2bd3a7998db5837d1a07157565e8746.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"793265fcfbeb5501dcd2b98f61e0e67c","sha1":"904239c6aa50c0900ae188b5bd1b77173c5a8a22","sha256":"fb2f9a7a698344feef1ea12f63d76561f7a3bf392ba2eaa6860cdee7079bfb83","sha512":"a1b4082895d8b02d0e511cd047546e9489776682810426ddf8719de0eada33cea57c8356a366d9525c7f47a9bf0deaf129e6db3c62f950d88c578c027d4faa4e","ssdeep":"1536:tMB7VG1uqPJdd0gUyiT8xYAlNxIQLfkZKbU1FLYpkdWjF:Sp2PagUxT8xYqzkZ1LO","tlshash":"08a3c5487b91f4af1286607b323f911fe1e50f905088e458d147f9e81ebd747ba3aea4","size":103866,"data":"","first_seen":"2025-10-12T16:14:48.104488Z","last_seen":"2025-10-12T16:14:48.104488Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"5500db9fa5f2d564e540ed0c97468911","sha1":"da83e62e2d594055a54508edf216614b3f87a5b1","sha256":"84fdb3c432a280e22033c2646b80d18fb7e2a05a0f83fe006dc3558080c7488c","sha512":"44f5985108a1fae7b77952874ac5f21c8da865654894f702510002fbb630270755783437db7cc1de3d007e12213f1052e3161279b39f4a6fb08eb02db3bafabe","ssdeep":"","tlshash":"acc08c481e0201536dd0b68e1f8a238078c0031e2c23e510601c60c2e8830238101c2c","size":145,"data":"","first_seen":"2025-01-04T17:47:06.486127Z","last_seen":"2025-11-03T21:56:26.033743Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"554c0a35439da83c09eb231a24cfed62","sha1":"d8a6c066eed1c5e6a97abfbea02607c1e2738430","sha256":"ab49adaefaa0de439ff5e6a5cd2df15e1a9e854c869748b47dbe366b9bbc44d8","sha512":"ef7d265f6c5fff054ac597b4a109695c62f5a0446709af62dfb148017a379d78f3a85d1a7d7ff5fb9b4edf90c5367fb07c899e8f72dba5bf15c75f091fdf8cc6","ssdeep":"","tlshash":"c041b97da00d31b2efdfe9f6149b63747b5901967a0898863e5f3549036cab80bf84c9","size":2026,"data":"","first_seen":"2025-10-12T16:14:48.134199Z","last_seen":"2025-10-12T16:14:48.134199Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"316dd82665205d0d8ca148f8b4a6da43","sha1":"55a15abb8b572064a6df2f78f789b76cdb2153a5","sha256":"3612ddf05e2c911c896ff6dc56fde3cd10038d66f519cc6a507a1905c6b03b2a","sha512":"be2fa6085ef9f30a57b7fe4cd47a1f5c5765cb61ebb52fa2fbdbf058ed6ef0e2632d59f220946f2ff31bcb4283000e05e5321fb0c52a99da388a8e34a396018d","ssdeep":"","tlshash":"5031da6bc289805c43dd92db785f703fee672daaf3cf5404a33da20384456618b46d30","size":1548,"data":"","first_seen":"2025-10-12T16:14:48.139007Z","last_seen":"2025-10-12T16:14:48.139007Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"0be33965f3c67aa3e2fc07ca3b02362a","sha1":"abd501ba61a7a237575a6dbbf6e3ffef00121929","sha256":"fcc49e4d3a5d21b90caceb694352dfe7c09725cd494126adae675668b92f896a","sha512":"c3eaf824749458ad286a6b899854283f647404d76aac71f85f70e2740f275da961427e77aef30410a7c8ede2e130cbbce3d7c3e4570c2e1dac4a1ae0291c65b2","ssdeep":"96:LoznEN4Hz6GdH0j6kjyQ/0Z90mPSKErqrszgxk1/D+CfMEDaH:8zBmGts6frE8sz2cb+CkCaH","tlshash":"cfa118799d8990709adbb0fe28bb6128bd15514f7a09dc067e5db2060f14bb44fe8ca8","size":4806,"data":"","first_seen":"2025-10-12T16:14:48.1435Z","last_seen":"2025-10-12T16:14:48.1435Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"moviesflixcc.com/sflix/js/app.min.movie.js","fqdn":"moviesflixcc.com","domain":"moviesflixcc.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a041f3d037429d7fd637ea3006664b97","sha1":"036e6d191cc5e1c97f44cc9a29f785b902da3839","sha256":"4e48cbf8c9ef4452af01099b147c30a2f8d6cff0391d986c8b01985892ca7755","sha512":"5758327c504a5294332e4da7607fe76e273f1422bdb6c3b4a3be6e3c580176a0261bb252db84a70c4f27b3a860cf392eef34da0b1e2e69678f0b20cbb97618c4","ssdeep":"1536:tl9OdarIEPD1NnpyjRbUYPseivjhWXch8SeYJD1rPcczQmV/8+aso:bprIMft+czQmVE+aT","tlshash":"ba5318893195b4b346ef42e7507b420bf2369c68380e8014b56c9eee3939c967277e7d","size":60963,"data":"","first_seen":"2025-08-02T14:17:52.272631Z","last_seen":"2026-03-09T06:28:26.430438Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"0addf308362dd68eb55a911cd871e327","sha1":"8f0b36a836a8e8522dd16f6a1739d8535364fc00","sha256":"9c6b2eac96593bdda17c87a919ca676bbfecb6825958281f7fb29887ec752b16","sha512":"a23921b66a0aa0175d1e5e2309183c0f8a022cba681c8197824629117d0b2f56a35a942c5faa56f3ce31faa749358e2510a048cb5895f33a33636c90d73efa53","ssdeep":"","tlshash":"9701299c3c60a62093b7c1b462e7bb846d6d601451ca091664ac624a0b635b63ec5dcd","size":821,"data":"","first_seen":"2025-10-12T16:14:48.14826Z","last_seen":"2025-10-12T16:14:48.14826Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"moviesflixcc.com/index.js","fqdn":"moviesflixcc.com","domain":"moviesflixcc.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"cd92ef5b998c0355ad0cd86f8b970665","sha1":"afe43c755b1d579ca905e397a5147986059a0525","sha256":"5db17ee6d0289ca2469fc9d2315338f6a067f717141a4d0f6ff46503c8bcbe4a","sha512":"f227f698f580c0da564996ec8111f2dc756cfc8f471e3262eef6f6b6359fcc86ba0a4d650b0ff0d3a7640c05cd5d35e29bfd3edff1312ecd1d810378f791c060","ssdeep":"","tlshash":"c83123f2a16079330bff46b3704abb18b9b670a77c856007115e74880767d4ac361837","size":1703,"data":"","first_seen":"2025-10-11T22:25:16.489085Z","last_seen":"2025-10-12T18:17:20.76428Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","fqdn":"moviesflixcc.com","domain":"moviesflixcc.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9312feb26ee77530eaebae606375bec4","sha1":"12a4109db1b01f1b6a1e9f1f570d53416d3a2c6e","sha256":"6933e83d36b6c6f83da7bba0a67131c7a14d8854ef24fcb367708402ee16103a","sha512":"ac13748a517aa1dcccfe06f2968509722ea6348c116b1e7f99a14cbb082cf2c806f0efc9f03b876f7ce07093fd697987d709964692ad3f08a007ecdcfe15ef65","ssdeep":"","tlshash":"6fe05c26b00cf9a004df9a9a301483b97b31010073869016e526b59c2cedd1a58178bd","size":430,"data":"","first_seen":"2025-08-02T14:17:52.302551Z","last_seen":"2026-02-01T22:52:38.172438Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","fqdn":"moviesflixcc.com","domain":"moviesflixcc.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1dd7f1391b4fc404415a740787a211bf","sha1":"552fcaea029bd609abf2e0944f6f234befde942a","sha256":"12a43add4f2f0964e872de78fbaa3887177837c242ae8b0cc6648cfe1fc6e89a","sha512":"b237a936d7fb25d8b6838bce5f199a70339b35ddb9f0cd7978a0b108530b9202416deb754fea409daa0c9d9be8c87c0e01154eaa164baa238cd9f5c31b9bc0d0","ssdeep":"","tlshash":"3dc080caf5a9a40d6249c0c79877310470fa44510dcd1b97d5176ded3d6d1974e17fe0","size":190,"data":"","first_seen":"2025-10-12T16:14:48.157749Z","last_seen":"2025-10-12T16:14:48.157749Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","size":6293,"data":"","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/other/adzilla/circle/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89492,"data":"","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-04-03T18:56:22.048855Z","times_seen":6515,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","fqdn":"moviesflixcc.com","domain":"moviesflixcc.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f42c26b716123150bd2c1c07176cea5d","sha1":"fea8f9b39c9deb39d47626977c6cef31bd3c7433","sha256":"dd2180a0eafbcddafdeed79138c241f3356aa78b086cc538e2832edc418d9ee0","sha512":"7aa04b339ed934bee0b46732fa20852a42faca72815d478d2be715d2fb6256af41161c39938281d21794022d2dc7349695357d69ecab2626651a8aa82ff56eb5","ssdeep":"","tlshash":"7ab012af250085e78cc4b3cb48c9400876a4fd5c3a028061207d24c98d06814f701f29","size":107,"data":"","first_seen":"2025-01-04T17:47:06.515915Z","last_seen":"2025-11-03T21:56:26.035317Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","fqdn":"moviesflixcc.com","domain":"moviesflixcc.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"851709c2bfcb45d50546a9f7fe5cb59e","sha1":"bc16d9b4547a06c4f3c27ef570a27eba70d21c24","sha256":"c9789bc7498a45b5af7b0a7a9e052dba96f0702e2e9df3dc067f1ca611631dc8","sha512":"bede3033d634ac55a5059d0940ca79c8456ad5c93c32ec88cf4d9ca69765b9dee32389e77bd1d7c044702d2aa5af23689933d0b3a478dba6faeea62bc9cfeeee","ssdeep":"","tlshash":"25d0a7783e1d6975064ecabb52b5e7c5b6a112e624114405144c9c7bb4a8ed008e9a65","size":237,"data":"","first_seen":"2025-05-11T23:52:27.871929Z","last_seen":"2026-03-27T23:46:41.278557Z","times_seen":85,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","fqdn":"moviesflixcc.com","domain":"moviesflixcc.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"dc437815ec6438fedf52320fe6b41757","sha1":"a3cf1fc1c3d981cf019bb4074dd0c2a9909ae01c","sha256":"26f0fccff966d4b24f5b1d17e77a49c0d110994ab84c3e32847357d64e51ab74","sha512":"36474ac135be08dfbca34e17342f9979a02115fef738ac962d624dc1adf84102a83f7724a86c85b8aa22785778a0fc5b3b77223289f61a02f28295004401bcf1","ssdeep":"","tlshash":"35e02b2a99a7463c4cea7a441079d97d30f874a49aa79017620cc85dc429fc54c55aad","size":416,"data":"","first_seen":"2024-08-21T07:07:26.560663Z","last_seen":"2026-02-22T22:03:58.844475Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/7d13b25d45280f0ba72ac5efffba0334/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"810a9f016d248c1d91f2f6c80f761daf","sha1":"6d75161bb599756514634f6563d6638b4049c362","sha256":"811144b4599daba9878e98812e0f82e3a587bcbfbc5ae644901a774479b63506","sha512":"b3feb4386631fa5f3763a022d0fa37f85ce3331654f5dbe7a559325ce6e8ac5a3036fa5a7f3b1847738a3744062bfee2f73aac2450295217d42296c6c0b9d74e","ssdeep":"768:fkqtS14OYZ748I6ngkvLXcj3PKFMrj2W+MB1HF:8qtnO248I6ngpCIj2XMBn","tlshash":"5203b88d3f61b85d0796a033723f840ae6ed4e0458dcd8e8e4076ca0fe68755d4b7ea5","size":38459,"data":"","first_seen":"2025-10-12T16:14:48.121755Z","last_seen":"2025-10-12T16:14:48.121755Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/86/07/06/86070623d4cea4f671eecb209e80d789.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"94cdc0627d1f7389ec9e5cc24b39eb44","sha1":"8ca4d745a0711df3783d673b0d547110ffb75598","sha256":"33e5b9ddba2562f2bbe6666b1060a7245848e7597061936397f41f2bab9ff1af","sha512":"655e7fdd66d30bd4b2719d73853915ac244fc58103e0dfd365657ac9845f65591106aa8f7ca4d3400ef5ac8bed3d1bc449b48430048fd95eba06ff92c68b99a0","ssdeep":"1536:ic4Bys1/N5gpvcZFr378C1GJWH1EaTmj2w3Oi:gmvcLRGJWH1ECma6","tlshash":"cb73d9883f96b0a403a2b4b3261fd50ef13a4d52658cf4d8da1794d8ed6cf1bfa39914","size":76566,"data":"","first_seen":"2025-10-12T16:14:48.016177Z","last_seen":"2025-10-12T16:14:48.016177Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=7245\u0026rd=7245\u0026fd=484\u0026bv=25.10.4943\u0026tmpl=136","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:28.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=7245\u0026rd=7245\u0026fd=484\u0026bv=25.10.4943\u0026tmpl=136 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 16:14:28 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":720,"timings":{"blocked":315,"dns":11,"connect":93,"send":0,"wait":93,"receive":0,"ssl":204},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/impr.gif?sid=H4sIAAAAAAAC_1RTT2gd1Re-k5bf4qegtqLbt3ChYpI7c-evXYixVoq1LW2liLi4f5Nr5s1M5868SbOqFqS4MSBC3U2-lzaoVRTBnVISdwUhrxuzaDa6cyVCwZ28NBA9i3O-c7-7-M693_lovd0jDC3fPf9WuWrznM9Hc3Tw_GVbqLJzg7OXBj6doycGl20RhycGK9NUj172WThHXxi8oeVyOR9Qn1Kf-oNTttamXJnfZ2GrO5k_l9G5MJjzoxAr9X9713pw3IMa7ZFjsGryxG_mXVi5hWL47Untlpuyeun1YZvzpqwxUptvF8tF2RUYHkJTezDF5sFtlG5CyM0ZlMXmwQQoRxvTCSDshMw88wCi2DyQCTG69UipyKELCPUYutEWdL4Ny7cgy-uwaocAUuHsORTD22fLuuNXH7F8yk7I0Yd_wXYTcvTB0yiG3yzkdmVwsczbxpaFw4rpYVe2YBe3ULXbaFZnYLttyOZDWPULmX94BsVw45zLS1i1-1wQaRHrIJ6lifRnQ5Zks0IzPWtSn4c8lVQxs_9E1myBuxm0zkNrPbTGQ1t5GKrdQUjTUPqcxSZTMqEhD0OlBc3SgFKeyQStnGpfQ1OtQeZrkPU1VPU1LNvPdtp3do7d3PHWJoT83e94n6Bu78It7f4Qq0BKyqRMAplyKqOM-TRNtQhSHdPUjwJfJ8xnJpEmC6WItG-iLI4iGWkuw4wnkTEyMEwKnmpjpFJU6YAmvgy5HyUsk1mkA6MibiIRq5SGgaIhZ6mSJlKZiMIwSYRiqQ5jylXkiziIM80UZaHUAUuiJNAsSGLfxEGcxgmjIYNTHlxDMFI9Ok3QOYKOE3SWoGsIulF_S-UucP1tlbtW-Ac1OKisH5fN4jq_VTaLuiDg9Rpq1W_Y6oq7DtkcGa8ap8blNHHR9GMuVL9e7ZGnpvbwPvAfx7LeHSTKZyKIVBgFKTVU8CTgMtLGGMEpYyGc7WHdDLjzsGon5OTOEVR2Qp68XULwbbh8G9J64O2z4N04CVLwJWQUq8XXxubDK7b153JrNFTZo2qOornqred75Pj4wqWFu_tefe_XT6HlPXIQkHWPqu7xvv2ZYDG_Mb5QdmTjQtk58t25qrFDu8qnPr7Y8Eb_78s39dWurNXpk27ti1fllJjCO5e0a87wQtli0ZGvFqxSuj5V1lKTH0-7y1qcb93SQlsXbXXm_GunTg-rWjtny2IL3E7I___8GNJOyPGfPt_f0ejF7yGra3DVoU5XEoiKILcEuT4856KH-1cvDvG6u4HF2gNvrqMY9hjVPUZ5D56vwbVHxk1V33vlPtsPiNwbi7wmGyKvp7zdHRimA0lpmsQ-S432WTh1YRpmKp7-l0bjJkt_3P_9nwAAAP__6GArzUEFAAA=","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:28.529Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTT2gd1Re-k5bf4qegtqLbt3ChYpI7c-evXYixVoq1LW2liLi4f5Nr5s1M5868SbOqFqS4MSBC3U2-lzaoVRTBnVISdwUhrxuzaDa6cyVCwZ28NBA9i3O-c7-7-M693_lovd0jDC3fPf9WuWrznM9Hc3Tw_GVbqLJzg7OXBj6doycGl20RhycGK9NUj172WThHXxi8oeVyOR9Qn1Kf-oNTttamXJnfZ2GrO5k_l9G5MJjzoxAr9X9713pw3IMa7ZFjsGryxG_mXVi5hWL47Untlpuyeun1YZvzpqwxUptvF8tF2RUYHkJTezDF5sFtlG5CyM0ZlMXmwQQoRxvTCSDshMw88wCi2DyQCTG69UipyKELCPUYutEWdL4Ny7cgy-uwaocAUuHsORTD22fLuuNXH7F8yk7I0Yd_wXYTcvTB0yiG3yzkdmVwsczbxpaFw4rpYVe2YBe3ULXbaFZnYLttyOZDWPULmX94BsVw45zLS1i1-1wQaRHrIJ6lifRnQ5Zks0IzPWtSn4c8lVQxs_9E1myBuxm0zkNrPbTGQ1t5GKrdQUjTUPqcxSZTMqEhD0OlBc3SgFKeyQStnGpfQ1OtQeZrkPU1VPU1LNvPdtp3do7d3PHWJoT83e94n6Bu78It7f4Qq0BKyqRMAplyKqOM-TRNtQhSHdPUjwJfJ8xnJpEmC6WItG-iLI4iGWkuw4wnkTEyMEwKnmpjpFJU6YAmvgy5HyUsk1mkA6MibiIRq5SGgaIhZ6mSJlKZiMIwSYRiqQ5jylXkiziIM80UZaHUAUuiJNAsSGLfxEGcxgmjIYNTHlxDMFI9Ok3QOYKOE3SWoGsIulF_S-UucP1tlbtW-Ac1OKisH5fN4jq_VTaLuiDg9Rpq1W_Y6oq7DtkcGa8ap8blNHHR9GMuVL9e7ZGnpvbwPvAfx7LeHSTKZyKIVBgFKTVU8CTgMtLGGMEpYyGc7WHdDLjzsGon5OTOEVR2Qp68XULwbbh8G9J64O2z4N04CVLwJWQUq8XXxubDK7b153JrNFTZo2qOornqred75Pj4wqWFu_tefe_XT6HlPXIQkHWPqu7xvv2ZYDG_Mb5QdmTjQtk58t25qrFDu8qnPr7Y8Eb_78s39dWurNXpk27ti1fllJjCO5e0a87wQtli0ZGvFqxSuj5V1lKTH0-7y1qcb93SQlsXbXXm_GunTg-rWjtny2IL3E7I___8GNJOyPGfPt_f0ejF7yGra3DVoU5XEoiKILcEuT4856KH-1cvDvG6u4HF2gNvrqMY9hjVPUZ5D56vwbVHxk1V33vlPtsPiNwbi7wmGyKvp7zdHRimA0lpmsQ-S432WTh1YRpmKp7-l0bjJkt_3P_9nwAAAP__6GArzUEFAAA= HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNTI0MzkxNiwiayI6IjdkMTNiMjVkNDUyODBmMGJhNzJhYzVlZmZmYmEwMzM0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0NTA5OTU1LCJwaWQiOjEwOTExODMsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjoyMywicHQiOjQsInBrIjoiYzluZXY2NnhnIiwiY3BrcyI6eyIyOCI6ImUyYmQzYTc5OThkYjU4MzdkMWEwNzE1NzU2NWU4NzQ2IiwiMjkiOiI4NjA3MDYyM2Q0Y2VhNGY2NzFlZWNiMjA5ZTgwZDc4OSJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbW92aWVzZmxpeGNjLmNvbS9tb3ZpZS9oYXJyeS1wb3R0ZXItYW5kLXRoZS1jaGFtYmVyLW9mLXNlY3JldHNfYjUzLz92b2Q9MTA4MHAiLCJhciI6W119fQ.vLNTvbggSrlNljzY_bOj7rEohoxY0vhYxB6Rl9icLPI; uid_id2=25eb6e26-07c1-4379-be3e-f81a4a8c0d3f:2:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl25243916=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 16:14:28 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 2351efcd67c21d2d42133df54c592486\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:300,400,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:39.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"04:E6:D3:58:E3:A1:E3:05:2B:C3:56:5D:68:BB:1B:0A:08:C6:E3:FB","sha256":"25:4C:B3:A3:9A:E1:D7:FD:25:B6:BF:E9:AA:97:95:20:5D:F2:15:EA:41:46:B6:6B:01:17:19:26:EC:EF:D3:CA"}}},"request":{"raw":"GET /css?family=Roboto:300,400,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 12 Oct 2025 16:14:39 GMT\r\ndate: Sun, 12 Oct 2025 16:14:39 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"a90fc2bf15e304ef3fa4e7f75b6a8608","sha1":"0f8c2853b49a7c206d75af99117482d80a60f869","sha256":"6e10be4b6befecf6f3d1ae34b727939e6da334a1f2d815fd325ba9c455520772","sha512":"0d1a14e11c436dadf51cc489592867eaff3cae2c4a95748d2a25614c984560ad3588fb95e2aaafd4060d4954594951d09e71ab36e9859fb8590198811f156fc4","ssdeep":"384:pwf5wgwPwrwyUw/qY4+w4wYwpwfMw1wWw6wyhw/qY4XwNwtw4wfdwkwDw3wyQw/P:pc70afUQRptmJKBLfhQE8YTYHw+fQQVl","tlshash":"b472ed91041700009b835ce223cebf35fe5f92117141d0b9abfd9b6badcbc6652693ad","first_seen":"2025-09-08T23:24:40.129975Z","last_seen":"2025-11-18T23:33:55.863403Z","times_seen":3582,"resource_available":false,"data":null}},"time_used":367,"timings":{"blocked":150,"dns":0,"connect":21,"send":0,"wait":64,"receive":0,"ssl":126},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i2.wp.com/image.tmdb.org/t/p/w185/22AouvwlhlXbe3nrFcjzL24bvWH.jpg?resize=160,240","fqdn":"i2.wp.com","domain":"wp.com","tld":"com"},"ip":{"addr":"192.0.77.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:27.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wp.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 19:44:58 GMT","end":"Sat, 03 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"E9:63:7F:0C:6E:C3:A6:C6:27:94:43:17:2D:51:5E:E2:3E:DA:FB:16","sha256":"7A:94:BE:74:03:C4:90:D6:E8:ED:98:EB:0F:DC:60:BE:D8:2A:DF:82:3F:DC:85:70:4F:C1:10:52:E4:F5:75:81"}}},"request":{"raw":"GET /image.tmdb.org/t/p/w185/22AouvwlhlXbe3nrFcjzL24bvWH.jpg?resize=160,240 HTTP/1.1\r\nHost: i2.wp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: nginx\r\ndate: Sun, 12 Oct 2025 16:14:27 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7626\r\nlast-modified: Wed, 10 Sep 2025 21:12:13 GMT\r\nexpires: Sat, 11 Sep 2027 09:12:13 GMT\r\ncache-control: public, max-age=63115200\r\nlink: \u003chttp://image.tmdb.org/t/p/w185/22AouvwlhlXbe3nrFcjzL24bvWH.jpg\u003e; rel=\"canonical\"\r\nx-content-type-options: nosniff\r\netag: \"bca5d9c255827110\"\r\nvary: Accept\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: HIT arn 6\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=HIT;dur=0.0\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD\r\ntiming-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7626,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 160x240, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"4613334ea4e1eec4d4275a082db0f081","sha1":"744369026f0cb6502ba5f73e4947ab5aada076d0","sha256":"e1291e3299fc20de9d9fcbbde1ca942efdb0ca3cbfa99cb7222abbd7fa8096f6","sha512":"7212325eeede04199e168a824c8336ddc9753843f2fea1e895ec413efa9d582508a03f3a120d4436e8c2e49407524e607474f0ff21fb8e251571abec18ddc00e","ssdeep":"192:1xKA/cPUeEtHKzmM7nO+Qct9ws5rPfaZYNUSE:qGHHKQY9wSLU","tlshash":"52f1a0b1a52539f0bf579f50e353cbacb7d2820889d4a578fce6dc808f05f6d0661256","first_seen":"2025-10-01T02:40:43.131681Z","last_seen":"2025-10-12T18:17:20.665193Z","times_seen":3,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"moviesflixcc.com/images/apple-touch-icon.png","fqdn":"moviesflixcc.com","domain":"moviesflixcc.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:27.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moviesflixcc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Oct 2025 12:03:50 GMT","end":"Sun, 04 Jan 2026 12:58:49 GMT"},"fingerprint":{"sha1":"23:C4:EC:15:A1:5B:4F:23:54:7F:72:67:3A:C2:1B:DF:95:BB:BF:BF","sha256":"54:EC:F7:0E:FF:1A:74:7E:5B:38:59:7F:BA:AD:D7:6F:72:48:83:DD:A3:BB:C5:8B:FD:50:FE:76:87:45:AD:EB"}}},"request":{"raw":"GET /images/apple-touch-icon.png HTTP/1.1\r\nHost: moviesflixcc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p\r\nCookie: PHPSESSID=uhp2clrjofpbif2bh1isjno082\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 12 Oct 2025 16:14:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 3938\r\ncache-control: public, max-age=31536000\r\nexpires: Tue, 07 Oct 2025 23:20:37 GMT\r\netag: \"f62-683173dd-4799ca;;;\"\r\nlast-modified: Sat, 24 May 2025 07:23:09 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nage: 19023\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r1BBroBd3HcF4%2BeG3%2BLdEj3M0O8GfvijhCdZ6xfBGvlTLJAxwBNk%2BHtNUb25p58v9u%2B0Ulvzt%2FJ8%2FzJPccXSSwcdJOuok6pMhT8TSVerXrk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98d7e3edce2ab28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3938,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit colormap, non-interlaced","md5":"ca5c9cef9fd2c9b65eaf4ca45c193871","sha1":"5ffd3cbf55fbb25b98857b99a65433b2894ef551","sha256":"b7b7595334fa0fcf9b0fa85ada958d14350286eb0554d7e495a3cf0f71a87451","sha512":"eb4c607459f7ab429a524119f1e9a45ec03a740bb61ae2f4cacb711713105315e67074c12354f294adfaa347ce4f7ed1f5a1bf0a48aefdc4f6e105dfe21ef783","ssdeep":"","tlshash":"91815d6f71bbab4d933d32a9ee379510d49463f574e255c4256d7360008f898a314b73","first_seen":"2025-09-27T22:26:36.926868Z","last_seen":"2026-01-16T18:26:41.199995Z","times_seen":6,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"moviesflixcc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"moviesflixcc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moviesflixcc.com/images/favicon-16x16.png","fqdn":"moviesflixcc.com","domain":"moviesflixcc.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:27.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moviesflixcc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Oct 2025 12:03:50 GMT","end":"Sun, 04 Jan 2026 12:58:49 GMT"},"fingerprint":{"sha1":"23:C4:EC:15:A1:5B:4F:23:54:7F:72:67:3A:C2:1B:DF:95:BB:BF:BF","sha256":"54:EC:F7:0E:FF:1A:74:7E:5B:38:59:7F:BA:AD:D7:6F:72:48:83:DD:A3:BB:C5:8B:FD:50:FE:76:87:45:AD:EB"}}},"request":{"raw":"GET /images/favicon-16x16.png HTTP/1.1\r\nHost: moviesflixcc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p\r\nCookie: PHPSESSID=uhp2clrjofpbif2bh1isjno082\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 12 Oct 2025 16:14:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 445\r\ncache-control: public, max-age=31536000\r\nexpires: Tue, 07 Oct 2025 21:49:26 GMT\r\netag: \"1bd-68317410-4799cc;;;\"\r\nlast-modified: Sat, 24 May 2025 07:24:00 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nage: 22742\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cpFxrtFex3XaAwML94vIn7RJVc6HchUedV4EsTxtLEVJIbNR2qsmaxRwEBhWv4n%2FQMHCn6JpHeVPO8a0ZpG%2Fua%2BTNpv3AO8DfVIlW2kmAeM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98d7e3edce2eb28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":445,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit colormap, non-interlaced","md5":"2bbc008048bbbfc22dcd952082cee925","sha1":"b117f293be029ea5331eefb588995f7899ec4532","sha256":"b24a2b230a7c1cff5a0d7c013c5f0abb7d615541650f65c792be24cdd984609b","sha512":"d56d5db0ae2dad97f417d0fd0925d6877682614d5bb758464d5c4196712c21730423afe7b6a5402c770f3b918e65340e75b906b0ee6368e22ca3610807ca1d27","ssdeep":"","tlshash":"27f023e7f4a1bf39c94f531acf5a1b73fda45784c116f4072210d016003c9484441bc7","first_seen":"2025-09-27T22:26:36.921984Z","last_seen":"2026-01-16T18:26:41.164155Z","times_seen":6,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"moviesflixcc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"moviesflixcc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"18.198.152.110","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:27.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://moviesflixcc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 16:14:27 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://moviesflixcc.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=25eb6e26-07c1-4379-be3e-f81a4a8c0d3f:2:1; expires=Wed, 10 Oct 2035 16:14:27 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"5af851a77a18f75f9f9ce346eddaf9f4","sha1":"8d947d8e2aa70d96df8dbf7702cb6ab39d5f089e","sha256":"e5a0a7ae20747df8d0a727b7d2ba04f498a11407ba9e167d53b0eaceb097be6b","sha512":"5b2e789c2bb7b6f8140788baed24afe4a1e23b343e758c2c407c81175f95610813a3b3b9e24028e20122c08f7a5abbfe313ab592ffa51bc6587bf9099e4e4236","ssdeep":"","tlshash":"1190047044053711f505c1cc71100c50c04cf30d05c01155440d445173753040d04471","first_seen":"2025-10-12T16:14:48.006788Z","last_seen":"2025-10-12T16:14:48.006788Z","times_seen":1,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":84,"dns":0,"connect":21,"send":0,"wait":21,"receive":0,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=25eb6e26-07c1-4379-be3e-f81a4a8c0d3f\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=e2bd3a7998db5837d1a07157565e8746\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=16","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:29.000Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=25eb6e26-07c1-4379-be3e-f81a4a8c0d3f\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=e2bd3a7998db5837d1a07157565e8746\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=16 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 16:14:29 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 1\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 2eaabdca2658d7e3628dfb62e727d6aa\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":662,"timings":{"blocked":281,"dns":1,"connect":93,"send":0,"wait":98,"receive":0,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/other/adzilla/circle/1/img/bg.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:39.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/other/adzilla/circle/1/img/bg.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 16:14:39 GMT\r\ncontent-type: image/png\r\ncontent-length: 1833591\r\nserver: cloudflare\r\nlast-modified: Tue, 09 Sep 2025 11:20:57 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"68c00d99-1bfa77\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 662081\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a%2Fj4QaPblOAca2K3V8n%2Brn4jyD0aIYT53aDpWrX1KNGQoYpsDB40FZQFscH1dAZKPtfAtParYDk2vA7iaIk%2BUR12mj1H2ToxsW3QtGuB\"}]}\r\ncf-ray: 98d7e4364d385694-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1833591,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit/color RGB, non-interlaced","md5":"392588c5480c1810ddddd73d1d13e745","sha1":"90588356ed10d6e14e820d70e94be4796f6990a5","sha256":"36c62f856901bf5ade4340470a6c417e9d8ae05072553c984a8e96b016a6c07b","sha512":"74448a046f61f4638d8d1fff0523ae99f7aac2c2f3432290e14ac9dba87591f9febf753c5bb101ef473fe4f66a3b91d3e209741e9580f67bec3bd1ea290a97e1","ssdeep":"24576:odI7C7ZWi7wKN4Ew/VRBsNJMGxoq2gAbpJkd+aaBX0gGQ:gh780zNRWRBgmGx12gA1Kd+as0gGQ","tlshash":"5a2523f2b1730703e713a1b7afddbd20ce35b3cc2119a36c56f1c9862592e65a187a19","first_seen":"2025-09-13T01:43:14.195424Z","last_seen":"2026-04-03T18:56:22.058832Z","times_seen":113,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":57,"dns":0,"connect":0,"send":0,"wait":13,"receive":138,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/other/adzilla/circle/1/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:39.311Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/other/adzilla/circle/1/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://moviesflixcc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 16:14:39 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 09 Sep 2025 11:26:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TS550%2BYLUEtmHZ0DHiS3%2BSrG0aq8J0gQVJZJQT%2Bf3bbjlDX%2BGSD4FjPTw2g5G1j8sAsHGNP38ivKRGRp3qMYQQiTzcsLK9Gtum%2BSgMv4\"}]}\r\ncf-cache-status: MISS\r\netag: W/\"68c00ecc-23d\"\r\ncontent-encoding: br\r\ncf-ray: 98d7e437ad85569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":573,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"4ad866325b0ec91a23c6b079439dd3aa","sha1":"047474923b9d0514e84fedd7a26aaafd415e66af","sha256":"b5d4dc4d9b998f7f2a11ade797f3966a4e909e9f3115f863513951d4f1fd1794","sha512":"0e7f9c14ad8485aec8405c48d4331586338b749bb4e1e637f88e619c6747716b568994122f0a429c18abc5cf5faff46eed0b0ca0dc23413465edb212fde20de1","ssdeep":"","tlshash":"1bf0422465a402348377d0b661ff6b4f3674661ad1070b0e741c15970fe16f932c6d4b","first_seen":"2025-09-13T01:43:14.203096Z","last_seen":"2026-04-03T18:56:21.878468Z","times_seen":217,"resource_available":false,"data":null}},"time_used":451,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":451,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/86/07/06/86070623d4cea4f671eecb209e80d789.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:27.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /86/07/06/86070623d4cea4f671eecb209e80d789.js HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 16:14:28 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 30010\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 5\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 5027d9ef44403edb617bf0a48dfcc6b0\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":76566,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"94cdc0627d1f7389ec9e5cc24b39eb44","sha1":"8ca4d745a0711df3783d673b0d547110ffb75598","sha256":"33e5b9ddba2562f2bbe6666b1060a7245848e7597061936397f41f2bab9ff1af","sha512":"655e7fdd66d30bd4b2719d73853915ac244fc58103e0dfd365657ac9845f65591106aa8f7ca4d3400ef5ac8bed3d1bc449b48430048fd95eba06ff92c68b99a0","ssdeep":"1536:ic4Bys1/N5gpvcZFr378C1GJWH1EaTmj2w3Oi:gmvcLRGJWH1ECma6","tlshash":"cb73d9883f96b0a403a2b4b3261fd50ef13a4d52658cf4d8da1794d8ed6cf1bfa39914","first_seen":"2025-10-12T16:14:48.016177Z","last_seen":"2025-10-12T16:14:48.016177Z","times_seen":1,"resource_available":true,"data":null}},"time_used":652,"timings":{"blocked":265,"dns":0,"connect":0,"send":0,"wait":110,"receive":92,"ssl":185},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Fother%2Fadzilla%2Fcircle%2F1%2Findex.html\u0026l=1494\u0026fd=188","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:38.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Fother%2Fadzilla%2Fcircle%2F1%2Findex.html\u0026l=1494\u0026fd=188 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 12 Oct 2025 16:14:39 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":765,"timings":{"blocked":329,"dns":0,"connect":93,"send":0,"wait":105,"receive":0,"ssl":236},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/other/adzilla/circle/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:39.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/other/adzilla/circle/1/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 16:14:39 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 09 Sep 2025 11:20:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zZ3CeGnI%2BcG1QEfFUWKT1WxIVeLZoUpYomnI8zLHvY2VI%2F8d3Sf7TO19%2BDhBOPmPnzHhtGhAibgQKV5E6KmU%2B79OGhTX6kvZz4IsWtA2\"}]}\r\nage: 1348835\r\ncf-cache-status: HIT\r\netag: W/\"68c00d9b-15d94\"\r\ncontent-encoding: br\r\ncf-ray: 98d7e436edcf5694-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89492,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-04-03T18:56:22.048855Z","times_seen":6515,"resource_available":true,"data":null}},"time_used":360,"timings":{"blocked":148,"dns":4,"connect":1,"send":0,"wait":58,"receive":0,"ssl":145},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Fother%2Fadzilla%2Fcircle%2F1%2Fcss%2Fstyle.css\u0026l=7541\u0026fd=679","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:39.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Fother%2Fadzilla%2Fcircle%2F1%2Fcss%2Fstyle.css\u0026l=7541\u0026fd=679 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 12 Oct 2025 16:14:39 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/sbs?c=1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:39.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNTI0MzkxNiwiayI6IjdkMTNiMjVkNDUyODBmMGJhNzJhYzVlZmZmYmEwMzM0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0NTA5OTU1LCJwaWQiOjEwOTExODMsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjoyMywicHQiOjQsInBrIjoiYzluZXY2NnhnIiwiY3BrcyI6eyIyOCI6ImUyYmQzYTc5OThkYjU4MzdkMWEwNzE1NzU2NWU4NzQ2IiwiMjkiOiI4NjA3MDYyM2Q0Y2VhNGY2NzFlZWNiMjA5ZTgwZDc4OSJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbW92aWVzZmxpeGNjLmNvbS9tb3ZpZS9oYXJyeS1wb3R0ZXItYW5kLXRoZS1jaGFtYmVyLW9mLXNlY3JldHNfYjUzLz92b2Q9MTA4MHAiLCJhciI6W119fQ.vLNTvbggSrlNljzY_bOj7rEohoxY0vhYxB6Rl9icLPI; uid_id2=25eb6e26-07c1-4379-be3e-f81a4a8c0d3f:2:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl25243916=1; pdhtkv29=true; uncs29=1; u_pl26790048=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 16:14:40 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":661,"timings":{"blocked":282,"dns":1,"connect":92,"send":0,"wait":93,"receive":0,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:28.350Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:07:02 GMT","end":"Sat, 29 Nov 2025 00:07:01 GMT"},"fingerprint":{"sha1":"AD:4F:15:9E:60:62:A7:16:BA:4B:37:64:C6:01:6B:2B:99:47:89:BE","sha256":"44:74:EA:98:35:48:9C:28:63:20:61:17:18:F6:2B:0A:57:68:36:F4:EF:B0:67:1E:C0:7C:41:30:13:2C:02:F1"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 16:14:28 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a883f377e95a303a20a1ffbfb09d9242\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":133,"timings":{"blocked":57,"dns":1,"connect":18,"send":0,"wait":17,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moviesflixcc.com/index.js","fqdn":"moviesflixcc.com","domain":"moviesflixcc.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:27.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moviesflixcc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Oct 2025 12:03:50 GMT","end":"Sun, 04 Jan 2026 12:58:49 GMT"},"fingerprint":{"sha1":"23:C4:EC:15:A1:5B:4F:23:54:7F:72:67:3A:C2:1B:DF:95:BB:BF:BF","sha256":"54:EC:F7:0E:FF:1A:74:7E:5B:38:59:7F:BA:AD:D7:6F:72:48:83:DD:A3:BB:C5:8B:FD:50:FE:76:87:45:AD:EB"}}},"request":{"raw":"GET /index.js HTTP/1.1\r\nHost: moviesflixcc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p\r\nCookie: PHPSESSID=uhp2clrjofpbif2bh1isjno082\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 12 Oct 2025 16:14:27 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 625\r\netag: \"6a7-68e4a9e1-479ce3;br\"\r\nlast-modified: Tue, 07 Oct 2025 05:49:21 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nage: 4028\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yhnEPuLWCy5vEpo22Z3zzXRpnbw%2FM4G0MWPi4q0i31rEKvxFiQ7vVJp3xwN9xqelW1FdBmkaUv0xZ5EKf1Ya%2Fg3lNsWsBz35eQbCsYRDa2s%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98d7e3eb081cb28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1703,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1703), with no line terminators","md5":"cd92ef5b998c0355ad0cd86f8b970665","sha1":"afe43c755b1d579ca905e397a5147986059a0525","sha256":"5db17ee6d0289ca2469fc9d2315338f6a067f717141a4d0f6ff46503c8bcbe4a","sha512":"f227f698f580c0da564996ec8111f2dc756cfc8f471e3262eef6f6b6359fcc86ba0a4d650b0ff0d3a7640c05cd5d35e29bfd3edff1312ecd1d810378f791c060","ssdeep":"","tlshash":"c83123f2a16079330bff46b3704abb18b9b670a77c856007115e74880767d4ac361837","first_seen":"2025-10-11T22:25:16.489085Z","last_seen":"2025-10-12T18:17:20.76428Z","times_seen":3,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"moviesflixcc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"moviesflixcc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i2.wp.com/image.tmdb.org/t/p/w185/gXMnx7C3cufzBHPZynWZLUHOMOT.jpg?resize=160,240","fqdn":"i2.wp.com","domain":"wp.com","tld":"com"},"ip":{"addr":"192.0.77.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:27.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wp.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 19:44:58 GMT","end":"Sat, 03 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"E9:63:7F:0C:6E:C3:A6:C6:27:94:43:17:2D:51:5E:E2:3E:DA:FB:16","sha256":"7A:94:BE:74:03:C4:90:D6:E8:ED:98:EB:0F:DC:60:BE:D8:2A:DF:82:3F:DC:85:70:4F:C1:10:52:E4:F5:75:81"}}},"request":{"raw":"GET /image.tmdb.org/t/p/w185/gXMnx7C3cufzBHPZynWZLUHOMOT.jpg?resize=160,240 HTTP/1.1\r\nHost: i2.wp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: nginx\r\ndate: Sun, 12 Oct 2025 16:14:27 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4962\r\nlast-modified: Sun, 12 Oct 2025 07:54:34 GMT\r\nexpires: Tue, 12 Oct 2027 19:54:34 GMT\r\ncache-control: public, max-age=63115200\r\nlink: \u003chttp://image.tmdb.org/t/p/w185/gXMnx7C3cufzBHPZynWZLUHOMOT.jpg\u003e; rel=\"canonical\"\r\nx-content-type-options: nosniff\r\netag: \"6e6e71505da8ee6d\"\r\nvary: Accept\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: HIT arn 6\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=HIT;dur=1.0\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD\r\ntiming-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4962,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 160x240, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"d0237df319f35d5fb58eafea21062805","sha1":"55ed878d330152fbc74e59d11784bd9ea5ebc898","sha256":"984d066a26a00d561f9d8f836ea510dc16e97e18c91ac930a5ff297508718059","sha512":"e95e1d63eb8841504ee2b613beba6673385838af43295ef7ab4aaa6af32af8e49155630d621373f81f8b664c19f1043e00cd799dfd4ccfa61e8436cb11b24b79","ssdeep":"96:+pOiaXQAzfT172B1sA/hTPeHCjo5CTInp+oyY:+p3EzfT16HhTPeHC85mwQoyY","tlshash":"a6a1afdc99179e2c8da756c99db490e78f7fcc433972aa3d2ff4908109010508a9383f","first_seen":"2025-10-12T16:14:48.027752Z","last_seen":"2025-10-12T18:17:20.625445Z","times_seen":3,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:28.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 16:14:28 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: cdf8111e930f529364659a017f62117d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":159,"timings":{"blocked":60,"dns":0,"connect":17,"send":0,"wait":21,"receive":18,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/ren.gif?sid=H4sIAAAAAAAC_1RTy4sc1Re-1RN-i58LHxF3Qi9cKDg99erqLrMQxxgJ5mUSyUJQbt17a-Y6t-tW7q3HZFbBoARX7S4rqf66M-Mjiv4BQuhxIQSE6axmkdm4FAQRspbuaRg9i3O-U9-3-M6pcz8flUckQEkPr1zUO1IputbtuO1Xb8iM69q2L11ve27HPdO-IbMoPNPenidTveEFYcd9rf2uYFt6zXc91_Vcr31OGpHq7bUFC5k_iL1O7HZCv-N1Q2yb__a2bMFSB7w6Ii9A8tmzv6cfQrIpssGPZ4XdKnT--juDUtFCG1R874NsK9N1hsEJTI2DNNtbqqHtjJB7LehsbzkBdDWZT4BEzkjrpSdIsr2lTSTV_WOniYLIkPBnUFdTCDWFpFMwfQeSHxCAcVy6jGywe0mbmt46ZumcnZFTT_-GrGfk1JMXkQ1-WFdyu31Nq7KQOrPYThvI7SnkxhR5uY9ipwVZ74MVn0Ly38ja0wvIBpPLVmlIfviK3xVJJPxo1e0xbzUMevFqIgKxmvY9GtI-c3mQLlYk0ymobaG0DkrpoEwdlLmDAT9sh24_ZB4NojTmrOeGNAy5SNy477sujVkPJZt7H6LIh2BqCGY--zrnm8VW5QeTwpRit8yY9YOR96D8OFd-1w-D2ItG3u6xaqGZzDUjD7m5jS05hCkfwm42sLwFW8yI836FijeoBUFtCWpKUEuCuiCoq-Y-V9a3zS5Xtky8ZfWXNWjGutgY0fu62BAZATVDGN5MZH7T3gErVsY7qeVjPU80KZoxTXgzyo_I8_N_4tz7tcGWOGz3I7fnRn7AQyZomEY9TwiW-G4s-i7v9WNY2UDaFqh1sCNn5OzBCnI5I8_taiR0H1btg0kHtHwZtG5ANxvsZN-nUg1uytLrKJkKcN0gL06huOWM1BE5Pb56ff3h4jY-On0Tgj0iywAzDXLT4BP5C8GGuju-qmsyuaprS366nBdyIHfo_G6uFbQQ__v2PXGr1oafP2uH37zF5sQcPrgubHGBZlxmG5Z8ty45F-acNkyQn8_bGyK5UtrN9dJkZX7hytvnzg9yI6yVOpuCyhn5_19fgMkZOX2wsngT3YtfgeW3YfMTn1YTJLkDJQmUOPlOkwb2X31ygkf2LjaMA1rcQTZoUJkGlWpA1RC2XBkXuXn05uNgEUiUM06UcSaJMurL4z1Zedju-kkQ9fuRSCOeBjzwAx53XRGHNI7COOyisLPNPx7_-U8AAAD__0JKD8u2BAAA","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:38.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RTy4sc1Re-1RN-i58LHxF3Qi9cKDg99erqLrMQxxgJ5mUSyUJQbt17a-Y6t-tW7q3HZFbBoARX7S4rqf66M-Mjiv4BQuhxIQSE6axmkdm4FAQRspbuaRg9i3O-U9-3-M6pcz8flUckQEkPr1zUO1IputbtuO1Xb8iM69q2L11ve27HPdO-IbMoPNPenidTveEFYcd9rf2uYFt6zXc91_Vcr31OGpHq7bUFC5k_iL1O7HZCv-N1Q2yb__a2bMFSB7w6Ii9A8tmzv6cfQrIpssGPZ4XdKnT--juDUtFCG1R874NsK9N1hsEJTI2DNNtbqqHtjJB7LehsbzkBdDWZT4BEzkjrpSdIsr2lTSTV_WOniYLIkPBnUFdTCDWFpFMwfQeSHxCAcVy6jGywe0mbmt46ZumcnZFTT_-GrGfk1JMXkQ1-WFdyu31Nq7KQOrPYThvI7SnkxhR5uY9ipwVZ74MVn0Ly38ja0wvIBpPLVmlIfviK3xVJJPxo1e0xbzUMevFqIgKxmvY9GtI-c3mQLlYk0ymobaG0DkrpoEwdlLmDAT9sh24_ZB4NojTmrOeGNAy5SNy477sujVkPJZt7H6LIh2BqCGY--zrnm8VW5QeTwpRit8yY9YOR96D8OFd-1w-D2ItG3u6xaqGZzDUjD7m5jS05hCkfwm42sLwFW8yI836FijeoBUFtCWpKUEuCuiCoq-Y-V9a3zS5Xtky8ZfWXNWjGutgY0fu62BAZATVDGN5MZH7T3gErVsY7qeVjPU80KZoxTXgzyo_I8_N_4tz7tcGWOGz3I7fnRn7AQyZomEY9TwiW-G4s-i7v9WNY2UDaFqh1sCNn5OzBCnI5I8_taiR0H1btg0kHtHwZtG5ANxvsZN-nUg1uytLrKJkKcN0gL06huOWM1BE5Pb56ff3h4jY-On0Tgj0iywAzDXLT4BP5C8GGuju-qmsyuaprS366nBdyIHfo_G6uFbQQ__v2PXGr1oafP2uH37zF5sQcPrgubHGBZlxmG5Z8ty45F-acNkyQn8_bGyK5UtrN9dJkZX7hytvnzg9yI6yVOpuCyhn5_19fgMkZOX2wsngT3YtfgeW3YfMTn1YTJLkDJQmUOPlOkwb2X31ygkf2LjaMA1rcQTZoUJkGlWpA1RC2XBkXuXn05uNgEUiUM06UcSaJMurL4z1Zedju-kkQ9fuRSCOeBjzwAx53XRGHNI7COOyisLPNPx7_-U8AAAD__0JKD8u2BAAA HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNTI0MzkxNiwiayI6IjdkMTNiMjVkNDUyODBmMGJhNzJhYzVlZmZmYmEwMzM0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0NTA5OTU1LCJwaWQiOjEwOTExODMsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjoyMywicHQiOjQsInBrIjoiYzluZXY2NnhnIiwiY3BrcyI6eyIyOCI6ImUyYmQzYTc5OThkYjU4MzdkMWEwNzE1NzU2NWU4NzQ2IiwiMjkiOiI4NjA3MDYyM2Q0Y2VhNGY2NzFlZWNiMjA5ZTgwZDc4OSJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbW92aWVzZmxpeGNjLmNvbS9tb3ZpZS9oYXJyeS1wb3R0ZXItYW5kLXRoZS1jaGFtYmVyLW9mLXNlY3JldHNfYjUzLz92b2Q9MTA4MHAiLCJhciI6W119fQ.vLNTvbggSrlNljzY_bOj7rEohoxY0vhYxB6Rl9icLPI; uid_id2=25eb6e26-07c1-4379-be3e-f81a4a8c0d3f:2:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl25243916=1; pdhtkv29=true; uncs29=1; u_pl26790048=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 16:14:38 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: c4b9dd455c261867a132cdb1d52fb11b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/other/adzilla/circle/1/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:38.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/other/adzilla/circle/1/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://moviesflixcc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 16:14:39 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 09 Sep 2025 11:20:53 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"68c00d95-13365\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kxgXokSCIo2ppoN%2B%2FP1rRtW1XCdmkpefRgGS2YoNWplFI0%2Fj08gOW5gd59CbPDlUiFepBm3xghSeJv%2BS9wgjgDy305DWuC%2FhUxXeW67g\"}]}\r\ncf-ray: 98d7e4365c56569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78693,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"5982c5377696d20476871062646b253f","sha1":"8bf2c93fa9ccc908f7df0fb7abb911bbac3e4242","sha256":"4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4","sha512":"92592dac2a817293e8ec1d94bf99df639626a90d524420b01a12210398927c0650cc26fa8e730300096b29961563aa02efb707478c6d51ac8616bb1bde5a0cb2","ssdeep":"384:jvuAuF81dghu3uFlZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uhu7uNKwZiMUL6Vpaj7F","tlshash":"1d731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-02-12T20:28:38Z","last_seen":"2026-04-03T22:31:48.744399Z","times_seen":6218,"resource_available":false,"data":null}},"time_used":491,"timings":{"blocked":173,"dns":4,"connect":4,"send":0,"wait":142,"receive":0,"ssl":164},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Fother%2Fadzilla%2Fcircle%2F1%2Fjs%2Fscript.js\u0026l=573\u0026fd=487","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:39.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Fother%2Fadzilla%2Fcircle%2F1%2Fjs%2Fscript.js\u0026l=573\u0026fd=487 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 16:14:39 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i2.wp.com/image.tmdb.org/t/p/w185/nWBqU5YXmDVJWWEDJ4u3ZSseNVL.jpg?resize=160,240","fqdn":"i2.wp.com","domain":"wp.com","tld":"com"},"ip":{"addr":"192.0.77.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:27.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wp.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 19:44:58 GMT","end":"Sat, 03 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"E9:63:7F:0C:6E:C3:A6:C6:27:94:43:17:2D:51:5E:E2:3E:DA:FB:16","sha256":"7A:94:BE:74:03:C4:90:D6:E8:ED:98:EB:0F:DC:60:BE:D8:2A:DF:82:3F:DC:85:70:4F:C1:10:52:E4:F5:75:81"}}},"request":{"raw":"GET /image.tmdb.org/t/p/w185/nWBqU5YXmDVJWWEDJ4u3ZSseNVL.jpg?resize=160,240 HTTP/1.1\r\nHost: i2.wp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: nginx\r\ndate: Sun, 12 Oct 2025 16:14:27 GMT\r\ncontent-type: image/webp\r\ncontent-length: 6630\r\nlast-modified: Sun, 28 Sep 2025 18:42:08 GMT\r\nexpires: Wed, 29 Sep 2027 06:42:08 GMT\r\ncache-control: public, max-age=63115200\r\nlink: \u003chttp://image.tmdb.org/t/p/w185/nWBqU5YXmDVJWWEDJ4u3ZSseNVL.jpg\u003e; rel=\"canonical\"\r\nx-content-type-options: nosniff\r\netag: \"1adee7023c492ac3\"\r\nvary: Accept\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: HIT arn 6\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=HIT;dur=0.0\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD\r\ntiming-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6630,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 160x240, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8047d0830525eb5c385dab7351f7f0b6","sha1":"a613b78a03b1e556194b81a251d318152b9ce4a8","sha256":"0614afe332e45a6bf5786b03b8f0b90c690733db009cff1ab36d52c3466c2a8a","sha512":"74fd9fca14a66642a1f58a5f84c1e6239b99f191ec2149be99c929a2790566daf3381fc3f1f5681475e24f50a158ae91af391a5c87f6f3572b9b6f8793f0c0dc","ssdeep":"96:BZjwkRhqTBY3Bknb7iTYQylb9zaEFeTyVYrZpxR0+cNjnl10/PH8LbdRrVA/O11w:jnRcFQBPylb9WEA+Vi3cjl+/vw5R1w","tlshash":"b9d19ec6902509d8758804a286c6842bcf467e39d73f7a20c3415aec26b757de23e45e","first_seen":"2025-10-11T22:25:16.532519Z","last_seen":"2025-10-12T18:17:20.652018Z","times_seen":6,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/notifications/other/adzilla/circle/1/index.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:38.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Oct 2025 15:30:46 GMT","end":"Tue, 06 Jan 2026 16:29:13 GMT"},"fingerprint":{"sha1":"CE:BB:4F:68:2C:89:90:90:9F:0D:E4:DC:37:55:B5:DC:41:49:D6:F9","sha256":"52:3F:5E:43:C5:77:DF:EF:E5:AE:11:CA:C1:74:9E:6B:A8:63:B6:7A:C9:7F:8F:58:EF:05:C6:35:2F:C7:D2:9B"}}},"request":{"raw":"GET /sb/notifications/other/adzilla/circle/1/index.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://moviesflixcc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 16:14:38 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Tue, 09 Sep 2025 11:20:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aQOiFrD4Y04IH5cqfByeO58GURc35GzGYdPbjaJW6Op%2BDgfwbLrWpDEjRlHG7wM%2BuKIw%2FyMg3LKyX5wMSONKXnhFjgzUx4%2B2qlUPzCc%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98d7e433e96556ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1494,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"f3adb4ac2becdd37b48ba71c1cb365df","sha1":"3024d48aba1724985dbf4889c88616eb47739f87","sha256":"ee71ecd7ee9e14c3f45c400540ee607bd7c62eb37f0e27a3a62d880719d22ef1","sha512":"d259d3754518ee910c0a3ab553c506057433ef87174860aac83207b9807e160f77c85fea286335f990e0a61e77e6d1bcc1d0ffbad8bc11bce519d2a8dbb0acfc","ssdeep":"","tlshash":"7131c1771cfdd4a720c26163b7312f5ae9c3e503440a25007bfd06644b46e71cf1358a","first_seen":"2025-09-13T01:43:14.192607Z","last_seen":"2026-04-03T18:56:21.960441Z","times_seen":124,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":41,"dns":20,"connect":1,"send":0,"wait":136,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/other/adzilla/circle/1/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:38.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/other/adzilla/circle/1/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://moviesflixcc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 16:14:39 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 09 Sep 2025 11:31:08 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"68c00ffc-1d75\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LshgcL04%2FdfcuvDQQOdbvLTe9bJsep1bxNdlu4RTrrP%2BsYq2ZLkJzKh%2B5GlpJQygzfTsDM5mPqpdIMwdRCRfMSuG3hy26BecoPN2q%2FVQ\"}]}\r\ncf-ray: 98d7e4365c52569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7541,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f02be6ea9fd97a8ea037c7567659dc8c","sha1":"8fcfa4c88a3fb45c1002bdb0071c94315b760780","sha256":"5ac629d1351751b5e8a29fcd75e656b403a221c9786a2479eb08ec6492d01a3c","sha512":"f2641ad1b9dd64f8df86bd812a2acf6c4b13c443a79ee410d45aacf63c85cb227009a505f752323fef9de09bcca74a7f36efcb84724361d6620acd0407240db7","ssdeep":"192:V+H0rVwsR4snMiFEUFpQFhFeBZs2HCSGcEAVN7K7:VgsnMiuUFpQFhFeBZw5z7","tlshash":"2ef155d67bb91a08740bd1a739522b5767294003ab1fdc39abd220acdfc52dd816378b","first_seen":"2025-09-13T01:43:14.200324Z","last_seen":"2026-04-03T18:56:21.954415Z","times_seen":119,"resource_available":false,"data":null}},"time_used":835,"timings":{"blocked":173,"dns":5,"connect":1,"send":0,"wait":487,"receive":0,"ssl":165},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/impr.gif?sid=H4sIAAAAAAAC_1RTy4tcxReu2xN-i58LHxF3Qi9cKDg999UvsxDHGAnmZRLJQlDqVtXtKbv61k3VfXR6FQxKcNXuspLbX3dmfETRP0AIPS6EgDCd1SwyG5eCIELW0j0No2dxzne-7y6-c-6pzyf5EQmQ08MrF_VIKkW3mg23_uoNmXBd2vql63XPbbhn6jdk0grP1IfLZIo3vCBsuK_V3xWsr7d813Ndz_Xq56QRsR5urVTI9EHXa3TdRug3vGaIoflvb_MaLHXAiyPyAiRfPPt7_CEkmyMZ_HhW2H6m09ffGeSKZtqg4HsfJP1ElwkGJzA2DuJkb_01tF0Qcq8GneytJ4AuZssJEMkFqb30BFGyt7aJqLh_7DRSEAki_gzKYg6h5pB0DqbvQPIDAjCOS5eRDHYvaVPSW8cqXaoLcurp35Dlgpx68iKSwQ_bSg7r17TKM6kTi2FcQQ7nkL050nwf2agGWe6DZZ9C8t_I1tMLSAazy1ZpSH74it8UUUv4rU23zbzNMGh3NyMRiM2449GQdpjLg3i1IhnPQW0NuXWQSwd57CBPHQz4YT10OyHzaNCKu5y13ZCGIReR2-34rku7rI2cLb2PkaVjMDUGM5_tpnwn6xezzORilifMTryvjyk_WJG7S9IPJt6D_ONU-U0_DLpea-IhNbfRl2OY_CHsTgXLa7DZgjjvFyh4hVIQlJagpASlJCgzgrKo7nNlfVvtcmXzyFtXf12Daqqz3oTe11lPJATUjGF4NZPpTXsHLNuYjmLLp3qZaJRVUxrxapIekeeX_8S592uFvjisd1pu2235AQ-ZoGHcantCsMh3u6Lj8nanCysrSFsDtQ5GckHOHmwglQvy3K5GRPdh1T6YdEDzl0HLCnSnwij5PpZqcFPmXkPJWIDrCml2CtktZ6KOyOnp1evbD1e38dHpmxDsEVkHmKmQmgqfyF8Ieuru9KouyeyqLi356XKayYEc0eXdXMtoJv737XviVqkNP3_Wjr95iy2FJXxwXdjsAk24THqWfLctORfmnDZMkJ_P2xsiupLbne3cJHl64crb584PUiOslTqZg8oF-f9fX4DJBTl9sLF6E82LX4Glt2HTE59WE0SpAyUJlDjhaVTB_quPTvDE3kXPOKDZHSSDCoWpUKgKVI1h841plppHbz4OVoFIOdNIGWcWKaO-PN6TlYf1OBA-c91Ou-UFnVh4QchZ3OyEXd6ibhAIZHax88fjP_8JAAD__1jQnUa2BAAA","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:39.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTy4tcxReu2xN-i58LHxF3Qi9cKDg999UvsxDHGAnmZRLJQlDqVtXtKbv61k3VfXR6FQxKcNXuspLbX3dmfETRP0AIPS6EgDCd1SwyG5eCIELW0j0No2dxzne-7y6-c-6pzyf5EQmQ08MrF_VIKkW3mg23_uoNmXBd2vql63XPbbhn6jdk0grP1IfLZIo3vCBsuK_V3xWsr7d813Ndz_Xq56QRsR5urVTI9EHXa3TdRug3vGaIoflvb_MaLHXAiyPyAiRfPPt7_CEkmyMZ_HhW2H6m09ffGeSKZtqg4HsfJP1ElwkGJzA2DuJkb_01tF0Qcq8GneytJ4AuZssJEMkFqb30BFGyt7aJqLh_7DRSEAki_gzKYg6h5pB0DqbvQPIDAjCOS5eRDHYvaVPSW8cqXaoLcurp35Dlgpx68iKSwQ_bSg7r17TKM6kTi2FcQQ7nkL050nwf2agGWe6DZZ9C8t_I1tMLSAazy1ZpSH74it8UUUv4rU23zbzNMGh3NyMRiM2449GQdpjLg3i1IhnPQW0NuXWQSwd57CBPHQz4YT10OyHzaNCKu5y13ZCGIReR2-34rku7rI2cLb2PkaVjMDUGM5_tpnwn6xezzORilifMTryvjyk_WJG7S9IPJt6D_ONU-U0_DLpea-IhNbfRl2OY_CHsTgXLa7DZgjjvFyh4hVIQlJagpASlJCgzgrKo7nNlfVvtcmXzyFtXf12Daqqz3oTe11lPJATUjGF4NZPpTXsHLNuYjmLLp3qZaJRVUxrxapIekeeX_8S592uFvjisd1pu2235AQ-ZoGHcantCsMh3u6Lj8nanCysrSFsDtQ5GckHOHmwglQvy3K5GRPdh1T6YdEDzl0HLCnSnwij5PpZqcFPmXkPJWIDrCml2CtktZ6KOyOnp1evbD1e38dHpmxDsEVkHmKmQmgqfyF8Ieuru9KouyeyqLi356XKayYEc0eXdXMtoJv737XviVqkNP3_Wjr95iy2FJXxwXdjsAk24THqWfLctORfmnDZMkJ_P2xsiupLbne3cJHl64crb584PUiOslTqZg8oF-f9fX4DJBTl9sLF6E82LX4Glt2HTE59WE0SpAyUJlDjhaVTB_quPTvDE3kXPOKDZHSSDCoWpUKgKVI1h841plppHbz4OVoFIOdNIGWcWKaO-PN6TlYf1OBA-c91Ou-UFnVh4QchZ3OyEXd6ibhAIZHax88fjP_8JAAD__1jQnUa2BAAA HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNTI0MzkxNiwiayI6IjdkMTNiMjVkNDUyODBmMGJhNzJhYzVlZmZmYmEwMzM0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0NTA5OTU1LCJwaWQiOjEwOTExODMsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjoyMywicHQiOjQsInBrIjoiYzluZXY2NnhnIiwiY3BrcyI6eyIyOCI6ImUyYmQzYTc5OThkYjU4MzdkMWEwNzE1NzU2NWU4NzQ2IiwiMjkiOiI4NjA3MDYyM2Q0Y2VhNGY2NzFlZWNiMjA5ZTgwZDc4OSJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbW92aWVzZmxpeGNjLmNvbS9tb3ZpZS9oYXJyeS1wb3R0ZXItYW5kLXRoZS1jaGFtYmVyLW9mLXNlY3JldHNfYjUzLz92b2Q9MTA4MHAiLCJhciI6W119fQ.vLNTvbggSrlNljzY_bOj7rEohoxY0vhYxB6Rl9icLPI; uid_id2=25eb6e26-07c1-4379-be3e-f81a4a8c0d3f:2:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl25243916=1; pdhtkv29=true; uncs29=1; u_pl26790048=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 16:14:39 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 5\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 472714edf24e891baf7014b3b6007902\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/other/adzilla/circle/1/img/number.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:39.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/other/adzilla/circle/1/img/number.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 16:14:39 GMT\r\ncontent-type: image/png\r\ncontent-length: 1138\r\nlast-modified: Tue, 09 Sep 2025 11:20:55 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X7V9qNHO6VnOYibAoiQS%2B4b2eCMR%2BAurhWQawZ0t6mHaei2fkMMXDKGV98R7m2%2FpUqJltps1pJ1jFgsZ9KMa3w0LQofAFGdddTHoKMPf\"}]}\r\netag: \"68c00d97-472\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 2783743\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98d7e43b9ec90b45-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1138,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced","md5":"9e4414e85c588bf7db195e49c02ab2bb","sha1":"09254e79b255f1b2dfe45adbbe44583a4b433782","sha256":"0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762","sha512":"07925dc4d8f6cc1b9b89d26f2c3a6aa3175279719a0999fd837a20e8b12f443eb521e23b3212227ac1b6dfa2ecfcdd94b7494dd67d9d8b046efdddd185bb9bfc","ssdeep":"","tlshash":"a121f90aeca21be0d7888f0214dc135095da07447f8e280a37b6aa599e1070614451fb","first_seen":"2023-04-09T12:43:14Z","last_seen":"2026-04-03T19:33:07.090963Z","times_seen":2427,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moviesflixcc.com/images/logo.svg","fqdn":"moviesflixcc.com","domain":"moviesflixcc.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:26.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moviesflixcc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Oct 2025 12:03:50 GMT","end":"Sun, 04 Jan 2026 12:58:49 GMT"},"fingerprint":{"sha1":"23:C4:EC:15:A1:5B:4F:23:54:7F:72:67:3A:C2:1B:DF:95:BB:BF:BF","sha256":"54:EC:F7:0E:FF:1A:74:7E:5B:38:59:7F:BA:AD:D7:6F:72:48:83:DD:A3:BB:C5:8B:FD:50:FE:76:87:45:AD:EB"}}},"request":{"raw":"GET /images/logo.svg HTTP/1.1\r\nHost: moviesflixcc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p\r\nCookie: PHPSESSID=uhp2clrjofpbif2bh1isjno082\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 12 Oct 2025 16:14:26 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 4126\r\ncache-control: public, max-age=31536000\r\nexpires: Thu, 09 Oct 2025 11:00:08 GMT\r\netag: \"158f-68315f9b-4799ce;br\"\r\nlast-modified: Sat, 24 May 2025 05:56:43 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nage: 13941\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4qTyCpPj1z8f9APbcJj%2BhHe%2BsJe%2FfpLP02RDWPr%2FHniBqdbYZlL92EbKZpq0jruJwcOWwr1MQ3QXSDLNlZ55z4O%2F7PbKQl82wR%2BG5ZiX6NM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98d7e3ea1d9fb28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":5519,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2ea0bfa580ed51a58848ed261a312c43","sha1":"599b1d734abb534f77851eb5c702d98f842a1248","sha256":"5eb59bf75d6e380bee8725b886daa9bfa728e8db6a5a20d14aa6b4bb5ffad68e","sha512":"90bb031e92381b3353673c6965d59f9995abdb1ebce7e4559dac6ae6bfd72571af97e75f8e0019d74445820d5b6fbf9c2d6a1a60cbf447dd72ff09738b11e8bb","ssdeep":"96:+Sk3kQc+UrIRNNdMoPj7sdx23/Cfm7yp5eGEMdBdZqn438TZZJKTZ:Bk3BXBMEjzvhWpMGEMdL4n4MN4","tlshash":"36b18c3921c5186a85b712203641fc36a82f51207dcd2382fe21b23e81d8d7eb476c21","first_seen":"2025-09-27T22:26:36.912442Z","last_seen":"2026-01-16T18:26:41.198344Z","times_seen":6,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"moviesflixcc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"moviesflixcc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.833918686264.js?dev=e\u0026key=7d13b25d45280f0ba72ac5efffba0334\u0026kw=%5B%22harry%22%2C%22potter%22%2C%22and%22%2C%22the%22%2C%22chamber%22%2C%22of%22%2C%22secrets%22%2C%22full%22%2C%22movie%22%2C%22watch%22%2C%22online%22%2C%22on%22%2C%22sflix%22%2C%22to%22%5D\u0026pst=1760285728\u0026rb=\u0026refer=https%3A%2F%2Fmoviesflixcc.com%2Fmovie%2Fharry-potter-and-the-chamber-of-secrets_b53%2F%3Fvod%3D1080p\u0026res=14.3095\u0026rmtc=t\u0026shu=6d2cc03cc72c8a0c5931088eb28e6081521e7313f7cf94cb5e1f59655c5eac49a75ffc2f3cba8effcdd0de2071c4a15739c95e2fd5af5b6d8042d04a38dcf5d9b54477bd38e460ad51b6269e3d034ce237572e32761f6268673043\u0026tz=0\u0026uuid=25eb6e26-07c1-4379-be3e-f81a4a8c0d3f%3A2%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:28.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.833918686264.js?dev=e\u0026key=7d13b25d45280f0ba72ac5efffba0334\u0026kw=%5B%22harry%22%2C%22potter%22%2C%22and%22%2C%22the%22%2C%22chamber%22%2C%22of%22%2C%22secrets%22%2C%22full%22%2C%22movie%22%2C%22watch%22%2C%22online%22%2C%22on%22%2C%22sflix%22%2C%22to%22%5D\u0026pst=1760285728\u0026rb=\u0026refer=https%3A%2F%2Fmoviesflixcc.com%2Fmovie%2Fharry-potter-and-the-chamber-of-secrets_b53%2F%3Fvod%3D1080p\u0026res=14.3095\u0026rmtc=t\u0026shu=6d2cc03cc72c8a0c5931088eb28e6081521e7313f7cf94cb5e1f59655c5eac49a75ffc2f3cba8effcdd0de2071c4a15739c95e2fd5af5b6d8042d04a38dcf5d9b54477bd38e460ad51b6269e3d034ce237572e32761f6268673043\u0026tz=0\u0026uuid=25eb6e26-07c1-4379-be3e-f81a4a8c0d3f%3A2%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://moviesflixcc.com\r\nReferer: https://moviesflixcc.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNTI0MzkxNiwiayI6IjdkMTNiMjVkNDUyODBmMGJhNzJhYzVlZmZmYmEwMzM0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0NTA5OTU1LCJwaWQiOjEwOTExODMsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjoyMywicHQiOjQsInBrIjoiYzluZXY2NnhnIiwiY3BrcyI6eyIyOCI6ImUyYmQzYTc5OThkYjU4MzdkMWEwNzE1NzU2NWU4NzQ2IiwiMjkiOiI4NjA3MDYyM2Q0Y2VhNGY2NzFlZWNiMjA5ZTgwZDc4OSJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbW92aWVzZmxpeGNjLmNvbS9tb3ZpZS9oYXJyeS1wb3R0ZXItYW5kLXRoZS1jaGFtYmVyLW9mLXNlY3JldHNfYjUzLz92b2Q9MTA4MHAiLCJhciI6W119fQ.vLNTvbggSrlNljzY_bOj7rEohoxY0vhYxB6Rl9icLPI\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 16:14:28 GMT\r\nContent-Type: text/html\r\nContent-Length: 3276\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://moviesflixcc.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=25eb6e26-07c1-4379-be3e-f81a4a8c0d3f:2:1; expires=Sun, 19 Oct 2025 16:14:28 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Mon, 13 Oct 2025 16:14:28 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Mon, 13 Oct 2025 16:14:28 GMT; path=/; secure; SameSite=None\npdhtkv23=true; expires=Mon, 13 Oct 2025 16:14:28 GMT; path=/; secure; SameSite=None\nuncs23=1; expires=Mon, 13 Oct 2025 16:14:28 GMT; path=/; secure; SameSite=None\nu_pl25243916=1; expires=Mon, 13 Oct 2025 16:14:28 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 20\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3c1d0d3e8a5cb1437ac816ea722fec53\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4838,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3962)","md5":"d2f5007a371f0a71431ac45e928c9bbd","sha1":"a5599a13549336875446e1041687310a0a9ba6e0","sha256":"f7693362799f1b7286ceb859ff8b078d9e8c4307376265df934abdd97c608d44","sha512":"d761e32c5fb11209dfad0d8f1534b32676c9504bf6842497c7b3b046ff69fdddcfd9bf5fc220d24aeaa2fa8aa2873a24205c4546a37dd7de367cb44263f41b1d","ssdeep":"96:AoznEN4Hz6GdH0j6kjyQ/0Z90mPSKErqrszgxk1/D+CfMEDaH:JzBmGts6frE8sz2cb+CkCaH","tlshash":"74a118799d8990749adbb0be28bb6128bd15510f7a09dc067e4db2060f14bb44fe8ca8","first_seen":"2025-10-12T16:14:48.055322Z","last_seen":"2025-10-12T16:14:48.055322Z","times_seen":1,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":114,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/7a/46/02/7a4602835f3f38811ae9549a1e65af83/1756656897.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:28.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/7a/46/02/7a4602835f3f38811ae9549a1e65af83/1756656897.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 16:14:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 64738\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:14:58 GMT\r\netag: \"68b47502-fce2\"\r\nexpires: Tue, 14 Oct 2025 16:14:28 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64738,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 15:43:55], progressive, precision 8, 728x90, components 3","md5":"a2b837691ec08bb81b1f2ad3a31ad6c2","sha1":"0ffac46d2256df762ecf0fe356f5f2c5e25635aa","sha256":"571690e4918f9915606cb6dd208c40161bf0a9a66f1fdc186a2f1b6c3cec0508","sha512":"55926574ca9f39d09424e6e6a9f5af97cda6263ea9fe75f0422085f5495dc9f0b01a928bd435278e651678d8b2dce587e7b0475f3bdf7a1f061872be165a8b59","ssdeep":"768://CXip/CD8YyBd6tQ/rC2wUKjyZe9AgBmC9wCUgaDur+TREUM64BHkye1KBZc57x:6892aGqmDBmc90Dg+y+4ZcUrANdN","tlshash":"e453f1a5ab56de21fcf056749ae0c2d31512b995d7a33a0238ec3645bf6a3d5cc0d30b","first_seen":"2025-09-02T16:44:03.401678Z","last_seen":"2026-04-01T19:59:02.435848Z","times_seen":641,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":45,"dns":1,"connect":19,"send":0,"wait":19,"receive":44,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Fother%2Fadzilla%2Fcircle%2F1%2Fcss%2Fanimate.css\u0026l=78693\u0026fd=335","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:39.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Fother%2Fadzilla%2Fcircle%2F1%2Fcss%2Fanimate.css\u0026l=78693\u0026fd=335 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 12 Oct 2025 16:14:39 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":137,"timings":{"blocked":40,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vjs.zencdn.net/8.5.2/video.min.js","fqdn":"vjs.zencdn.net","domain":"zencdn.net","tld":"net"},"ip":{"addr":"151.101.130.217","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:26.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"vjs.zencdn.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2024 Q4","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 07 Jan 2025 21:56:05 GMT","end":"Sun, 08 Feb 2026 21:56:04 GMT"},"fingerprint":{"sha1":"22:88:1F:07:1F:92:14:54:4B:E7:66:41:59:BF:5D:37:AF:C0:31:C7","sha256":"D8:1B:9B:E3:C9:29:CD:95:A8:5F:41:02:B8:20:F7:4E:F9:81:86:30:1D:9D:00:5B:98:B8:5F:02:07:B5:0F:7A"}}},"request":{"raw":"GET /8.5.2/video.min.js HTTP/1.1\r\nHost: vjs.zencdn.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 14 Aug 2023 19:19:45 GMT\r\netag: \"5c57702003ba74cfddceaabd7080025c\"\r\nx-amz-server-side-encryption: AES256\r\ncontent-type: text/javascript\r\ncontent-encoding: gzip\r\ndate: Sun, 12 Oct 2025 16:14:26 GMT\r\nx-served-by: cache-hel1410027-HEL\r\nx-cache: HIT\r\nx-cache-hits: 1\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\ncontent-length: 174441\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":595636,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65142)","md5":"5c57702003ba74cfddceaabd7080025c","sha1":"56d3ab846dc40211487bbe39e8a23b2f49fbf5b6","sha256":"ae02049b08cb94f5288b8f912cbe32dc1eeb4247a02208985b03210688140708","sha512":"0f5a036eedd03d56ac696d47d4e4438bfb55ec7d45970151a57bc53be9fa54fe8a77a8e5f4c09802df723c181fd48131a1fab4fdb4b8325130f55b26c3c6b1ab","ssdeep":"6144:P4BORPNGzTx/o6v/NHSwyHu/SdnNUpbYw8jwbUkY5p/J8qIvAMI9pmcOELTmhPNX:P44RPNL6ryHu/w3/J8BogELTm","tlshash":"3ec43b953394613342da90a7946f4302723a9d6d6808c06cfa3dfeda2de4e49b17bf74","first_seen":"2023-09-04T19:30:39Z","last_seen":"2026-04-01T17:08:51.0752Z","times_seen":272,"resource_available":true,"data":null}},"time_used":257,"timings":{"blocked":103,"dns":19,"connect":27,"send":0,"wait":15,"receive":33,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i2.wp.com/image.tmdb.org/t/p/w185/qPJzcYR2f1O1uynYBCVPPJuOiAH.jpg?resize=160,240","fqdn":"i2.wp.com","domain":"wp.com","tld":"com"},"ip":{"addr":"192.0.77.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:27.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wp.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 19:44:58 GMT","end":"Sat, 03 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"E9:63:7F:0C:6E:C3:A6:C6:27:94:43:17:2D:51:5E:E2:3E:DA:FB:16","sha256":"7A:94:BE:74:03:C4:90:D6:E8:ED:98:EB:0F:DC:60:BE:D8:2A:DF:82:3F:DC:85:70:4F:C1:10:52:E4:F5:75:81"}}},"request":{"raw":"GET /image.tmdb.org/t/p/w185/qPJzcYR2f1O1uynYBCVPPJuOiAH.jpg?resize=160,240 HTTP/1.1\r\nHost: i2.wp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: nginx\r\ndate: Sun, 12 Oct 2025 16:14:27 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5312\r\nlast-modified: Thu, 04 Sep 2025 19:54:45 GMT\r\nexpires: Sun, 05 Sep 2027 07:54:45 GMT\r\ncache-control: public, max-age=63115200\r\nlink: \u003chttp://image.tmdb.org/t/p/w185/qPJzcYR2f1O1uynYBCVPPJuOiAH.jpg\u003e; rel=\"canonical\"\r\nx-content-type-options: nosniff\r\netag: \"79463ca7024f4133\"\r\nvary: Accept\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: HIT arn 6\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=HIT;dur=0.0\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD\r\ntiming-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5312,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 160x240, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ac32b4fd1d0088805638ff1f19a10d87","sha1":"5b1de0cf8c00a815b68e2336b1c1abf529325f75","sha256":"75d079632470f39b32b9b6118b45804fd405c1d83408599bf15a4fee3bd38b90","sha512":"00bed478473d8d8cf0096b5b4d8e1c53eea5fe2200a0ff8eccbd9bf48b99f457073ec6c6625b38c26ab0ba92cad9661b2c1e39a74e4417472875306c790a5cda","ssdeep":"96:qTo9oFFbzyDF2ycc7lCC6OUFf39ouJa4SaPwmkTw:qTo9A8HZ7lfraPhF","tlshash":"8bb18f726c9d92f61b5128002ff56751d60a8684dea1dcf516c3bb6c720511468eff88","first_seen":"2025-10-01T02:40:43.120614Z","last_seen":"2025-10-16T20:54:43.503536Z","times_seen":8,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:27.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 16:14:28 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3430\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: dfd233563cf7304d9e6b85526638ae90\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6293,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6293), with no line terminators","md5":"6062294451a7a581dc74178c7c5a1332","sha1":"c8e09f671561b72bdae9fd3cfeea799629430105","sha256":"c556ffdcc50d996a51234a1dec5ae85925ffa13c788b800be900dc5eb1344d79","sha512":"5b4bcb7d6530bfa8d33d4c769d0934938af4e7842a518556021ed900fad8a06bc39c2d35494586adf34e4d6fe19095b2d41c726b8214746527e04cec9e910594","ssdeep":"192:M/H3P83adOwGuABXfKOBPpzbo3j3rFuuV6:MP/83adOwWp0j3Buz","tlshash":"fbd1a8dc768070800be7e97f776f651ab06a58501c4fe491f003a9e83d6872ed63eac1","first_seen":"2025-09-26T11:10:49.483616Z","last_seen":"2025-10-14T12:32:44.197235Z","times_seen":1614,"resource_available":true,"data":null}},"time_used":683,"timings":{"blocked":295,"dns":4,"connect":93,"send":0,"wait":99,"receive":0,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/sbar.json?key=86070623d4cea4f671eecb209e80d789\u0026uuid=25eb6e26-07c1-4379-be3e-f81a4a8c0d3f%3A2%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:38.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /sbar.json?key=86070623d4cea4f671eecb209e80d789\u0026uuid=25eb6e26-07c1-4379-be3e-f81a4a8c0d3f%3A2%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://moviesflixcc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNTI0MzkxNiwiayI6IjdkMTNiMjVkNDUyODBmMGJhNzJhYzVlZmZmYmEwMzM0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0NTA5OTU1LCJwaWQiOjEwOTExODMsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjoyMywicHQiOjQsInBrIjoiYzluZXY2NnhnIiwiY3BrcyI6eyIyOCI6ImUyYmQzYTc5OThkYjU4MzdkMWEwNzE1NzU2NWU4NzQ2IiwiMjkiOiI4NjA3MDYyM2Q0Y2VhNGY2NzFlZWNiMjA5ZTgwZDc4OSJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbW92aWVzZmxpeGNjLmNvbS9tb3ZpZS9oYXJyeS1wb3R0ZXItYW5kLXRoZS1jaGFtYmVyLW9mLXNlY3JldHNfYjUzLz92b2Q9MTA4MHAiLCJhciI6W119fQ.vLNTvbggSrlNljzY_bOj7rEohoxY0vhYxB6Rl9icLPI; uid_id2=25eb6e26-07c1-4379-be3e-f81a4a8c0d3f:2:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl25243916=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 16:14:38 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4447\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://moviesflixcc.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=25eb6e26-07c1-4379-be3e-f81a4a8c0d3f:2:1; expires=Sun, 19 Oct 2025 16:14:38 GMT; path=/; secure; SameSite=None\nuncs=2; expires=Mon, 13 Oct 2025 16:14:38 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Mon, 13 Oct 2025 16:14:38 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Mon, 13 Oct 2025 16:14:38 GMT; path=/; secure; SameSite=None\nu_pl26790048=1; expires=Mon, 13 Oct 2025 16:14:38 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 213\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 427f5c33e000f8f4e842a6b2db087558\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5731,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"11bea267071a64b0833b65e2662ba876","sha1":"ecb07acafa3b2897968d86ae1c8f84bc4e89b111","sha256":"61180dfda992fb9d7f919375bce548bcdf5ab684da8830878c2f4e1de70bf307","sha512":"b1dca1d270edab4824fa14be45f8628168b203f930d03b5ba793115134eb59a17f7558a71ad29e8309a2d6f1290d8990937d5284ccad56995a2741d6a82ec2e7","ssdeep":"96:9zFnEwyINLhIXhP9FY4O4nRMluq7Qczq8gGF2bTap5w4TWQJ:9zRECN+RP9FY4TnRPqkoq742bTap5V","tlshash":"64c17ebe52067cc813a39f8958476e6c3c9a959afcb884d2d16347fe042512cea524af","first_seen":"2025-10-12T16:14:48.071997Z","last_seen":"2025-10-12T16:14:48.071997Z","times_seen":1,"resource_available":false,"data":null}},"time_used":310,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":310,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/other/adzilla/circle/1/img/arrow.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:39.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/other/adzilla/circle/1/img/arrow.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 12 Oct 2025 16:14:39 GMT\r\ncontent-type: image/png\r\ncontent-length: 1797\r\nlast-modified: Tue, 09 Sep 2025 11:20:56 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1A4S%2BAgQJA%2FApy4fNm%2Fr9d7bKTqFlUR5vElzeQSbtMR05D3hEhkE8IpiQ0ceQqP2OX7mfIPjUE0C9oLmtBGMEka7G6ATOYBfqUxhBkcM\"}]}\r\netag: \"68c00d98-705\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 744561\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 98d7e43b9ec80b45-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1797,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 52 x 81, 8-bit/color RGBA, non-interlaced","md5":"a5575f8ed4eae0b1af626eac9b213e2c","sha1":"bc2cadbc99883425c2217c2c50f6eb220c7514c6","sha256":"392b7c3a43b140065cde20fea33c4dfeaef6a2c8fd360fca477c827977a8b8f6","sha512":"876de5d376929f3b507b002d5e58db0235f5323644117a109438fcc6940f9e546f06618a6a0d7ebc4d2f6a8fb77d3f7dc710680d78a36c45d29ab33fb538ab65","ssdeep":"","tlshash":"a631e60efe125c113688de019dc0b167af3387b49a81ac55fcdd8807a0b01fa8e4c6db","first_seen":"2025-09-13T01:43:14.18388Z","last_seen":"2026-04-03T18:56:22.021348Z","times_seen":107,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:39.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://moviesflixcc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 12:56:02 GMT\r\nexpires: Fri, 09 Oct 2026 12:56:02 GMT\r\ncache-control: public, max-age=31536000\r\nage: 271118\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-03T22:29:59.391883Z","times_seen":713237,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":90,"dns":0,"connect":20,"send":0,"wait":21,"receive":26,"ssl":69},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vjs.zencdn.net/8.5.2/video-js.css","fqdn":"vjs.zencdn.net","domain":"zencdn.net","tld":"net"},"ip":{"addr":"151.101.130.217","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:26.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"vjs.zencdn.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2024 Q4","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 07 Jan 2025 21:56:05 GMT","end":"Sun, 08 Feb 2026 21:56:04 GMT"},"fingerprint":{"sha1":"22:88:1F:07:1F:92:14:54:4B:E7:66:41:59:BF:5D:37:AF:C0:31:C7","sha256":"D8:1B:9B:E3:C9:29:CD:95:A8:5F:41:02:B8:20:F7:4E:F9:81:86:30:1D:9D:00:5B:98:B8:5F:02:07:B5:0F:7A"}}},"request":{"raw":"GET /8.5.2/video-js.css HTTP/1.1\r\nHost: vjs.zencdn.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 14 Aug 2023 19:19:45 GMT\r\netag: \"5ab208d3bab70b358a161b703e64c142\"\r\nx-amz-server-side-encryption: AES256\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\ndate: Sun, 12 Oct 2025 16:14:26 GMT\r\nx-served-by: cache-hel1410027-HEL\r\nx-cache: HIT\r\nx-cache-hits: 1\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\ncontent-length: 12713\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":51834,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7288)","md5":"5ab208d3bab70b358a161b703e64c142","sha1":"c85db9249531d1e346afac28b0b601e12e51ae41","sha256":"7428b35084adf295596597d74bd5dc0974d214cdd1854a0ef815d334e113315f","sha512":"c0e424b3313a12033403aa76b9c37b4af97643f67cbbfaa7a1a7cb4d723826d3c4dd15ba3c124eca579c6beaaa3c8e77ca971328bea8b2d3d0d6a80415ed6546","ssdeep":"768:8VGmgN6zb1wizpU0uKG8MP9RkKKhljtoaIW:/mgs9Xzpz51MP9RkKKhljtoav","tlshash":"41337680b4b9cee4026d8080fec2db21672df459cd89ecac97e3395c9ee924575627cd","first_seen":"2023-09-17T15:52:36Z","last_seen":"2026-04-01T17:08:51.060692Z","times_seen":162,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":67,"dns":20,"connect":13,"send":0,"wait":15,"receive":3,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"moviesflixcc.com/sflix/js/app.min.movie.js","fqdn":"moviesflixcc.com","domain":"moviesflixcc.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:27.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moviesflixcc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Oct 2025 12:03:50 GMT","end":"Sun, 04 Jan 2026 12:58:49 GMT"},"fingerprint":{"sha1":"23:C4:EC:15:A1:5B:4F:23:54:7F:72:67:3A:C2:1B:DF:95:BB:BF:BF","sha256":"54:EC:F7:0E:FF:1A:74:7E:5B:38:59:7F:BA:AD:D7:6F:72:48:83:DD:A3:BB:C5:8B:FD:50:FE:76:87:45:AD:EB"}}},"request":{"raw":"GET /sflix/js/app.min.movie.js HTTP/1.1\r\nHost: moviesflixcc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p\r\nCookie: PHPSESSID=uhp2clrjofpbif2bh1isjno082\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 12 Oct 2025 16:14:27 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 21414\r\netag: \"ee23-6828444a-4799d9;br\"\r\nlast-modified: Sat, 17 May 2025 08:09:46 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nage: 6625\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VMue2LD5H6St%2B%2B%2Bzxei%2FnBWbq%2Bj4qwBuBBlx8bR1zQCx2pFod0%2Bmd7xCE8tQrKjoSdTbXQ59m%2BixA0zzU2c9i1TyLlLjsG%2F4YG2g9HKCCn8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98d7e3eafffeb28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":60963,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (60020)","md5":"a041f3d037429d7fd637ea3006664b97","sha1":"036e6d191cc5e1c97f44cc9a29f785b902da3839","sha256":"4e48cbf8c9ef4452af01099b147c30a2f8d6cff0391d986c8b01985892ca7755","sha512":"5758327c504a5294332e4da7607fe76e273f1422bdb6c3b4a3be6e3c580176a0261bb252db84a70c4f27b3a860cf392eef34da0b1e2e69678f0b20cbb97618c4","ssdeep":"1536:tl9OdarIEPD1NnpyjRbUYPseivjhWXch8SeYJD1rPcczQmV/8+aso:bprIMft+czQmVE+aT","tlshash":"ba5318893195b4b346ef42e7507b420bf2369c68380e8014b56c9eee3939c967277e7d","first_seen":"2025-08-02T14:17:52.272631Z","last_seen":"2026-03-09T06:28:26.430438Z","times_seen":20,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"moviesflixcc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"moviesflixcc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i2.wp.com/image.tmdb.org/t/p/w185/sdEOH0992YZ0QSxgXNIGLq1ToUi.jpg?resize=160,240","fqdn":"i2.wp.com","domain":"wp.com","tld":"com"},"ip":{"addr":"192.0.77.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:27.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wp.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 19:44:58 GMT","end":"Sat, 03 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"E9:63:7F:0C:6E:C3:A6:C6:27:94:43:17:2D:51:5E:E2:3E:DA:FB:16","sha256":"7A:94:BE:74:03:C4:90:D6:E8:ED:98:EB:0F:DC:60:BE:D8:2A:DF:82:3F:DC:85:70:4F:C1:10:52:E4:F5:75:81"}}},"request":{"raw":"GET /image.tmdb.org/t/p/w185/sdEOH0992YZ0QSxgXNIGLq1ToUi.jpg?resize=160,240 HTTP/1.1\r\nHost: i2.wp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: nginx\r\ndate: Sun, 12 Oct 2025 16:14:27 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8696\r\nlast-modified: Sun, 25 May 2025 17:08:17 GMT\r\nexpires: Wed, 26 May 2027 05:08:17 GMT\r\ncache-control: public, max-age=63115200\r\nlink: \u003chttp://image.tmdb.org/t/p/w185/sdEOH0992YZ0QSxgXNIGLq1ToUi.jpg\u003e; rel=\"canonical\"\r\nx-content-type-options: nosniff\r\netag: \"fe916fc8792cb47f\"\r\nvary: Accept\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: HIT arn 6\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=HIT;dur=1.0\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD\r\ntiming-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8696,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 160x240, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"7d46201ddd2a3690c0e67b172808d6a1","sha1":"5d4d85f13bb6ff37cfc35c9d347d00825cd56b6a","sha256":"61de532d7fc393e95c7d3a72c8acf0668fcfc6297599dcef3ba5be2ca397ac4a","sha512":"a762e26f60f093d68f6a7c56de013991ab57b269e05efb81d0099d8288c972acae6350bad528606fa2a6da244ab2785863b08298961525ef4061b225834d2dc7","ssdeep":"192:TQSZURZTleFwGi54v37thAV5rbZ+p5d/gCr3jAIh71q3f9Qp8EOO:TJZURf884v37ty5vZ+pZrEi1q3ct","tlshash":"4302a05f5b771e8aabe42d186193ffe461478fcd21ccec562321124f4654b09341e4fa","first_seen":"2025-10-12T16:14:48.091934Z","last_seen":"2025-10-12T16:14:48.091934Z","times_seen":1,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i2.wp.com/image.tmdb.org/t/p/w185/31S2ISsDtbnxb0kuXZl1SxSMD0K.jpg?resize=160,240","fqdn":"i2.wp.com","domain":"wp.com","tld":"com"},"ip":{"addr":"192.0.77.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:27.360Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wp.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 19:44:58 GMT","end":"Sat, 03 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"E9:63:7F:0C:6E:C3:A6:C6:27:94:43:17:2D:51:5E:E2:3E:DA:FB:16","sha256":"7A:94:BE:74:03:C4:90:D6:E8:ED:98:EB:0F:DC:60:BE:D8:2A:DF:82:3F:DC:85:70:4F:C1:10:52:E4:F5:75:81"}}},"request":{"raw":"GET /image.tmdb.org/t/p/w185/31S2ISsDtbnxb0kuXZl1SxSMD0K.jpg?resize=160,240 HTTP/1.1\r\nHost: i2.wp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: nginx\r\ndate: Sun, 12 Oct 2025 16:14:27 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7694\r\nlast-modified: Mon, 06 Oct 2025 06:51:41 GMT\r\nexpires: Wed, 06 Oct 2027 18:51:41 GMT\r\ncache-control: public, max-age=63115200\r\nlink: \u003chttp://image.tmdb.org/t/p/w185/31S2ISsDtbnxb0kuXZl1SxSMD0K.jpg\u003e; rel=\"canonical\"\r\nx-content-type-options: nosniff\r\netag: \"985bafa4fbf0a1bc\"\r\nvary: Accept\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: HIT arn 6\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=HIT;dur=1.0\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD\r\ntiming-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7694,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 160x240, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"40d7d75649a296f66ff0ca085c426d40","sha1":"e04b3b707c4bccba22a82c0ccef0867e337a815f","sha256":"34a66ebd60621594f9ce189a4dd849cdac99981040dcc6d2007aa07490cb6210","sha512":"138b9d2bc0c7b1d3314a1890318c05610840a55cc5ef2a038332eceb0473425ab3c56793f0f33c5c83bcd6fa54032afc7453d2fed83a09e7ff91f959c306bd2b","ssdeep":"192:DObq9WplWoBog7xkZcEYvgv7lkv4JViDQX+G8BH:DQqzoBz1ZCv7uv4XiDL7BH","tlshash":"4af1ae33959726f1ef2a5a9b55013a028f1186d31ef3c7b5f18a2024ecede8c5a63045","first_seen":"2025-10-11T22:25:16.529989Z","last_seen":"2025-10-16T20:54:43.440797Z","times_seen":7,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i2.wp.com/image.tmdb.org/t/p/w185/sIonGSpGNtH72OzbJllPOEMNjVU.jpg?resize=160,240","fqdn":"i2.wp.com","domain":"wp.com","tld":"com"},"ip":{"addr":"192.0.77.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:27.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wp.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 19:44:58 GMT","end":"Sat, 03 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"E9:63:7F:0C:6E:C3:A6:C6:27:94:43:17:2D:51:5E:E2:3E:DA:FB:16","sha256":"7A:94:BE:74:03:C4:90:D6:E8:ED:98:EB:0F:DC:60:BE:D8:2A:DF:82:3F:DC:85:70:4F:C1:10:52:E4:F5:75:81"}}},"request":{"raw":"GET /image.tmdb.org/t/p/w185/sIonGSpGNtH72OzbJllPOEMNjVU.jpg?resize=160,240 HTTP/1.1\r\nHost: i2.wp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: nginx\r\ndate: Sun, 12 Oct 2025 16:14:27 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9556\r\nlast-modified: Fri, 03 Oct 2025 06:16:27 GMT\r\nexpires: Sun, 03 Oct 2027 18:16:27 GMT\r\ncache-control: public, max-age=63115200\r\nlink: \u003chttp://image.tmdb.org/t/p/w185/sIonGSpGNtH72OzbJllPOEMNjVU.jpg\u003e; rel=\"canonical\"\r\nx-content-type-options: nosniff\r\netag: \"38ae48208ced65ac\"\r\nvary: Accept\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: HIT arn 6\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=HIT;dur=0.0\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD\r\ntiming-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9556,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 160x240, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e45f15ddc2c5275a349f6a0b8ab9e464","sha1":"2452d0f963c7861b0d2a5ad6ec89e331baeda846","sha256":"f00a4f818ef160d657528077597bfb8753d9d79a0f417827813d09893809e71e","sha512":"f76e46e1f9a74c87466cc6f1e3855f1cec6e960be4776a400cadeaecc7450ff853ab86c00455f1138b6dc036fcf60fd7108b72ee4d67890c82707608111c533d","ssdeep":"192:Qp1h7MNEkRRRwOSO6RdubFHdlXbLnVFYc/4S1/Xc14mt07akO8Y+v92:O1+77RwS6Rdu9XbBuCJcZ8X92","tlshash":"70129ea50fe0e4e077b20ca93a137cd9ddec82995893c46d8eb38d49889cf550f09e1a","first_seen":"2025-10-11T22:25:16.546995Z","last_seen":"2025-10-16T20:54:43.416338Z","times_seen":7,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/e2/bd/3a/e2bd3a7998db5837d1a07157565e8746.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:27.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /e2/bd/3a/e2bd3a7998db5837d1a07157565e8746.js HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 16:14:28 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 37705\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 761338b88a8a1e588c6f851a42895c3c\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":103866,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"793265fcfbeb5501dcd2b98f61e0e67c","sha1":"904239c6aa50c0900ae188b5bd1b77173c5a8a22","sha256":"fb2f9a7a698344feef1ea12f63d76561f7a3bf392ba2eaa6860cdee7079bfb83","sha512":"a1b4082895d8b02d0e511cd047546e9489776682810426ddf8719de0eada33cea57c8356a366d9525c7f47a9bf0deaf129e6db3c62f950d88c578c027d4faa4e","ssdeep":"1536:tMB7VG1uqPJdd0gUyiT8xYAlNxIQLfkZKbU1FLYpkdWjF:Sp2PagUxT8xYqzkZ1LO","tlshash":"08a3c5487b91f4af1286607b323f911fe1e50f905088e458d147f9e81ebd747ba3aea4","first_seen":"2025-10-12T16:14:48.104488Z","last_seen":"2025-10-12T16:14:48.104488Z","times_seen":1,"resource_available":true,"data":null}},"time_used":761,"timings":{"blocked":284,"dns":1,"connect":94,"send":0,"wait":98,"receive":93,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=25eb6e26-07c1-4379-be3e-f81a4a8c0d3f\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=86070623d4cea4f671eecb209e80d789\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=16","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:28.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=25eb6e26-07c1-4379-be3e-f81a4a8c0d3f\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=86070623d4cea4f671eecb209e80d789\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=16 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 16:14:29 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 1\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: cbb7b059869ebdbdc41ea124605214a6\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":677,"timings":{"blocked":280,"dns":1,"connect":92,"send":0,"wait":115,"receive":0,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/other/adzilla/circle/1/img/close.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.35.3","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:39.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/notifications/other/adzilla/circle/1/img/close.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 16:14:39 GMT\r\ncontent-type: image/png\r\ncontent-length: 5982\r\nserver: cloudflare\r\nlast-modified: Tue, 09 Sep 2025 11:20:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"68c00d98-175e\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 2783745\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sZzHlQLyhEN2%2FtwhdyuofyzM2H4b8j30b9IVJJ6dF51y1%2BM9die37ns9OtEqdCzYjQWMqrt25hPSeEPjdF7n07Fdf6oVIpmYgvKNjDdq\"}]}\r\ncf-ray: 98d7e4364d345694-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5982,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced","md5":"c489ce2c491a22ee37a55e26a92dfd73","sha1":"2fa588ab09e94dd902e5bd24b48f98ad1949c9d6","sha256":"1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd","sha512":"fe6a53296238283eac984b1912bfe7fbbdf5f0692f59f86e7e1ca989555a81be786ff29b9f8644443b2ace8137d412b6d9a92b0edf7f595ddf36058702a2d0d0","ssdeep":"96:FSDZ/I09Da01l+gmkyTt6Hk8nTbo5GZNKEBX97O+co2RF9JNssCgSSiiFr4uolec:FSDS0tKg9E05TAYwEBPwF9JNsTgSSL3C","tlshash":"80c1afeff8a058cf4566b7021c8e4080fbaa713d835536b4d4a092dc958be4a0fd7475","first_seen":"2023-04-05T23:50:36Z","last_seen":"2026-04-03T18:56:21.987759Z","times_seen":4059,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":58,"dns":1,"connect":1,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:28.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 16:14:28 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: c7a005c688ac950f5fac1dc1bd6249b1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":160,"timings":{"blocked":59,"dns":1,"connect":20,"send":0,"wait":22,"receive":18,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","fqdn":"moviesflixcc.com","domain":"moviesflixcc.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-12T16:14:21.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moviesflixcc.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Oct 2025 12:03:50 GMT","end":"Sun, 04 Jan 2026 12:58:49 GMT"},"fingerprint":{"sha1":"23:C4:EC:15:A1:5B:4F:23:54:7F:72:67:3A:C2:1B:DF:95:BB:BF:BF","sha256":"54:EC:F7:0E:FF:1A:74:7E:5B:38:59:7F:BA:AD:D7:6F:72:48:83:DD:A3:BB:C5:8B:FD:50:FE:76:87:45:AD:EB"}}},"request":{"raw":"GET /movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p HTTP/1.1\r\nHost: moviesflixcc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 16:14:26 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-litespeed-cache: miss\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QE96zDAdrHDYsX09%2BFt7Bf9Hie0fSi%2FKCTJX6QTcNYxAvykTK5TB7UmOWi8%2BzqprWOStBJeVliBTiy7XcTIaJcIV97jzS0o1nZr9vqLIsLo%3D\"}]}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nset-cookie: PHPSESSID=uhp2clrjofpbif2bh1isjno082; Path=/\r\ncf-ray: 98d7e3c608520daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":75901,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (65532), with no line terminators","md5":"00592b5caba89c18e75050dfd26f09fb","sha1":"0396a51b16ec40347636e349466050c0ff9b1e3a","sha256":"67e2f1973ee7edabf311609ea95b8f64ccbeea51fa9a82bee833562e47595bb7","sha512":"1c104d7ed5c0b6723a4c22f3ffea993aae1a5e51068524efd4adf430dd73ea255d4cc872b3a096e513a29257a09b7b385b213c3454b2d5286e43ec6a3da5c056","ssdeep":"768:6C6V+IvfiYhMtxaUHvohis/l8uFycdjQ+xCiX4L:6qIvcrohiGTjNxCe4L","tlshash":"e673f9f2e654303f2d638285b0a4fedd955b844acf124f45f0ab63685bc6ed25932acc","first_seen":"2025-10-12T16:14:48.112297Z","last_seen":"2025-10-12T16:14:48.112297Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5653,"timings":{"blocked":37,"dns":19,"connect":1,"send":0,"wait":5578,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"moviesflixcc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"moviesflixcc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i2.wp.com/image.tmdb.org/t/p/w780/1stUIsjawROZxjiCMtqqXqgfZWC.jpg","fqdn":"i2.wp.com","domain":"wp.com","tld":"com"},"ip":{"addr":"192.0.77.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:26.885Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wp.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Oct 2025 19:44:58 GMT","end":"Sat, 03 Jan 2026 19:44:57 GMT"},"fingerprint":{"sha1":"E9:63:7F:0C:6E:C3:A6:C6:27:94:43:17:2D:51:5E:E2:3E:DA:FB:16","sha256":"7A:94:BE:74:03:C4:90:D6:E8:ED:98:EB:0F:DC:60:BE:D8:2A:DF:82:3F:DC:85:70:4F:C1:10:52:E4:F5:75:81"}}},"request":{"raw":"GET /image.tmdb.org/t/p/w780/1stUIsjawROZxjiCMtqqXqgfZWC.jpg HTTP/1.1\r\nHost: i2.wp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 12 Oct 2025 16:14:26 GMT\r\ncontent-type: image/webp\r\ncontent-length: 39216\r\nlast-modified: Sun, 12 Oct 2025 09:47:28 GMT\r\nexpires: Tue, 12 Oct 2027 21:47:28 GMT\r\ncache-control: public, max-age=63115200\r\nlink: \u003chttp://image.tmdb.org/t/p/w780/1stUIsjawROZxjiCMtqqXqgfZWC.jpg\u003e; rel=\"canonical\"\r\nx-content-type-options: nosniff\r\netag: \"88538646928f0326\"\r\nvary: Accept\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: MISS arn 3\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=MISS;dur=24.0\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD\r\ntiming-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":39216,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 780x439, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"517fa20dbad389429dffd9066ddb0760","sha1":"3699179e10203437b00e97bda2c28e8537ac6ef0","sha256":"82a7b3af960e77bb211a039d01a762c104eba73532618d696444c3638992761b","sha512":"f481fcacdbd67b527ed9a87d1c3fa04a3071eab0e9d5674550d133d1aee5942c4c56c22b3459bfa02abcdda9eb6f7e0c79113a32116bc28088a34e224ccbaca0","ssdeep":"768:l8EwTEYcr4GgLS4cs2zryXyzZn87j8gw8/g0XuHr:mEt4GgLS/n0yV87j8d8Yhr","tlshash":"3a03e1be4011476a6d5dbe5f9c469b1141a8b16ac30fd4dcfbda53eacd6842c02af224","first_seen":"2025-10-12T16:14:48.117267Z","last_seen":"2025-10-12T16:14:48.117267Z","times_seen":1,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":25,"dns":1,"connect":7,"send":0,"wait":33,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/7d13b25d45280f0ba72ac5efffba0334/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:27.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 22:02:13 GMT","end":"Thu, 08 Jan 2026 22:02:12 GMT"},"fingerprint":{"sha1":"77:A0:FB:EB:5C:7E:49:7D:87:94:CB:C5:AB:72:11:AE:6F:98:F7:81","sha256":"A3:92:D0:6C:23:66:83:18:50:AC:6C:E2:27:1F:6A:82:CE:FC:2B:6B:7E:B7:B3:EA:B9:6A:56:B2:EC:04:AF:40"}}},"request":{"raw":"GET /7d13b25d45280f0ba72ac5efffba0334/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 16:14:27 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 16378\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d1beb8b7e315d0f50e39b678a77c3cc7\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38459,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (38459), with no line terminators","md5":"810a9f016d248c1d91f2f6c80f761daf","sha1":"6d75161bb599756514634f6563d6638b4049c362","sha256":"811144b4599daba9878e98812e0f82e3a587bcbfbc5ae644901a774479b63506","sha512":"b3feb4386631fa5f3763a022d0fa37f85ce3331654f5dbe7a559325ce6e8ac5a3036fa5a7f3b1847738a3744062bfee2f73aac2450295217d42296c6c0b9d74e","ssdeep":"768:fkqtS14OYZ748I6ngkvLXcj3PKFMrj2W+MB1HF:8qtnO248I6ngpCIj2XMBn","tlshash":"5203b88d3f61b85d0796a033723f840ae6ed4e0458dcd8e8e4076ca0fe68755d4b7ea5","first_seen":"2025-10-12T16:14:48.121755Z","last_seen":"2025-10-12T16:14:48.121755Z","times_seen":1,"resource_available":true,"data":null}},"time_used":788,"timings":{"blocked":300,"dns":14,"connect":92,"send":0,"wait":94,"receive":93,"ssl":192},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.833918686264.js?key=7d13b25d45280f0ba72ac5efffba0334\u0026kw=%5B%22harry%22%2C%22potter%22%2C%22and%22%2C%22the%22%2C%22chamber%22%2C%22of%22%2C%22secrets%22%2C%22full%22%2C%22movie%22%2C%22watch%22%2C%22online%22%2C%22on%22%2C%22sflix%22%2C%22to%22%5D\u0026refer=https%3A%2F%2Fmoviesflixcc.com%2Fmovie%2Fharry-potter-and-the-chamber-of-secrets_b53%2F%3Fvod%3D1080p\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=25eb6e26-07c1-4379-be3e-f81a4a8c0d3f%3A2%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://moviesflixcc.com/movie/harry-potter-and-the-chamber-of-secrets_b53/?vod=1080p","date":"2025-10-12T16:14:27.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.833918686264.js?key=7d13b25d45280f0ba72ac5efffba0334\u0026kw=%5B%22harry%22%2C%22potter%22%2C%22and%22%2C%22the%22%2C%22chamber%22%2C%22of%22%2C%22secrets%22%2C%22full%22%2C%22movie%22%2C%22watch%22%2C%22online%22%2C%22on%22%2C%22sflix%22%2C%22to%22%5D\u0026refer=https%3A%2F%2Fmoviesflixcc.com%2Fmovie%2Fharry-potter-and-the-chamber-of-secrets_b53%2F%3Fvod%3D1080p\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=25eb6e26-07c1-4379-be3e-f81a4a8c0d3f%3A2%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://moviesflixcc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moviesflixcc.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Sun, 12 Oct 2025 16:14:28 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://moviesflixcc.com\r\naccess-control-allow-credentials: true\r\nlocation: https://wayfarerorthodox.com/watch.833918686264.js?dev=e\u0026key=7d13b25d45280f0ba72ac5efffba0334\u0026kw=%5B%22harry%22%2C%22potter%22%2C%22and%22%2C%22the%22%2C%22chamber%22%2C%22of%22%2C%22secrets%22%2C%22full%22%2C%22movie%22%2C%22watch%22%2C%22online%22%2C%22on%22%2C%22sflix%22%2C%22to%22%5D\u0026pst=1760285728\u0026rb=\u0026refer=https%3A%2F%2Fmoviesflixcc.com%2Fmovie%2Fharry-potter-and-the-chamber-of-secrets_b53%2F%3Fvod%3D1080p\u0026res=14.3095\u0026rmtc=t\u0026shu=6d2cc03cc72c8a0c5931088eb28e6081521e7313f7cf94cb5e1f59655c5eac49a75ffc2f3cba8effcdd0de2071c4a15739c95e2fd5af5b6d8042d04a38dcf5d9b54477bd38e460ad51b6269e3d034ce237572e32761f6268673043\u0026tz=0\u0026uuid=25eb6e26-07c1-4379-be3e-f81a4a8c0d3f%3A2%3A1\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNTI0MzkxNiwiayI6IjdkMTNiMjVkNDUyODBmMGJhNzJhYzVlZmZmYmEwMzM0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0NTA5OTU1LCJwaWQiOjEwOTExODMsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjoyMywicHQiOjQsInBrIjoiYzluZXY2NnhnIiwiY3BrcyI6eyIyOCI6ImUyYmQzYTc5OThkYjU4MzdkMWEwNzE1NzU2NWU4NzQ2IiwiMjkiOiI4NjA3MDYyM2Q0Y2VhNGY2NzFlZWNiMjA5ZTgwZDc4OSJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbW92aWVzZmxpeGNjLmNvbS9tb3ZpZS9oYXJyeS1wb3R0ZXItYW5kLXRoZS1jaGFtYmVyLW9mLXNlY3JldHNfYjUzLz92b2Q9MTA4MHAiLCJhciI6W119fQ.vLNTvbggSrlNljzY_bOj7rEohoxY0vhYxB6Rl9icLPI; expires=Sun, 12 Oct 2025 16:15:28 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 1\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: fd3b31bd40b28a25bbd9b1e071e2c78a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4838,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":664,"timings":{"blocked":284,"dns":1,"connect":92,"send":0,"wait":96,"receive":0,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}