{"report_id":"fea7d7e9-fb55-4178-b38c-071f6acec664","version":6,"status":"done","tags":[],"date":"2025-09-24T16:17:51Z","url":{"schema":"http","addr":"www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","fqdn":"www.poopbnx.com","domain":"poopbnx.com","tld":"com"},"ip":{"addr":"104.21.64.110","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","fqdn":"www.poopbnx.com","domain":"poopbnx.com","tld":"com"},"title":"poopbnx.com/e/SrN90azL?lv1=doodbd.com"},"submit":{"url":{"schema":"http","addr":"www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","fqdn":"www.poopbnx.com","domain":"poopbnx.com","tld":"com"},"ip":{"addr":"104.21.64.110","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-29T16:17:51Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":12}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"www.poopbnx.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"altruistic-departure.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"storage.multstorage.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"1ca6b1f43b.5978ef8c9a.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"js.wpadmngr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"js.capndr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"na.nawpush.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"fp.metricswpsh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"js.capndr.com","ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2021-08-30","domain_rank":156902,"first_seen":"2021-08-30T12:51:01Z","last_seen":"2025-09-22T04:22:56.451367Z","alert_count":2,"request_count":2,"received_data":96716,"sent_data":847,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ntvpforever.com","ip":{"addr":"167.235.163.216","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2021-11-18","domain_rank":18811,"first_seen":"2021-11-19T01:49:18Z","last_seen":"2025-09-22T04:22:55.915312Z","alert_count":0,"request_count":2,"received_data":687,"sent_data":1036,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-09-21T22:11:31.071214Z","alert_count":0,"request_count":1,"received_data":418619,"sent_data":436,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"bereave.onelinevideo.com","ip":{"addr":"47.253.93.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"domain_registered":"2025-04-21","domain_rank":486265,"first_seen":"2025-06-06T00:49:08.421363Z","last_seen":"2025-09-22T05:20:24.736625Z","alert_count":0,"request_count":3,"received_data":738,"sent_data":1576,"comment":"","tags":null,"fingerprints":null},{"fqdn":"sm.luxsmab.com","ip":{"addr":"104.18.54.96","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-04-29","domain_rank":492434,"first_seen":"2025-06-06T00:49:08.423003Z","last_seen":"2025-09-22T05:20:25.011587Z","alert_count":0,"request_count":4,"received_data":2061165,"sent_data":2223,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"jcdn.tsyndicate.com","ip":{"addr":"45.133.44.70","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2017-03-08","domain_rank":65259,"first_seen":"2024-09-05T14:47:10Z","last_seen":"2025-09-22T01:40:52.936752Z","alert_count":0,"request_count":1,"received_data":389,"sent_data":443,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"api.lixstreamingcaio.com","ip":{"addr":"104.21.21.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-04-29","domain_rank":492115,"first_seen":"2025-06-01T10:17:55.903035Z","last_seen":"2025-09-22T06:02:07.795704Z","alert_count":0,"request_count":6,"received_data":5660,"sent_data":3338,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.tapioni.com","ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-05-27","domain_rank":177570,"first_seen":"2021-07-01T10:46:55Z","last_seen":"2025-09-22T00:21:15.640764Z","alert_count":4,"request_count":4,"received_data":700421,"sent_data":1656,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"accounts.google.com","ip":{"addr":"142.250.147.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":103,"first_seen":"2012-05-23T06:57:57Z","last_seen":"2025-09-21T22:18:44.028378Z","alert_count":0,"request_count":3,"received_data":6799,"sent_data":1754,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}]},{"fqdn":"na.nawpush.com","ip":{"addr":"45.133.44.24","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2020-12-21","domain_rank":175362,"first_seen":"2020-12-23T08:18:12Z","last_seen":"2025-09-22T04:22:56.83506Z","alert_count":1,"request_count":1,"received_data":1577,"sent_data":481,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"altruistic-departure.com","ip":{"addr":"88.85.68.219","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-05-23","domain_rank":289233,"first_seen":"2025-06-10T09:27:15.520397Z","last_seen":"2025-09-22T05:20:23.960657Z","alert_count":2,"request_count":2,"received_data":39613,"sent_data":1077,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"a.labadena.com","ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"domain_registered":"2020-01-21","domain_rank":266368,"first_seen":"2020-05-24T00:28:49Z","last_seen":"2025-09-22T00:21:15.238213Z","alert_count":5,"request_count":5,"received_data":8634,"sent_data":2937,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"enrtx.com","ip":{"addr":"94.130.197.239","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2024-10-07","domain_rank":18023,"first_seen":"2024-11-04T09:19:58Z","last_seen":"2025-09-22T05:20:24.800334Z","alert_count":0,"request_count":1,"received_data":9685,"sent_data":494,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.16.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"driverhugoverblown.com","ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"domain_registered":"2025-03-12","domain_rank":75021,"first_seen":"2025-03-30T06:27:07.780857Z","last_seen":"2025-09-16T07:57:00.816126Z","alert_count":0,"request_count":4,"received_data":157115,"sent_data":2839,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fp.metricswpsh.com","ip":{"addr":"157.90.84.242","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2021-10-29","domain_rank":154722,"first_seen":"2022-04-22T11:20:32Z","last_seen":"2025-09-22T04:22:56.734415Z","alert_count":2,"request_count":2,"received_data":820,"sent_data":1060,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"js.wpadmngr.com","ip":{"addr":"45.133.44.53","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2021-06-02","domain_rank":77954,"first_seen":"2021-06-02T14:43:46Z","last_seen":"2025-09-22T04:22:57.088896Z","alert_count":1,"request_count":1,"received_data":149823,"sent_data":423,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.poopbnx.com","ip":{"addr":"104.21.64.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":7,"request_count":7,"received_data":2853881,"sent_data":3461,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}]},{"fqdn":"tracking.eu.flamtyr.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2023-09-22","domain_rank":509890,"first_seen":"2023-09-23T12:14:54Z","last_seen":"2025-09-22T05:20:25.121834Z","alert_count":0,"request_count":2,"received_data":0,"sent_data":922,"comment":"","tags":null,"fingerprints":null},{"fqdn":"s.uuidksinc.net","ip":{"addr":"31.220.27.155","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2015-05-05","domain_rank":47808,"first_seen":"2015-07-20T12:00:35Z","last_seen":"2025-09-22T01:40:53.888694Z","alert_count":0,"request_count":1,"received_data":570,"sent_data":472,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.23.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.foolhardywear.pro","ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-09-24T11:01:34.084827Z","last_seen":"2025-09-24T11:01:34.084827Z","alert_count":0,"request_count":2,"received_data":208218,"sent_data":919,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"storage.multstorage.com","ip":{"addr":"13.248.148.254","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2023-09-22","domain_rank":101055,"first_seen":"2023-09-22T12:56:00Z","last_seen":"2025-09-22T04:22:56.330315Z","alert_count":1,"request_count":1,"received_data":144,"sent_data":539,"comment":"","tags":null,"fingerprints":[{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]}]},{"fqdn":"1ca6b1f43b.5978ef8c9a.com","ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":1,"received_data":345,"sent_data":841,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.tsyndicate.com","ip":{"addr":"45.133.44.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2017-03-08","domain_rank":40822,"first_seen":"2017-07-04T06:00:09Z","last_seen":"2025-09-22T01:40:55.510531Z","alert_count":0,"request_count":3,"received_data":107066,"sent_data":1289,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"x1.giriucon.com","ip":{"addr":"172.67.128.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-11-08","domain_rank":1654331,"first_seen":"2025-04-14T21:44:18.935371Z","last_seen":"2025-09-16T10:10:01.85061Z","alert_count":0,"request_count":2,"received_data":76220,"sent_data":828,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"nereserv.com","ip":{"addr":"167.235.163.216","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2020-12-21","domain_rank":17097,"first_seen":"2020-12-21T11:07:56Z","last_seen":"2025-09-22T05:20:24.435817Z","alert_count":4,"request_count":2,"received_data":644,"sent_data":1122,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"tracking.eu.erdwas.com","ip":{"addr":"138.68.123.32","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"domain_registered":"2024-05-31","domain_rank":0,"first_seen":"2024-06-08T09:14:16Z","last_seen":"2025-09-23T09:14:02.521219Z","alert_count":0,"request_count":2,"received_data":75110,"sent_data":1394,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"data","addr":"data:text/html;charset=utf-8,%3Cstyle%20type%3D%22text/css%22%3Ebody%20%7B%20margin%3A%200px%3B%20padding%3A%200px%20%7D%3C/style%3E%3Cscript%3E%0A%20%20%20%20%20%20%20%20hf%20%3D%20function%28frameId%29%20%7B%0A%20%20%20%20%20%20document.addEventListener%28%27click%27%2C%20function%20%28event%29%20%7B%0A%20%20%20%20%20%20%20%20const%20payload%20%3D%20%7B%0A%20%20%20%20%20%20%20%20%20%20spotId%3A%20%27494334%27%2C%0A%20%20%20%20%20%20%20%20%20%20eventId%3A%20%27null%27%2C%0A%20%20%20%20%20%20%20%20%20%20type%3A%20%27click%27%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20window.parent.postMessage%28%5B%22asgLedgerEvent%22%2C%20payload%5D%2C%20%22*%22%29%3B%0A%20%20%20%20%20%20%20%20const%20element%20%3D%20event.target%3B%0A%20%20%20%20%20%20%20%20if%20%28element.closest%28%27.asg-close-btn%27%29%29%20%7B%0A%20%20%20%20%20%20%20%20%20%20event.preventDefault%28%29%3B%0A%20%20%20%20%20%20%20%20%20%20window.parent.postMessage%28%5B%22asgClosePush%22%2C%20frameId%5D%2C%20%22*%22%29%3B%0A%20%20%20%20%20%20%20%20%20%20return%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20if%20%28element.closest%28%27.asg-click-url%27%29%29%20%7B%0A%20%20%20%20%20%20%20%20%20%20window.parent.postMessage%28%5B%22asgClickPush%22%2C%20frameId%5D%2C%20%22*%22%29%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%7D%29%3B%0A%20%20%20%20%7D%3B%0A%20%20%20%20%20%20%20%20content%20%3D%20%22%253Ca%2520href%253D%2522https%253A//a.labadena.com/api/click/9371156432938448115%2522%2520target%253D%2522_blank%2522%2520class%253D%2522asg-click-url%2522%2520rel%253D%2522nofollow%2520noopener%2522%2520style%253D%2522background%253A%2520rgba%2528248%252C%2520248%252C%2520248%252C%25200.97%2529%253B%2520height%253A%252080px%253B%2520overflow%253A%2520hidden%253B%2520box-shadow%253A%25202px%25203px%25205px%25200px%2520rgba%2528111%252C111%252C111%252C1%2529%253Bmargin%253A%25205px%253B%2520border-radius%253A%252010px%253B%2520display%253A%2520flex%253Bflex-direction%253A%2520row%253Bjustify-content%253A%2520flex-start%253Balign-items%253A%2520center%253Btext-align%253A%2520center%253Bposition%253A%2520relative%253Btext-decoration%253A%2520none%2522%253E%250A%2520%2520%253Cimg%2520style%253D%2527display%253A%2520none%253B%2527%2520class%253D%2527impression-url%2527%2520src%253Dhttp%253A//tracking.eu.flamtyr.com/rtb/nurl%253Fuuid%253D659bc6cb-c5e5-4bc2-9aad-7be6cfffc660%2526s%253D101%2526d%253D254%2526feedid%253De727%2526rt%253D1758730652728%2526sb%253D0.0025%2526db%253D0.005%2526subid%253D6elqJg%2526tokid%253Dnull%2526url%253Dnull%253E%253Cimg%2520src%253D%2522https%253A//tracking.eu.erdwas.com/rtb/feedimpression%253Fuuid%253D659bc6cb-c5e5-4bc2-9aad-7be6cfffc660%2526s%253D101%2526d%253D254%2526feedid%253De727%2526rt%253D1758730652728%2526sb%253D0.0025%2526db%253D0.005%2526subid%253D6elqJg%2526tokid%253Dnull%2526url%253DJ44XHDROF354SQSK6H3P6EMFWAHPU2R6GIAQ2WT2SFROO2FWR7WG2UR23MNEVJCZHY6YRELGMJFOYIU2ZUHGWSWMDICU3J76A7YYGTY%253D%2526i%253D88d0bd%2526u%253D125ff5%2526g%253DNO%2526ad%253D1058532%2526sp%253D%2526spv%253D%2526sm%253D%2522%2520alt%253D%2522%2523%2522%2520style%253D%2522border-radius%253A%252010px%253B%2520margin%253A%252010px%252010px%252010px%252010px%253B%2520height%253A%252050px%253B%2520width%253A%252050px%253B%2520padding%253A%25205px%253B%2522%253E%250A%2520%2520%253Cdiv%2520style%253D%2522width%253A%2520calc%252880%2525%2520-%252043px%2529%253B%2520max-height%253A%252048px%253B%2520font%253A%252014px/1.4%2520medium-content-sans-serif-font%252C-apple-system%252CBlinkMacSystemFont%252C%2527Segoe%2520UI%2527%252CRoboto%252COxygen%252CUbuntu%252CCantarell%252CMontserrat%252C%2527Open%2520Sans%2527%252C%2527Helvetica%2520Neue%2527%252CArial%252Csans-serif%252C%2527Apple%2520Color%2520Emoji%2527%252C%2527Segoe%2520UI%2520Emoji%2527%252C%2527Segoe%2520UI%2520Symbol%2527%252C%2527Noto%2520Color%2520Emoji%2527%253B%2520overflow%253A%2520hidden%253B%2520text-align%253A%2520left%253B%2520color%253A%2520%2523414a59%253B%2520padding%253A%25205px%25205px%25205px%25200%253B%2520position%253A%2520relative%253B%2522%253E%250A%2520%2520%2520%2520%253Cp%2520style%253D%2522max-height%253A%252016px%253Bfont-weight%253A%2520bold%253B%2520overflow%253A%2520hidden%253Bmargin%253A%25200%253B%2520line-height%253A%252016px%2522%253E%250A%2520%2520%2520%2520%2520%2520Sexpartner%2520av%2520Whatsapp%2520%25u2705%250A%2520%2520%2520%2520%253C/p%253E%250A%2520%2520%2520%2520%253Cp%2520style%253D%2522font-weight%253A%2520300%253B%2520overflow%253A%2520hidden%253B%2520max-height%253A%252032px%253B%2520margin%253A%25200%253B%2520line-height%253A%252016px%253B%2522%253E%250A%2520%2520%2520%2520%2520%2520Ingrid%2520%25282%2520km%2520fra%2520deg%2529%2520Knull%2520meg%2520gratis%2521%2520...%250A%2520%2520%2520%2520%253C/p%253E%250A%2520%2520%253C/div%253E%250A%2520%2520%253Cdiv%2520class%253D%2522asg-close-btn%2522%2520style%253D%2522width%253A%252033px%253Bbackground-color%253A%2520%2523f2f2f257%253Bz-index%253A%25202147483647%253Bposition%253A%2520absolute%253B%2520top%253A%25200%253B%2520right%253A%25200%253B%2520bottom%253A%25200%253B%2520border-radius%253A%25200%252010px%252010px%25200%253B%2520height%253A%2520100%2525%253B%2520display%253A%2520flex%253B%2520justify-content%253A%2520center%253B%2520align-items%253A%2520center%253B%2522%253E%250A%2520%2520%2520%2520%253Cdiv%2520style%253D%2522width%253A%252015px%253Bheight%253A%252015px%253B%2520cursor%253A%2520pointer%253B%2522%253E%250A%2520%2520%2520%2520%2520%2520%253Csvg%2520viewbox%253D%25220%25200%252040%252040%2522%253E%253Cpath%2520style%253D%2522stroke%253A%2520black%253B%2520fill%253A%2520transparent%253B%2520stroke-linecap%253A%2520round%253B%2520stroke-width%253A%25205%253B%2522%2520d%253D%2522M%252010%252C10%2520L%252030%252C30%2520M%252030%252C10%2520L%252010%252C30%2522/%253E%253C/svg%253E%250A%2520%2520%2520%2520%253C/div%253E%250A%2520%2520%253C/div%253E%250A%253C/a%253E%22%3B%0A%20%20%20%20%20%20%20%20hf%28%22asg-push-frame2%22%29%3B%0A%20%20%20%20%20%20%20%20window.document.write%28unescape%28content%29%29%3B%0A%20%20%20%20%20%20%3C/script%3E","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":true,"md5":"80b9cd947ea2feb88d1306d2a5d91168","sha1":"6af893b8d52fd407c39d1230c9cfacdd56952378","sha256":"045093242d483dbb0beda800e6aaa3d004eacfdb181a69fcca2ae1da2b8681ae","sha512":"6a954e62ef51e05f0dc4755d2608e232b6f1a2a2f90c1e096ae3a6d111a277ea4a9e11dbc40693ee62b02c8a2572b8ea0c0902469764aab2b8c3950eb92b2d40","ssdeep":"96:fbyWbkEPuDwRTwdQwD5LJQnknyn20CraR2dFHrsmSNbaL:fbycksacG1Gast0asLSNbaL","tlshash":"3d811eacb620089afc36653be15a778ee0749c47f6a174163aac26c81fc9d4ce9d474c","size":4165,"data":"","first_seen":"2025-09-24T16:18:06.704855Z","last_seen":"2025-09-24T16:18:06.704855Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","fqdn":"www.poopbnx.com","domain":"poopbnx.com","tld":"com"},"ip":{"addr":"104.21.64.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c4b39905819a02943aab42aaa3ace049","sha1":"397c25ba91f8946c07fcd15b85dde33073d13cc0","sha256":"56b98849a8c00948afc8281671da6d0955145a28b9cab57cb3f3cb67803dc520","sha512":"45185272dd93386022e633bba5581ebd898db3eae1dac640eaab69d546c0f1037b10c423e2b94e8383cf196255c6fa96b4374e9ecad48cd30475491950b1e7c9","ssdeep":"","tlshash":"10c08ca82aab4c7110f73a428fbf21057016a3132090cd313e0eb6848f34e2bda94808","size":190,"data":"","first_seen":"2025-08-29T08:56:06.9123Z","last_seen":"2026-02-02T17:50:52.010918Z","times_seen":319,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/ip-push.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c492d7c5b08e6e1346c5568fd9375200","sha1":"3f16815f3fceef2be7b3d447b04ea3e9df6f4235","sha256":"3d717748d2bc757dca9959cc7ed88937d260a66164d4c6f7c74ae5030086210e","sha512":"6aec3ed2c0af66e44968183960a807e33fe9391fbf769856d0e7bf8ba25685001cb704b7d9dfef329cd0b89ea6cae80ae694b5b8f8c6792db20bbf1db8e13ba5","ssdeep":"1536:gmYHGtNYCX8m7HolV5WlvgO1kbUfyrMwaPdyvZiFTa+T0jN9ZTdSenoOAUBxMbCT:XYHGtNN7HolCHkbZaPyZF62","tlshash":"41d3628dbac1b56107e37064023f640ef2b63a54b44bc8c0fa29d5e16e7e94f6167e2d","size":134816,"data":"","first_seen":"2025-09-22T16:09:30.942407Z","last_seen":"2025-10-22T00:42:16.271508Z","times_seen":104,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/spots/494334?s1=1949187009982111745\u0026fs1=1\u0026i=1\u0026url=https%3A%2F%2Fwww.poopbnx.com%2Fe%2FSrN90azL%3Flv1%3Ddoodbd.com\u0026sid=cbfb4cc3-b414-4e27-87a6-9a45e794cf1b","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"introduction_type":"scriptElement","is_inline":false,"md5":"b4a332deb2a6aaa4a5e02af9451eb282","sha1":"787c43cf591fb103a59863fc3cc4062a79a612bd","sha256":"3d8ce24551fa7060730983cf09d057c97127b35fcba7f464ec32e911e72af979","sha512":"f78178c5af913b840cfba26fdf0c5575ad2455cf2634a93f7a57d3bafc300049ff1296af5d0a60419e073bc90dd47ed822d21e85f8f571c56ac05f82f3f8ce11","ssdeep":"","tlshash":"1751a78483bc2256f6275060ddbdcfdf596ea141a646407edebb1196c3cc2881e7128b","size":3131,"data":"","first_seen":"2025-09-24T16:18:06.689335Z","last_seen":"2025-09-24T16:18:06.689335Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/spots/494334?s1=1949187009982111745\u0026fs1=1\u0026i=1\u0026rtb_only=1\u0026url=https%3A%2F%2Fwww.poopbnx.com%2Fe%2FSrN90azL%3Flv1%3Ddoodbd.com\u0026sid=cbfb4cc3-b414-4e27-87a6-9a45e794cf1b","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"introduction_type":"scriptElement","is_inline":false,"md5":"598828746211caf5b0e8965bfc5bce4a","sha1":"a9dae6c1eac73eb91362e322255f0b1f6610d6e2","sha256":"9beb0daee2025de9fefd4fce4cc27e9f2f2b7d75fefc5acbf899e72f64408ee2","sha512":"9bf8cc8fe0add32a734be2ddbc704fb8b2b3b3c483b967d99a44b06f2856be5c2be99cb94491123bbfce69dd7227a80a0eda30fd75ddd555cd99fdc6eadbf3d2","ssdeep":"","tlshash":"b151b7c483ac2256f62750a0ddbdcfdf586da541a649407eafbb1197c3cc2880e7118a","size":3131,"data":"","first_seen":"2025-09-24T16:18:06.680398Z","last_seen":"2025-09-24T16:18:06.680398Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jcdn.tsyndicate.com/29c25e2e6cd54b649eb87dbea7866317.js","fqdn":"jcdn.tsyndicate.com","domain":"tsyndicate.com","tld":"com"},"ip":{"addr":"45.133.44.70","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"99914b932bd37a50b983c5e7c90ae93b","sha1":"bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f","sha256":"44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a","sha512":"27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd","ssdeep":"","tlshash":"c7100000000000c00000000c00000000000000000c0000000000000000000000000000","size":2,"data":"","first_seen":"2023-03-07T01:15:26Z","last_seen":"2026-05-20T03:34:51.005429Z","times_seen":664926,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/users/494333?host=www.poopbnx.com\u0026ev=223\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fwww.poopbnx.com%2Fe%2FSrN90azL%3Flv1%3Ddoodbd.com\u0026sid=cbfb4cc3-b414-4e27-87a6-9a45e794cf1b\u0026i=1\u0026s1=1949187009982111745\u0026fs1=1\u0026url=https%3A%2F%2Fwww.poopbnx.com%2Fe%2FSrN90azL%3Flv1%3Ddoodbd.com","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"introduction_type":"scriptElement","is_inline":false,"md5":"a200849b3968f3274c99a824e1d9318e","sha1":"51186b3201fde3aa779a9b98aff50608cf64093e","sha256":"89d3d96888fa097087eaa9a95b250c79e36aefdb99ce9300c9f05b97a1eb375b","sha512":"5f7d0c36ad649b5a01051dcd78040c5f677251cc6d317ba10082f3eae6ab15af2c1a5284e0e9bdf97c49c5e28003aed47ba6465cda705e01d85d8df78cfdb6c1","ssdeep":"","tlshash":"a9012d858b4ca5fb8b4a50b7d9bc8ea2498e85b43604600bfb24430f64cb28343a0197","size":680,"data":"","first_seen":"2025-09-24T16:18:06.697587Z","last_seen":"2025-09-24T16:18:06.697587Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.poopbnx.com/assets/main-_UikGaJh-1758177775030.js","fqdn":"www.poopbnx.com","domain":"poopbnx.com","tld":"com"},"ip":{"addr":"104.21.64.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"31ec04a32c85dbf8d23efb9ef713f2b3","sha1":"4a2d0cb6c4e4891668819e0660884b00af459f0e","sha256":"f1201db29ae417ba22c21890de02dbc2fa69f364378c9dced22caa535acf05fc","sha512":"e02361e30b3b5776e10a6785b51032b618840bc6eaad3f72f89071e8b97e9613435e92df6dfc2da82906083b7ba06ffa29cf1299b3bcb2566588b2cfd3988117","ssdeep":"1536:uG+sGChek2zjaONNET1HqzFf+Uc6uXXE726C/oRLFGFxtYb3j45b:uGfGCtWdSHj5+RP2","tlshash":"26738eec61289d38fd290ac6607ea434b439376ff928c8c1f0be3c115b9498555ab7de","size":79676,"data":"","first_seen":"2025-09-19T19:24:06.580842Z","last_seen":"2025-09-24T16:18:06.673909Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.poopbnx.com/assets/vendor-chunks-CbR8uz8B-1758177775030.js","fqdn":"www.poopbnx.com","domain":"poopbnx.com","tld":"com"},"ip":{"addr":"104.21.64.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"7dd0f71b17044267127e1c37b2170ccc","sha1":"9243972425167d71b0d4e1b8ea4d849695831525","sha256":"168d9ccb7dfca29d3265a018da02cdbe1fd1fca7a4ce1e8d6f3cf0089aed9205","sha512":"174f814be5e3f36089ac4aaf8935c6c8761edf3eda7bfae0de5f6824ca9c532b23bb0273eace89f2ec9fba8ad86c269d85fb03d17e82eac70d7956d585d98e34","ssdeep":"24576:Tc1WTD3o6D2XPpTb1ki8S6XbZOBgT6Kbditugwlt3qjdacbii:TAWTD3o6D2XPpTb1ki8S6XNL6KbMugwa","tlshash":"84454cd972a67062879361a4503f1207723a7d16248cc05cf63bf9ea2eb8d09647bf7d","size":1269551,"data":"","first_seen":"2025-09-08T21:22:03.810066Z","last_seen":"2025-09-24T16:18:06.944319Z","times_seen":34,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/vast-im.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6d1334f3c3a996494fb08804135bdc50","sha1":"47471dbaea65a8db04a1284cc5efb99b9745164e","sha256":"1b53f16245ba49c58090b7e7b95c8a3cd257c7295b511701b836db56a4991dae","sha512":"2c3ac8f3aba2e80328ff00cf43199a554c6218cc3b581df039aa1a1359f263e0e722a2636c41f54d2b7ee8538c54a3f69520d5163d181d01931691b4c67be4b0","ssdeep":"6144:IdFfNgmYyEUOfsna/wNjXnCT1c28bJYfC:yNDYyEUOfsna/MjXnCZD8bJYfC","tlshash":"9b64b4c9b6c6b0a543e7b1b8403f520ef276a955b44ac9c0e266e9d0ac7c94e5037f7c","size":316021,"data":"","first_seen":"2025-09-22T17:52:53.955078Z","last_seen":"2025-10-22T07:28:21.563525Z","times_seen":175,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"data","addr":"data:text/html;charset=utf-8,%3Cstyle%20type%3D%22text/css%22%3Ebody%20%7B%20margin%3A%200px%3B%20padding%3A%200px%20%7D%3C/style%3E%3Cscript%3E%0A%20%20%20%20%20%20%20%20hf%20%3D%20function%28frameId%29%20%7B%0A%20%20%20%20%20%20document.addEventListener%28%27click%27%2C%20function%20%28event%29%20%7B%0A%20%20%20%20%20%20%20%20const%20payload%20%3D%20%7B%0A%20%20%20%20%20%20%20%20%20%20spotId%3A%20%27494334%27%2C%0A%20%20%20%20%20%20%20%20%20%20eventId%3A%20%27null%27%2C%0A%20%20%20%20%20%20%20%20%20%20type%3A%20%27click%27%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20window.parent.postMessage%28%5B%22asgLedgerEvent%22%2C%20payload%5D%2C%20%22*%22%29%3B%0A%20%20%20%20%20%20%20%20const%20element%20%3D%20event.target%3B%0A%20%20%20%20%20%20%20%20if%20%28element.closest%28%27.asg-close-btn%27%29%29%20%7B%0A%20%20%20%20%20%20%20%20%20%20event.preventDefault%28%29%3B%0A%20%20%20%20%20%20%20%20%20%20window.parent.postMessage%28%5B%22asgClosePush%22%2C%20frameId%5D%2C%20%22*%22%29%3B%0A%20%20%20%20%20%20%20%20%20%20return%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20if%20%28element.closest%28%27.asg-click-url%27%29%29%20%7B%0A%20%20%20%20%20%20%20%20%20%20window.parent.postMessage%28%5B%22asgClickPush%22%2C%20frameId%5D%2C%20%22*%22%29%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%7D%29%3B%0A%20%20%20%20%7D%3B%0A%20%20%20%20%20%20%20%20content%20%3D%20%22%253Ca%2520href%253D%2522https%253A//a.labadena.com/api/click/8518867904464235115%2522%2520target%253D%2522_blank%2522%2520class%253D%2522asg-click-url%2522%2520rel%253D%2522nofollow%2520noopener%2522%2520style%253D%2522background%253A%2520rgba%2528248%252C%2520248%252C%2520248%252C%25200.97%2529%253B%2520height%253A%252080px%253B%2520overflow%253A%2520hidden%253B%2520box-shadow%253A%25202px%25203px%25205px%25200px%2520rgba%2528111%252C111%252C111%252C1%2529%253Bmargin%253A%25205px%253B%2520border-radius%253A%252010px%253B%2520display%253A%2520flex%253Bflex-direction%253A%2520row%253Bjustify-content%253A%2520flex-start%253Balign-items%253A%2520center%253Btext-align%253A%2520center%253Bposition%253A%2520relative%253Btext-decoration%253A%2520none%2522%253E%250A%2520%2520%253Cimg%2520style%253D%2527display%253A%2520none%253B%2527%2520class%253D%2527impression-url%2527%2520src%253Dhttp%253A//tracking.eu.flamtyr.com/rtb/nurl%253Fuuid%253D6b5a85bb-e561-465e-b8ac-44ef73514db4%2526s%253D101%2526d%253D254%2526feedid%253De727%2526rt%253D1758730652388%2526sb%253D0.0025%2526db%253D0.005%2526subid%253D6elqJg%2526tokid%253Dnull%2526url%253Dnull%253E%253Cimg%2520src%253D%2522https%253A//tracking.eu.erdwas.com/rtb/feedimpression%253Fuuid%253D6b5a85bb-e561-465e-b8ac-44ef73514db4%2526s%253D101%2526d%253D254%2526feedid%253De727%2526rt%253D1758730652388%2526sb%253D0.0025%2526db%253D0.005%2526subid%253D6elqJg%2526tokid%253Dnull%2526url%253DJ44XHDROF354SQSK6H3P6EMFWAHPU2R6GIAQ2WT2SFROO2FWR7WG2UR23MNEVJCZHY6YRELGMJFOYIU2ZUHGWSWMDICU3J76A7YYGTY%253D%2526i%253D88d0bd%2526u%253D125ff5%2526g%253DNO%2526ad%253D1058532%2526sp%253D%2526spv%253D%2526sm%253D%2522%2520alt%253D%2522%2523%2522%2520style%253D%2522border-radius%253A%252010px%253B%2520margin%253A%252010px%252010px%252010px%252010px%253B%2520height%253A%252050px%253B%2520width%253A%252050px%253B%2520padding%253A%25205px%253B%2522%253E%250A%2520%2520%253Cdiv%2520style%253D%2522width%253A%2520calc%252880%2525%2520-%252043px%2529%253B%2520max-height%253A%252048px%253B%2520font%253A%252014px/1.4%2520medium-content-sans-serif-font%252C-apple-system%252CBlinkMacSystemFont%252C%2527Segoe%2520UI%2527%252CRoboto%252COxygen%252CUbuntu%252CCantarell%252CMontserrat%252C%2527Open%2520Sans%2527%252C%2527Helvetica%2520Neue%2527%252CArial%252Csans-serif%252C%2527Apple%2520Color%2520Emoji%2527%252C%2527Segoe%2520UI%2520Emoji%2527%252C%2527Segoe%2520UI%2520Symbol%2527%252C%2527Noto%2520Color%2520Emoji%2527%253B%2520overflow%253A%2520hidden%253B%2520text-align%253A%2520left%253B%2520color%253A%2520%2523414a59%253B%2520padding%253A%25205px%25205px%25205px%25200%253B%2520position%253A%2520relative%253B%2522%253E%250A%2520%2520%2520%2520%253Cp%2520style%253D%2522max-height%253A%252016px%253Bfont-weight%253A%2520bold%253B%2520overflow%253A%2520hidden%253Bmargin%253A%25200%253B%2520line-height%253A%252016px%2522%253E%250A%2520%2520%2520%2520%2520%2520Sexpartner%2520av%2520Whatsapp%2520%25u2705%250A%2520%2520%2520%2520%253C/p%253E%250A%2520%2520%2520%2520%253Cp%2520style%253D%2522font-weight%253A%2520300%253B%2520overflow%253A%2520hidden%253B%2520max-height%253A%252032px%253B%2520margin%253A%25200%253B%2520line-height%253A%252016px%253B%2522%253E%250A%2520%2520%2520%2520%2520%2520Ingrid%2520%25282%2520km%2520fra%2520deg%2529%2520Knull%2520meg%2520gratis%2521%2520...%250A%2520%2520%2520%2520%253C/p%253E%250A%2520%2520%253C/div%253E%250A%2520%2520%253Cdiv%2520class%253D%2522asg-close-btn%2522%2520style%253D%2522width%253A%252033px%253Bbackground-color%253A%2520%2523f2f2f257%253Bz-index%253A%25202147483647%253Bposition%253A%2520absolute%253B%2520top%253A%25200%253B%2520right%253A%25200%253B%2520bottom%253A%25200%253B%2520border-radius%253A%25200%252010px%252010px%25200%253B%2520height%253A%2520100%2525%253B%2520display%253A%2520flex%253B%2520justify-content%253A%2520center%253B%2520align-items%253A%2520center%253B%2522%253E%250A%2520%2520%2520%2520%253Cdiv%2520style%253D%2522width%253A%252015px%253Bheight%253A%252015px%253B%2520cursor%253A%2520pointer%253B%2522%253E%250A%2520%2520%2520%2520%2520%2520%253Csvg%2520viewbox%253D%25220%25200%252040%252040%2522%253E%253Cpath%2520style%253D%2522stroke%253A%2520black%253B%2520fill%253A%2520transparent%253B%2520stroke-linecap%253A%2520round%253B%2520stroke-width%253A%25205%253B%2522%2520d%253D%2522M%252010%252C10%2520L%252030%252C30%2520M%252030%252C10%2520L%252010%252C30%2522/%253E%253C/svg%253E%250A%2520%2520%2520%2520%253C/div%253E%250A%2520%2520%253C/div%253E%250A%253C/a%253E%22%3B%0A%20%20%20%20%20%20%20%20hf%28%22asg-push-frame0%22%29%3B%0A%20%20%20%20%20%20%20%20window.document.write%28unescape%28content%29%29%3B%0A%20%20%20%20%20%20%3C/script%3E","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":true,"md5":"b7498268fe70733d133fe9b444088fdb","sha1":"2bc75e009e932a7230df0b77a2f66373ee86891f","sha256":"aa01ee6b1f510ab0b083f75e335de234a576b8d5b8768543beef30c699350bf7","sha512":"cce257aeffaa4535843eb3b7a3553c0c3a9616d42b97b2cc76a661590a8eb989eac8b3169a0541b05eafae4f9cc9844aa91856b52236f612dbd603d513b63577","ssdeep":"96:fbyWbkbPuDwRr7Cx5LJQnknyn20CraR2dFHrsmSraL:fbyckjacA1Gast0asLSraL","tlshash":"25813faca630089afc37653be06a774ee0749c47f6a274127a9c26c81fc8c4ce9d474d","size":4165,"data":"","first_seen":"2025-09-24T16:18:06.707032Z","last_seen":"2025-09-24T16:18:06.707032Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.foolhardywear.pro/ecc874/202783d36835.js","fqdn":"www.foolhardywear.pro","domain":"foolhardywear.pro","tld":"pro"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"28bd72a224aaf35c5e82076c39115e08","sha1":"fcd3571f3a90abf7c5765c3431fa157e87f00720","sha256":"9b01c93555d4d40a2cc04d1978d2e7aea945431d57ce1ee29a30e30d893f1404","sha512":"c71c557b1e3b812b93a83113eeba5977b02c8ae5fcc3a724f18fa45815b63fafc65129d8deed5ae009fbf5a7dbfbf2d72bb26fc02481c261e604b971de923fb1","ssdeep":"1536:rM+iZ3YOYuyx6PUQwRxcs8P3nhkQ8vL7T7Q6eGozzwVEnHzHRbPvk:OijxEQq3P5Enne9zkWHLm","tlshash":"c1a33461350b64fd2ad0c1e7eb6720886c295810e469cca1ecd1d7c7d6eb8e3429b5f7","size":103678,"data":"","first_seen":"2025-09-24T11:37:52.654774Z","last_seen":"2025-09-26T07:31:09.730577Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tsyndicate.com/sdk/v1/puengine.js","fqdn":"cdn.tsyndicate.com","domain":"tsyndicate.com","tld":"com"},"ip":{"addr":"45.133.44.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"87781e1d7683222115078304d2414b35","sha1":"8bf54dd8a67d75a6f38ab240d47007c12c6e2fdc","sha256":"37cf30c764c95d5900378ec4e56d09a6088a8b90ed7540c0b7cd3abebba37459","sha512":"64b8288978b5e509878a3f527ea8c9fe86fb762f3b09c52e1521a3adfc1bf78f6a262e78cd9bea6eb574acc270ff52eb2647c0d05ea2ca0715a7e330a192b043","ssdeep":"1536:v9zsfUK2AHAuaEGDoXhLAknqLULh9/S1dHWyRj:v9zsfU5mGc9A2qLULh9/SHHWyl","tlshash":"1b93d65d7093604961d2f6fc007f368a686ac850f45e8caa6674d3c2ec7c4ad84e79fb","size":89562,"data":"","first_seen":"2025-01-15T18:31:30.651098Z","last_seen":"2025-12-13T16:30:20.429188Z","times_seen":1461,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.capndr.com/popunder-admanager/build.m.js","fqdn":"js.capndr.com","domain":"capndr.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"98480354f1add639949b8362198412ca","sha1":"387e58447c13bc7664a31162f578e06cdd7d1484","sha256":"387661848249b96fb560f1e043ecf19a14b58f397ef879bd2bfd51650a693f54","sha512":"bf8d6d530a61c8f6e662a9617b4469d138b4ea872cadc93ac1f23c093e70787df83edf04bae7f72b6545d9f939e58125b0c8f70f72049a1f39fe5f69a8646c7d","ssdeep":"768:ubVWcprgLsdOKlEPHJDf0/lGA5lhY8Jnk2Teufy8qXqTXhc6UPBQ1w1AYOEPZBqg:WYmOKledMq8JNjU2ZRYj","tlshash":"609318ceb7d2b07042a7a5ba902f051ab33e29097449442cf925ded138ad94fd327f79","size":95929,"data":"","first_seen":"2025-09-24T16:18:06.703365Z","last_seen":"2025-09-25T12:35:45.979654Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-FZ6E2FXG92","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3b85994da60a1cc5b18445132266d57d","sha1":"502b3116dcddad8dd2c1e8878ef4edd94e7dcc58","sha256":"237bce6d64085a0758426b3b3506cc9c71bc4ca93ab3faa16c5462504288cb4f","sha512":"bb1a9d3c7f31ef0a3cb2481004bf192db241b2eec41a3b819e479af3657b43f8b6e2fdf33a7de6e072ac2ed55cafd88d028e4ec3a646fd9b896c3daf98e53297","ssdeep":"6144:X4B9wEqNrxY1D2im0DgfI2QNTs7eAT/PK1f2Q:XWm//YN2ixgMAw","tlshash":"e2940bce73c674665396f078907f018ba5bb28a2b45cc895f189cce42e74a9a4137f7c","size":418015,"data":"","first_seen":"2025-09-24T04:41:31.313165Z","last_seen":"2025-09-24T16:18:06.682371Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/adgpt.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ef9a81ee9ff82a08a41088ae4cbc7824","sha1":"b8eb866cf4d72bccb948f6f2791f56c9243e1ee8","sha256":"34b2437f43830b2c82bf69b4996e65b0fa6e16ba406cfe755c694c3b753883cf","sha512":"f2c32274da408677b3c2c772f097e903b314ad34b650d5b15e25cacc6b30c8ba6e941fb1196bb81d38312953fbe06ade59f6d27e8e0cfce8443d9c93f704386b","ssdeep":"","tlshash":"9b4113ee25a4fda0179b714c212b180af1bd35e0e3ace8c69fb984b47d7d6441111aed","size":2403,"data":"","first_seen":"2025-09-22T17:16:58.948655Z","last_seen":"2025-10-23T15:15:33.025845Z","times_seen":283,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"altruistic-departure.com/c/DW9f6ib.2F5ZlnStWjQ/9hNojgUHwiOSDRcE4EOhCq0k2-N/TPAv4wNmzkgG5L","fqdn":"altruistic-departure.com","domain":"altruistic-departure.com","tld":"com"},"ip":{"addr":"88.85.68.219","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"0d57d63f02e0e01cfcb41551a3889c20","sha1":"91603fabad38bf9c9e9d3d25f34cbf3b2dc7eb86","sha256":"08281e378da5fb0d8944d1e3acbc7d98c206f4a36e686cd6e1aaaef59b1bbfbc","sha512":"823830c67b02e10204e8abcd13ddbc6aec803f972499fb76a09d487fbf331e8b6a2d95d9f825ec2b28cfd40f34995948d3591bf26392a826fdc4742d6b5f7256","ssdeep":"768:QZhdZg7J02MLfTF9dFaQpp8JY29c6SboEBkleZ2YoOcLhygPTgLg0oDEiG82Imfn:QZ1g7JQLqQpp8Jr9c6SboEBkleZ2qcLS","tlshash":"ce03c6c8b1c2642642eb507d713b7208b23a54655429f028bc79c8e5fcb9e8f8577bbd","size":38309,"data":"","first_seen":"2025-09-24T16:18:06.677719Z","last_seen":"2025-09-24T16:18:06.677719Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tsyndicate.com/sdk/v1/p.js","fqdn":"cdn.tsyndicate.com","domain":"tsyndicate.com","tld":"com"},"ip":{"addr":"45.133.44.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2926f345fb4641fde74661235b655468","sha1":"3e836fd79a6cf73b85570e5845ebba198eb995fd","sha256":"b3cd4ea4dbe8bcb473b7056e3b9705d5605a61060ebe6fd855377a1c06e4db72","sha512":"3605af943a37409c2899801241c51b7e699d814ec87f76199c2c287ef2517970289bf99ecf81371062156bde7c60628efbda7fcc1c49307cb68f40add3f19dd4","ssdeep":"384:phuEaLKr2ld+l2jzM8EYyzjfku/pCgpLYPQc6vn4:psNLK8NnxyvrpCgp0Mv4","tlshash":"287219dcb1c7b0615367a4b6857f6117ba3a6a14284c8845e066f6c23d3cdc6d237e39","size":16094,"data":"","first_seen":"2025-06-22T14:24:34.344756Z","last_seen":"2025-12-13T16:30:20.392365Z","times_seen":831,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/get/2081141?id=2081141\u0026jp=_cldyzeeroovrogbhwtbgyo\u0026dr=49\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.596-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=MV1p5ulaHR0cHM6Ly93d3cucG9vcGJueC5jb20vZS9Tck45MGF6TD9sdjE9ZG9vZGJkLmNvbQ\u0026afid=3774434869306880\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026dto=2\u0026im=1\u0026noch=1\u0026cs=5\u0026uf=0","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"358b581b8544e21f1e572eb64941fafc","sha1":"e8a01dd300b6e67539723ddbf26e90c7a8cc8edd","sha256":"f620c826e2fdd388cf5ec771bfc8d0c23e91f0074a8b077921acdfdd59e1b361","sha512":"f33f4fddea5973f6e8802c7e69d3bf7a85bdd2bd5e67b11f0b97ff049e513d1e7251a6abefcb39c7b9fa05a1e35981cf375053469cc87a6c1c2b93f96f2a5728","ssdeep":"","tlshash":"0d61506c01e3a3d8c260c8af36fb1c8d708c21968e675106c5aae12b79f607777371c2","size":3366,"data":"","first_seen":"2025-09-24T16:18:06.701887Z","last_seen":"2025-09-24T16:18:06.701887Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","fqdn":"www.poopbnx.com","domain":"poopbnx.com","tld":"com"},"ip":{"addr":"104.21.64.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"719e9b9c7221b05a9ea415bbdb03925e","sha1":"8add3a7543cf55e2e89e7267a5231f3006accc4e","sha256":"32b2cf3eb5b4ecf00613e4242d92297fa2675837d9df4e35ad1fc50c5d4aa2c0","sha512":"275da68f0bde384767b0f9e2d0b4d3a16d14b646160087819ed6f7cfc0a049735376020cb583a57b39259b6eb73a4792bbd9d207dcde8e4dacde0249e5e57517","ssdeep":"","tlshash":"cce0686d4c8b19606297203b63ba4a1cf212b0176460e85138ad910b3f18fad9c7afbc","size":412,"data":"","first_seen":"2025-07-19T05:11:56.446669Z","last_seen":"2025-09-28T02:01:24.54578Z","times_seen":61,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/asg_embed.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0eef4f80e127c9db6bb4c0135bffc83e","sha1":"84925fb336ae49a8b356cad8fc9c220db72a6395","sha256":"e2fa18a9d94f65ebb3bcf6b40556457d88d86d94e750f4f97b8fa136c546c97a","sha512":"f94748fa14b66f7c8b5713274e355c95a70cf8c702d32d42e85e229a24a467a2fb958e99dd1907176c7af0266a14dc5fadcff78d91b9afa706600eb21ba93b7e","ssdeep":"6144:AedFcApjUoMdMH4gCyCthyPpfM7t+ZBRnH8VoceXz93Y+OL1fKd2fNKfnEWVhwTm:JpwoMjGS1O","tlshash":"9034c889b6c1b0b402e3b1b4056f551af277b944744ec5c1f629d9c0aeb9a0e9a37f3c","size":245512,"data":"","first_seen":"2025-09-22T17:52:53.981101Z","last_seen":"2025-10-22T07:04:13.260466Z","times_seen":220,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/on.js","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":false,"md5":"a5e8e15ea932836469805f7f52275dce","sha1":"584bfa0e1eae375869a7d844a0d04f46f16ccbbd","sha256":"ae50d867c48d5c117aff14efe07bb2c1b8bc93b5dcc659227a5091b7e1ae8109","sha512":"8e6bd666c247f0c80920f548c8338f435975d62dd3dc16263ab4594c8f77b1a8360b107140031b39e66746e06075979c42ca9cdfae03602658a7b3020182a25c","ssdeep":"1536:0cRdUZA+EZ8BapKFDXxEbK76jWJVc3IhFE+mUzObouPm97hWVakDPtorps:0cRdUZA+E96LWbHWJG3Ucc7hDps","tlshash":"1ce3a58e76c62c354787b62f493b7d4a933a54e2bc498024d4e2c1e93f74509e2b2ef5","size":149276,"data":"","first_seen":"2025-09-24T13:32:56.400329Z","last_seen":"2025-09-25T07:02:41.497653Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.wpadmngr.com/static/adManager.js","fqdn":"js.wpadmngr.com","domain":"wpadmngr.com","tld":"com"},"ip":{"addr":"45.133.44.53","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"efd0d8736506eaf15f451fad2872d8f3","sha1":"2b3504b41f849c55de197face6135aad5a022a03","sha256":"fad4c62fc8e3657fcef74aacf53990a46cbf496fce2afb6daa1dfea79a0daef0","sha512":"901b8b7a39b4cf2939a8739e9b84c03bc37e7dd36048b15f57da60366e7f8dd923ebe21f46795c72474f330800c074ee79e8e2aed19e23ae8ed1d945f97e31ad","ssdeep":"1536:Zmc1pgoXEItQyJUGxdxOkxXK37CVBYEvtskaHIOPVKIZivAB5R1NKvfVf3dnCW+0:5UGzxlJKubxvtsH3nivATL8r+da","tlshash":"03e339c9b2d2b47407e75099d43f1206f33a1a16b80c9058f6a6e9c17878ddb9237f7a","size":149435,"data":"","first_seen":"2025-09-22T10:59:39.804812Z","last_seen":"2025-10-02T09:39:22.155066Z","times_seen":250,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"99b57756f386312cfee3e85e6a5ab81d","sha1":"e3717602b8dce8b1c29c7a81d11076ceee948c2b","sha256":"debe2b6a3dcfd4a835886ebe48f1b6d75535f010150ce79f60a76fbd54d8d749","sha512":"10195bb84f784b3c15e3a82cb491b4655a1dc85007e24fe87eb68fe832b2c04fbd60046d7214d8542e65993a57915f433b7082dc19542c20682def954c7457e8","ssdeep":"","tlshash":"1741b864c5a53313f43ae490aea4cb4f8b15d103e38240b5e7e636a652ced581db21ce","size":2326,"data":"","first_seen":"2025-09-24T16:18:06.708847Z","last_seen":"2025-09-24T16:18:06.708847Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c3521a6b32605c103b75efac631a3598","sha1":"e40c241cd14304a4bac7b24a136764bf9bc7451e","sha256":"bdf5a8e717cab528927bb0cdeb5536a06747ed716a6d6f64d5dc61bd397f55d3","sha512":"1e5aa4ab7b530fb5170eb46c976b2b16227b078a817132004da92ce64eebe46b9a7918a6f358a625d9cb157b24d6d9e7a12db463b84879ef20b9e81ee543de49","ssdeep":"","tlshash":"0f41b758c1657613f42ae480ada4cb4f8b25e003e78381f5e7d736a695ce9581eb21ce","size":2326,"data":"","first_seen":"2025-09-24T16:18:06.709866Z","last_seen":"2025-09-24T16:18:06.709866Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"www.poopbnx.com/favicon.ico","fqdn":"www.poopbnx.com","domain":"poopbnx.com","tld":"com"},"ip":{"addr":"104.21.64.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:31.312Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"poopbnx.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 1","organization":"CLOUDFLARE, INC."},"validity":{"start":"Thu, 18 Sep 2025 08:00:49 GMT","end":"Wed, 17 Dec 2025 08:01:54 GMT"},"fingerprint":{"sha1":"C4:5E:00:97:B1:21:CC:06:60:FE:C0:DC:6F:B2:A4:8E:02:F2:EC:A0","sha256":"F8:8D:49:70:48:E7:D1:35:E4:5D:D6:B4:4E:B0:63:B6:02:4A:AB:3F:4B:D1:BF:3A:C0:F4:5A:50:F9:C1:A6:E9"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.poopbnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com\r\nCookie: _ga_FZ6E2FXG92=GS2.1.s1758730650$o1$g0$t1758730650$j60$l0$h0; _ga=GA1.1.510133875.1758730651\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:31 GMT\r\ncontent-type: text/html\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019960965899B017E383678349EA\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 18 Sep 2025 06:43:07 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2123862\r\nvia: EU-GER-frankfurt-EDGE5-CACHE6[2],EU-GER-frankfurt-EDGE5-CACHE4[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE7[5],EU-FRA-paris-GLOBAL1-CACHE15[0,TCP_HIT,3]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 0e3795151694e1905d09c2e131b91d2d\r\nnginx-hit: 1\r\nage: 468154\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aXctHzjKV27c5pmS%2B5vyWadaQU%2B%2B%2FaRnT8yXyj4CaSf2WbBE85EIw7skNCEPzgv5zsxAKekNP9kCfmZZr9dDbCs9VVu0FbXQZjyyF0Y%3D\"}]}\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncf-ray: 984397aabc0c0b55-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2284,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"317b8c6977136b96b90f29cb8747d17a","sha1":"306e7d7015415786dd29b4c0112204eaf7ff660e","sha256":"6f4416d09d33d8e898053054c930f92cd59b1d713301ae947c4e9816dd4322f2","sha512":"b4c1eb4410e6237775c5c8694936ca5cb1a037b94c77df435702198b3d5d3adfd6f59809705e077636d2d5a0f60ff5d714baa461a8b1ffd8764300d977f22732","ssdeep":"","tlshash":"fd4181073cf3481566304b256fe2b528ae66a2070b5de854b5ee366cdfc2b83c9c34a0","first_seen":"2025-09-19T19:24:06.585921Z","last_seen":"2025-09-24T16:18:06.671582Z","times_seen":22,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"www.poopbnx.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v1/user/gray/rules/check","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"104.21.21.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.312Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 08:55:57 GMT","end":"Sun, 23 Nov 2025 09:53:30 GMT"},"fingerprint":{"sha1":"08:F2:60:E9:C8:D9:A6:0C:EF:94:EA:5C:FE:35:53:1B:AC:9D:B9:4B","sha256":"12:25:E9:D8:90:25:2C:B7:2F:9D:18:34:43:E2:37:BD:5D:96:03:DD:E4:49:7B:08:F9:36:66:60:F9:05:69:6A"}}},"request":{"raw":"POST /v1/user/gray/rules/check HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 171\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:32 GMT\r\ncontent-type: application/json\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UHdwf%2BsP7f3%2Fr7BM%2FuBXr%2BFjQeTPM1ewfPfNOhs578icxLytF9ZpCJ6lQjtypQuJ4Uv7NkDpht369jzrC9%2FsVchtv1k4%2BvnnbCRcRt1vG8jboMAEzKA%3D\"}]}\r\ncontent-encoding: br\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.poopbnx.com\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nx-xbox-platform: streaming\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 984397b0de84b4fd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":169,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0eaf52889cf60b81f60f824523ae3bda","sha1":"a3693eb763d2b02b56a10dc5b80973bb96393a38","sha256":"8e6d705f951da7416e0459ba3bad758f3a7d6f5e9026b969a262bb66ec505e35","sha512":"9d8c70b9c75f6184dba244da76ba8b50c20426199e77bc82563065656d72c65a661dcaac22850fa59149771ecb911ec9dee2384f0410f74b4aedaff2ed6cab79","ssdeep":"","tlshash":"01c08c3c182128fc44844082ea6122c4fb4418867f48f724c423822e31cf0c8332c2b7","first_seen":"2025-09-13T23:13:51.188079Z","last_seen":"2025-09-24T16:18:06.67227Z","times_seen":25,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"tracking.eu.flamtyr.com/rtb/nurl?uuid=6b5a85bb-e561-465e-b8ac-44ef73514db4\u0026s=101\u0026d=254\u0026feedid=e727\u0026rt=1758730652388\u0026sb=0.0025\u0026db=0.005\u0026subid=6elqJg\u0026tokid=null\u0026url=null","fqdn":"tracking.eu.flamtyr.com","domain":"flamtyr.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"moz-nullprincipal:{2b83d6d0-04f0-4427-afb6-4b75626d336b}?https://www.poopbnx.com","date":"2025-09-24T16:17:32.650Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /rtb/nurl?uuid=6b5a85bb-e561-465e-b8ac-44ef73514db4\u0026s=101\u0026d=254\u0026feedid=e727\u0026rt=1758730652388\u0026sb=0.0025\u0026db=0.005\u0026subid=6elqJg\u0026tokid=null\u0026url=null HTTP/1.1\r\nHost: tracking.eu.flamtyr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T03:38:11.701034Z","times_seen":15465433,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x1.giriucon.com/8d04ffe9e8f556fe192.jpeg","fqdn":"x1.giriucon.com","domain":"giriucon.com","tld":"com"},"ip":{"addr":"172.67.128.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"moz-nullprincipal:{0cc465fd-c2c5-484e-beaf-ecdba10f5e3b}?https://www.poopbnx.com","date":"2025-09-24T16:17:35.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"giriucon.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 19 Aug 2025 23:54:40 GMT","end":"Tue, 18 Nov 2025 00:52:56 GMT"},"fingerprint":{"sha1":"1D:21:14:E2:DB:07:DD:03:B1:EB:DD:D1:53:13:D8:D9:B4:6F:FB:1F","sha256":"33:59:C3:22:63:E3:AE:ED:EC:24:43:0C:4C:E7:94:34:80:95:79:C0:F2:EF:9E:23:4C:4D:66:1B:29:D7:1B:3F"}}},"request":{"raw":"GET /8d04ffe9e8f556fe192.jpeg HTTP/1.1\r\nHost: x1.giriucon.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 24 Sep 2025 16:17:35 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 37387\r\nlast-modified: Sat, 03 May 2025 12:51:40 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"6816115c-920b\"\r\nexpires: Wed, 01 Oct 2025 08:55:36 GMT\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nage: 2013719\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kFCt2qCIKV6%2F9qXFKX8cKjhLF6ux622%2FMyWsUCMdi81p%2Be1WbT5hzeX%2FqIhofmSn35m1LG7YXjDKxV9QPqYdD9NJG6lpy1eM9FWms6g%3D\"}]}\r\nvary: accept-encoding\r\ncf-ray: 984397c20a97b4ee-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37387,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3","md5":"1490935efa167f9f0ef89929d4056ad3","sha1":"52c64e563610d58304bb9771bece829b9849059f","sha256":"7b51bb145896f492fcadd3c4a0d70959c0849ff6760332593d7aa69382b37f8b","sha512":"5513f883a314461ca4059ca2fba5fada27b0bffec6d373eade91a2b9107394782b833a6da671bbf10ace9d090935028021ae0fe6be763e1b51e762c253b59df0","ssdeep":"768:4am/iKR5YGXQvMNymh7t3ztdgpO/4YapOpISTzx+w:JgdXYGXKwzhxjEE/fTzV","tlshash":"8af2f14bf81396817e8a5e8274338b4f18332bd4d29792041d06e857f25e68299fde8e","first_seen":"2025-05-07T07:37:42.644558Z","last_seen":"2025-10-08T14:56:18.984016Z","times_seen":688,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.poopbnx.com/assets/main-_UikGaJh-1758177775030.js","fqdn":"www.poopbnx.com","domain":"poopbnx.com","tld":"com"},"ip":{"addr":"104.21.64.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:30.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"poopbnx.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 1","organization":"CLOUDFLARE, INC."},"validity":{"start":"Thu, 18 Sep 2025 08:00:49 GMT","end":"Wed, 17 Dec 2025 08:01:54 GMT"},"fingerprint":{"sha1":"C4:5E:00:97:B1:21:CC:06:60:FE:C0:DC:6F:B2:A4:8E:02:F2:EC:A0","sha256":"F8:8D:49:70:48:E7:D1:35:E4:5D:D6:B4:4E:B0:63:B6:02:4A:AB:3F:4B:D1:BF:3A:C0:F4:5A:50:F9:C1:A6:E9"}}},"request":{"raw":"GET /assets/main-_UikGaJh-1758177775030.js HTTP/1.1\r\nHost: www.poopbnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:30 GMT\r\ncontent-type: application/x-javascript\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019960964FBBB15EC5B0EBDF6105\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=V8hbUCdEW4uI3ykqd84WBCTodtVp%2F0Tje78E5rPdLWOI3SVBZZCw0ULqJ9yp89q5rHmzo3cLa2Puk7R%2BfHshS%2BUHOs1SqHnuI%2Bowa1o%3D\"}]}\r\nlast-modified: Thu, 18 Sep 2025 06:43:06 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2123846\r\nvia: EU-GER-frankfurt-EDGE5-CACHE4[5],EU-GER-frankfurt-EDGE5-CACHE2[0,TCP_HIT,3],EU-FRA-paris-GLOBAL1-CACHE9[5],EU-FRA-paris-GLOBAL1-CACHE1[0,TCP_HIT,3]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 00bbbdf13c41fef2394a21e659a79c60\r\nnginx-hit: 1\r\nage: 468154\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"31ec04a32c85dbf8d23efb9ef713f2b3\"\r\ncf-ray: 984397a3dbda0b55-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":79676,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14233)","md5":"31ec04a32c85dbf8d23efb9ef713f2b3","sha1":"4a2d0cb6c4e4891668819e0660884b00af459f0e","sha256":"f1201db29ae417ba22c21890de02dbc2fa69f364378c9dced22caa535acf05fc","sha512":"e02361e30b3b5776e10a6785b51032b618840bc6eaad3f72f89071e8b97e9613435e92df6dfc2da82906083b7ba06ffa29cf1299b3bcb2566588b2cfd3988117","ssdeep":"1536:uG+sGChek2zjaONNET1HqzFf+Uc6uXXE726C/oRLFGFxtYb3j45b:uGfGCtWdSHj5+RP2","tlshash":"26738eec61289d38fd290ac6607ea434b439376ff928c8c1f0be3c115b9498555ab7de","first_seen":"2025-09-19T19:24:06.580842Z","last_seen":"2025-09-24T16:18:06.673909Z","times_seen":22,"resource_available":true,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":71,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"www.poopbnx.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.poopbnx.com/assets/vendor-chunks-CbR8uz8B-1758177775030.js","fqdn":"www.poopbnx.com","domain":"poopbnx.com","tld":"com"},"ip":{"addr":"104.21.64.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:30.406Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"poopbnx.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 1","organization":"CLOUDFLARE, INC."},"validity":{"start":"Thu, 18 Sep 2025 08:00:49 GMT","end":"Wed, 17 Dec 2025 08:01:54 GMT"},"fingerprint":{"sha1":"C4:5E:00:97:B1:21:CC:06:60:FE:C0:DC:6F:B2:A4:8E:02:F2:EC:A0","sha256":"F8:8D:49:70:48:E7:D1:35:E4:5D:D6:B4:4E:B0:63:B6:02:4A:AB:3F:4B:D1:BF:3A:C0:F4:5A:50:F9:C1:A6:E9"}}},"request":{"raw":"GET /assets/vendor-chunks-CbR8uz8B-1758177775030.js HTTP/1.1\r\nHost: www.poopbnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/assets/main-_UikGaJh-1758177775030.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:30 GMT\r\ncontent-type: application/x-javascript\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019960964E75B119935FB082BBC5\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HbzYdpTRuHZGNBIZjMkJf0sMVJbsnbKN4u%2BLZgF%2B%2BRLREy0r7l2dQ2hbLPJcGd3DHuEhxnoqIFVSCUZbpFgi1ACQKlpk8E3pfv%2Byjgw%3D\"}]}\r\nlast-modified: Thu, 18 Sep 2025 06:43:07 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2123847\r\nvia: EU-GER-frankfurt-EDGE5-CACHE3[12],EU-GER-frankfurt-EDGE5-CACHE5[0,TCP_HIT,9],EU-FRA-paris-GLOBAL1-CACHE11[9],EU-FRA-paris-GLOBAL1-CACHE14[0,TCP_HIT,7]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 6b27e36842fc45202253aab10bc997f1\r\nnginx-hit: 1\r\nage: 468153\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"7dd0f71b17044267127e1c37b2170ccc\"\r\ncf-ray: 984397a50be20b55-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1269551,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (37925)","md5":"e81e1424503de4a1a2c968125972dc30","sha1":"742fe0376eb5927fb026119e2d032adb9967f7f7","sha256":"e7fc67bd0914f272d338b70db49569a78a3b2ca458da922d90cdaa447e1c9721","sha512":"1e0edcab40e73a7ded290aef6b35612f3c9ea5cffa2b10ccc37ad181bf7c224f1428b68d733ef8114b327d8d21c419c06767ed846ecb43504c19b9bc8c27986e","ssdeep":"24576:Tc1WTD3o6D2XPpTb1ki8S6XbZOBgT6KbditX:TAWTD3o6D2XPpTb1ki8S6XNL6KbMX","tlshash":"65254bd972a67062879361a4503f520b723a7d16244cc05cf63bf9ea2eb8d09647bf7c","first_seen":"2025-09-05T11:10:46.835419Z","last_seen":"2025-09-24T16:18:06.933567Z","times_seen":38,"resource_available":false,"data":null}},"time_used":688,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":498,"receive":190,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"www.poopbnx.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v2/s/home/resources/SrN90azL","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"104.21.21.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:31.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 08:55:57 GMT","end":"Sun, 23 Nov 2025 09:53:30 GMT"},"fingerprint":{"sha1":"08:F2:60:E9:C8:D9:A6:0C:EF:94:EA:5C:FE:35:53:1B:AC:9D:B9:4B","sha256":"12:25:E9:D8:90:25:2C:B7:2F:9D:18:34:43:E2:37:BD:5D:96:03:DD:E4:49:7B:08:F9:36:66:60:F9:05:69:6A"}}},"request":{"raw":"OPTIONS /v2/s/home/resources/SrN90azL HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.poopbnx.com/\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:31 GMT\r\ncontent-length: 0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.poopbnx.com\r\naccess-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE\r\naccess-control-allow-headers: content-type\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yhPE8D9KsOaeehrOeEv9KA1KGS9aU9pIqsX7W6zRkNxKE%2BQ3dpyItHnyxs3QcHv73HmsqZPpayA0QhGNsi6rWwGNzcPvQuPtk9cfFaRNeTEJwZ0fC9Y%3D\"}]}\r\ncf-ray: 984397ac1dcbb4ff-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T03:38:11.701034Z","times_seen":15465433,"resource_available":true,"data":null}},"time_used":631,"timings":{"blocked":203,"dns":5,"connect":1,"send":0,"wait":217,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/vast-im.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tapioni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 10:12:45 GMT","end":"Tue, 16 Dec 2025 11:12:39 GMT"},"fingerprint":{"sha1":"53:EE:30:9F:D0:82:6E:D3:05:D7:06:C0:89:A1:7F:95:D2:E2:01:7E","sha256":"21:58:AE:A3:46:B3:6B:EB:5F:82:88:D2:99:DE:87:F2:60:5D:36:27:10:AC:28:89:4F:06:F7:18:18:B4:95:23"}}},"request":{"raw":"GET /vast-im.js HTTP/1.1\r\nHost: cdn.tapioni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:32 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 89108\r\nserver: cloudflare\r\nlast-modified: Mon, 22 Sep 2025 10:01:41 GMT\r\nvary: Accept-Encoding\r\netag: \"68d11e85-15c14\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nage: 195243\r\ncf-cache-status: HIT\r\ncf-ray: 984397af9f1b712a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":316021,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators","md5":"6d1334f3c3a996494fb08804135bdc50","sha1":"47471dbaea65a8db04a1284cc5efb99b9745164e","sha256":"1b53f16245ba49c58090b7e7b95c8a3cd257c7295b511701b836db56a4991dae","sha512":"2c3ac8f3aba2e80328ff00cf43199a554c6218cc3b581df039aa1a1359f263e0e722a2636c41f54d2b7ee8538c54a3f69520d5163d181d01931691b4c67be4b0","ssdeep":"6144:IdFfNgmYyEUOfsna/wNjXnCT1c28bJYfC:yNDYyEUOfsna/MjXnCZD8bJYfC","tlshash":"9b64b4c9b6c6b0a543e7b1b8403f520ef276a955b44ac9c0e266e9d0ac7c94e5037f7c","first_seen":"2025-09-22T17:52:53.955078Z","last_seen":"2025-10-22T07:28:21.563525Z","times_seen":175,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":58,"dns":8,"connect":4,"send":0,"wait":8,"receive":3,"ssl":43},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"s.uuidksinc.net/match/1924/?remote_uid=d315d165cd51cec1","fqdn":"s.uuidksinc.net","domain":"uuidksinc.net","tld":"net"},"ip":{"addr":"31.220.27.155","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:33.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"uuidksinc.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:22:10 GMT","end":"Fri, 28 Nov 2025 23:22:09 GMT"},"fingerprint":{"sha1":"DF:8A:AE:8B:ED:44:80:4D:3B:EB:26:59:E2:5F:93:03:BC:7D:31:F4","sha256":"D9:6C:DC:4A:1E:9E:64:3A:2B:71:51:9B:CD:A8:75:44:2E:9A:DC:B5:A7:C8:35:79:8A:0E:0C:05:6E:D6:AD:FB"}}},"request":{"raw":"GET /match/1924/?remote_uid=d315d165cd51cec1 HTTP/1.1\r\nHost: s.uuidksinc.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.23.2\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\ncontent-type: image/png\r\ncontent-length: 74\r\naccess-control-allow-headers: X-Requested-With, Cache-Control, Content-Type\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://www.poopbnx.com\r\nset-cookie: jcsuuid=sd4xAl8dARqnmVuTEXkZ; expires=Thu, 24 Sep 2026 16:17:33 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.23.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":74,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced","md5":"9e24e19b024c44b778301d880bd8e6f4","sha1":"d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e","sha256":"01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb","sha512":"4957e24a00b7ff54b350c33392560937e69ee5accf2e439781e27b4ac506eeeddef3bebd5d911185add175d648f4636dc5116e311b9c6c6ed34b842153e0b124","ssdeep":"","tlshash":"1ba022e22380fcbccc220033002003b0ceb0802808208e0f0c2c8c3a0800a0880cc383","first_seen":"2023-04-06T20:02:01Z","last_seen":"2026-05-20T01:58:18.356603Z","times_seen":6993,"resource_available":true,"data":null}},"time_used":202,"timings":{"blocked":85,"dns":3,"connect":38,"send":0,"wait":23,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","fqdn":"www.poopbnx.com","domain":"poopbnx.com","tld":"com"},"ip":{"addr":"104.21.64.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-24T16:17:28.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"poopbnx.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 1","organization":"CLOUDFLARE, INC."},"validity":{"start":"Thu, 18 Sep 2025 08:00:49 GMT","end":"Wed, 17 Dec 2025 08:01:54 GMT"},"fingerprint":{"sha1":"C4:5E:00:97:B1:21:CC:06:60:FE:C0:DC:6F:B2:A4:8E:02:F2:EC:A0","sha256":"F8:8D:49:70:48:E7:D1:35:E4:5D:D6:B4:4E:B0:63:B6:02:4A:AB:3F:4B:D1:BF:3A:C0:F4:5A:50:F9:C1:A6:E9"}}},"request":{"raw":"GET /e/SrN90azL?lv1=doodbd.com HTTP/1.1\r\nHost: www.poopbnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:30 GMT\r\ncontent-type: text/html\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019960975626B2D601354AF59F12\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QZKSyCguCeSa3JQSmG%2FXxhwT0Ylz0Z9ncMCtjcGp5my7sNEDnei9cq7D3ynoFEA3QJaRxBpMxunpE4h03GKEDyq06NS6eFriyWvM0ko%3D\"}]}\r\nlast-modified: Thu, 18 Sep 2025 06:43:07 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2123876\r\nvia: EU-GER-frankfurt-EDGE5-CACHE6[10],EU-GER-frankfurt-EDGE5-CACHE5[0,TCP_HIT,5],EU-FRA-paris-GLOBAL1-CACHE12[26],EU-FRA-paris-GLOBAL1-CACHE5[0,TCP_HIT,21]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 59ea614c3fb0f3920437d97416e8458e\r\nnginx-hit: 1\r\nage: 468124\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98439798087056bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":2284,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"317b8c6977136b96b90f29cb8747d17a","sha1":"306e7d7015415786dd29b4c0112204eaf7ff660e","sha256":"6f4416d09d33d8e898053054c930f92cd59b1d713301ae947c4e9816dd4322f2","sha512":"b4c1eb4410e6237775c5c8694936ca5cb1a037b94c77df435702198b3d5d3adfd6f59809705e077636d2d5a0f60ff5d714baa461a8b1ffd8764300d977f22732","ssdeep":"","tlshash":"fd4181073cf3481566304b256fe2b528ae66a2070b5de854b5ee366cdfc2b83c9c34a0","first_seen":"2025-09-19T19:24:06.585921Z","last_seen":"2025-09-24T16:18:06.671582Z","times_seen":22,"resource_available":false,"data":null}},"time_used":1776,"timings":{"blocked":24,"dns":1,"connect":1,"send":0,"wait":1728,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"www.poopbnx.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"altruistic-departure.com/Yx2-xzpAZ.WB5C0_ZEGFFG0HY-TJ9KyLcMm_lOkPPQTRk-1TYUTVRWm_OYTZYa1bZ-TdIewfOgT_Ei4jNkTlM-0nNoTphqj_OsDtlukvM-DxUy3zOAW_NCmDYEjFk-1H","fqdn":"altruistic-departure.com","domain":"altruistic-departure.com","tld":"com"},"ip":{"addr":"88.85.68.219","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"altruistic-departure.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Sun, 27 Jul 2025 05:16:09 GMT","end":"Sat, 25 Oct 2025 05:16:08 GMT"},"fingerprint":{"sha1":"A2:03:62:42:40:65:DA:C8:6D:4B:41:CF:22:77:FB:8E:53:5D:2E:F9","sha256":"6B:A9:3B:76:E0:D1:F1:84:2D:F8:F5:D6:45:C3:F2:0C:EA:AA:80:A4:16:E8:2F:53:B4:D7:D4:77:9E:66:B0:12"}}},"request":{"raw":"POST /Yx2-xzpAZ.WB5C0_ZEGFFG0HY-TJ9KyLcMm_lOkPPQTRk-1TYUTVRWm_OYTZYa1bZ-TdIewfOgT_Ei4jNkTlM-0nNoTphqj_OsDtlukvM-DxUy3zOAW_NCmDYEjFk-1H HTTP/1.1\r\nHost: altruistic-departure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 76\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Sep 2025 16:17:32 GMT\r\ncontent-length: 0\r\nexpires: Mon, 26 Jul 2011 05:00:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T03:38:11.701034Z","times_seen":15465433,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"altruistic-departure.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nereserv.com/in/dip?event_id=437cec70-585c-48e8-a346-58249c111be2\u0026subid=1450210302\u0026spot_id=1457063\u0026created_at=2025-09-24\u0026timezone=0\u0026ver=1.168.17","fqdn":"nereserv.com","domain":"nereserv.com","tld":"com"},"ip":{"addr":"167.235.163.216","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:33.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 02:36:27 GMT","end":"Tue, 25 Nov 2025 02:36:26 GMT"},"fingerprint":{"sha1":"64:AC:96:73:4F:92:FF:85:D0:1E:15:16:DA:B2:A2:8F:FA:02:1D:05","sha256":"1B:3E:09:8B:67:DE:C9:73:00:B7:68:C4:8A:D7:17:4D:D5:19:A0:85:23:3B:65:9C:31:C6:FB:A5:8E:BA:22:83"}}},"request":{"raw":"GET /in/dip?event_id=437cec70-585c-48e8-a346-58249c111be2\u0026subid=1450210302\u0026spot_id=1457063\u0026created_at=2025-09-24\u0026timezone=0\u0026ver=1.168.17 HTTP/1.1\r\nHost: nereserv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.20.1\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\ncontent-length: 0\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T03:38:11.701034Z","times_seen":15465433,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v1/user/gray/rules/check","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"104.21.21.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.042Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 08:55:57 GMT","end":"Sun, 23 Nov 2025 09:53:30 GMT"},"fingerprint":{"sha1":"08:F2:60:E9:C8:D9:A6:0C:EF:94:EA:5C:FE:35:53:1B:AC:9D:B9:4B","sha256":"12:25:E9:D8:90:25:2C:B7:2F:9D:18:34:43:E2:37:BD:5D:96:03:DD:E4:49:7B:08:F9:36:66:60:F9:05:69:6A"}}},"request":{"raw":"OPTIONS /v1/user/gray/rules/check HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.poopbnx.com/\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:32 GMT\r\ncontent-length: 0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.poopbnx.com\r\naccess-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE\r\naccess-control-allow-headers: content-type\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SrE1n8zM9ED%2BKGE0hR7gwHoJzyX0CEav%2F8t0NytJaVk%2Bgf0UTXf3XLfLzfOvSitu%2Fv7y2CJ3lEZh%2Bk7EChdrTZ2939FlagcEcY3IYe5%2BAX6D5nr90Bw%3D\"}]}\r\ncf-ray: 984397af4e7ab4fd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T03:38:11.701034Z","times_seen":15465433,"resource_available":true,"data":null}},"time_used":236,"timings":{"blocked":0,"dns":1,"connect":0,"send":0,"wait":235,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.foolhardywear.pro/ecc874/202783d36835.js","fqdn":"www.foolhardywear.pro","domain":"foolhardywear.pro","tld":"pro"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.foolhardywear.pro","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Sep 2025 07:03:18 GMT","end":"Tue, 23 Dec 2025 07:03:17 GMT"},"fingerprint":{"sha1":"E5:B0:40:5C:CA:68:43:8A:89:51:FE:0B:B6:4C:43:D5:66:6E:CA:1B","sha256":"44:56:4E:51:BC:4E:18:36:B8:E2:8C:FD:58:B8:38:5F:06:C4:03:B3:86:6C:7C:E7:5C:D8:55:8F:51:B3:1A:32"}}},"request":{"raw":"GET /ecc874/202783d36835.js HTTP/1.1\r\nHost: www.foolhardywear.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: Content-Type\r\ncache-control: max-age=172800\r\ncontent-encoding: gzip\r\nexpires: Fri, 26 Sep 2025 16:17:33 GMT\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":103678,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"28bd72a224aaf35c5e82076c39115e08","sha1":"fcd3571f3a90abf7c5765c3431fa157e87f00720","sha256":"9b01c93555d4d40a2cc04d1978d2e7aea945431d57ce1ee29a30e30d893f1404","sha512":"c71c557b1e3b812b93a83113eeba5977b02c8ae5fcc3a724f18fa45815b63fafc65129d8deed5ae009fbf5a7dbfbf2d72bb26fc02481c261e604b971de923fb1","ssdeep":"1536:rM+iZ3YOYuyx6PUQwRxcs8P3nhkQ8vL7T7Q6eGozzwVEnHzHRbPvk:OijxEQq3P5Enne9zkWHLm","tlshash":"c1a33461350b64fd2ad0c1e7eb6720886c295810e469cca1ecd1d7c7d6eb8e3429b5f7","first_seen":"2025-09-24T11:37:52.654774Z","last_seen":"2025-09-26T07:31:09.730577Z","times_seen":22,"resource_available":true,"data":null}},"time_used":276,"timings":{"blocked":126,"dns":61,"connect":30,"send":0,"wait":24,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"storage.multstorage.com/log/count.html","fqdn":"storage.multstorage.com","domain":"multstorage.com","tld":"com"},"ip":{"addr":"13.248.148.254","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:33.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"storage.multstorage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 02:54:50 GMT","end":"Mon, 22 Dec 2025 02:54:49 GMT"},"fingerprint":{"sha1":"A7:F0:92:B0:60:17:0F:89:16:0D:51:27:DB:FE:C6:A0:D9:39:15:0F","sha256":"D8:BB:7C:8D:91:E4:6A:95:F9:86:5F:70:CE:DE:E9:AA:14:7C:0B:84:56:FC:96:09:E6:62:FD:5E:68:8E:E2:11"}}},"request":{"raw":"GET /log/count.html HTTP/1.1\r\nHost: storage.multstorage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 410 Gone\r\nalt-svc: h3=\":50944\"; ma=2592000\r\nserver: Caddy\r\ncontent-length: 0\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"410","status_text":"Gone","fingerprints":[{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T03:38:11.701034Z","times_seen":15465433,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":29,"dns":1,"connect":1,"send":0,"wait":22,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"storage.multstorage.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"1ca6b1f43b.5978ef8c9a.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI5ODQ3ODkyMDIzMTEzMDM4MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjIuMzguMyIsInRhZ19pZCI6MzQ5OTE5LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuMjEsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MH0=","fqdn":"1ca6b1f43b.5978ef8c9a.com","domain":"5978ef8c9a.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:33.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1ca6b1f43b.5978ef8c9a.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 21 Sep 2025 02:48:00 GMT","end":"Sat, 20 Dec 2025 02:47:59 GMT"},"fingerprint":{"sha1":"55:13:45:1E:60:29:1E:F0:2F:8F:31:77:41:F8:C4:EA:EA:69:2E:6A","sha256":"B7:26:D1:2F:46:09:E3:2A:40:4C:82:3A:F8:39:5F:41:CB:8C:8D:C8:F4:B6:0E:82:84:05:72:7D:FC:10:42:E0"}}},"request":{"raw":"GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI5ODQ3ODkyMDIzMTEzMDM4MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjIuMzguMyIsInRhZ19pZCI6MzQ5OTE5LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuMjEsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MH0= HTTP/1.1\r\nHost: 1ca6b1f43b.5978ef8c9a.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\ncontent-length: 0\r\nserver: nginx/1.18.0\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nx-cdn-host-id: AH1747\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T03:38:11.701034Z","times_seen":15465433,"resource_available":true,"data":null}},"time_used":365,"timings":{"blocked":141,"dns":71,"connect":39,"send":0,"wait":62,"receive":0,"ssl":48},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"1ca6b1f43b.5978ef8c9a.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"altruistic-departure.com/c/DW9f6ib.2F5ZlnStWjQ/9hNojgUHwiOSDRcE4EOhCq0k2-N/TPAv4wNmzkgG5L","fqdn":"altruistic-departure.com","domain":"altruistic-departure.com","tld":"com"},"ip":{"addr":"88.85.68.219","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"altruistic-departure.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Sun, 27 Jul 2025 05:16:09 GMT","end":"Sat, 25 Oct 2025 05:16:08 GMT"},"fingerprint":{"sha1":"A2:03:62:42:40:65:DA:C8:6D:4B:41:CF:22:77:FB:8E:53:5D:2E:F9","sha256":"6B:A9:3B:76:E0:D1:F1:84:2D:F8:F5:D6:45:C3:F2:0C:EA:AA:80:A4:16:E8:2F:53:B4:D7:D4:77:9E:66:B0:12"}}},"request":{"raw":"GET /c/DW9f6ib.2F5ZlnStWjQ/9hNojgUHwiOSDRcE4EOhCq0k2-N/TPAv4wNmzkgG5L HTTP/1.1\r\nHost: altruistic-departure.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Sep 2025 16:17:32 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nexpires: Mon, 26 Jul 2011 05:00:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\nlast-modified: Wed, 24 Sep 2025 16:17:32 GMT\r\nset-cookie: uniqCookie=f536e1fa6d88fd30607b050a59abde3b; max-age=1761322652; path=/\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38309,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22794)","md5":"0d57d63f02e0e01cfcb41551a3889c20","sha1":"91603fabad38bf9c9e9d3d25f34cbf3b2dc7eb86","sha256":"08281e378da5fb0d8944d1e3acbc7d98c206f4a36e686cd6e1aaaef59b1bbfbc","sha512":"823830c67b02e10204e8abcd13ddbc6aec803f972499fb76a09d487fbf331e8b6a2d95d9f825ec2b28cfd40f34995948d3591bf26392a826fdc4742d6b5f7256","ssdeep":"768:QZhdZg7J02MLfTF9dFaQpp8JY29c6SboEBkleZ2YoOcLhygPTgLg0oDEiG82Imfn:QZ1g7JQLqQpp8Jr9c6SboEBkleZ2qcLS","tlshash":"ce03c6c8b1c2642642eb507d713b7208b23a54655429f028bc79c8e5fcb9e8f8577bbd","first_seen":"2025-09-24T16:18:06.677719Z","last_seen":"2025-09-24T16:18:06.677719Z","times_seen":1,"resource_available":true,"data":null}},"time_used":273,"timings":{"blocked":107,"dns":8,"connect":30,"send":0,"wait":54,"receive":0,"ssl":71},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"altruistic-departure.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jcdn.tsyndicate.com/29c25e2e6cd54b649eb87dbea7866317.js","fqdn":"jcdn.tsyndicate.com","domain":"tsyndicate.com","tld":"com"},"ip":{"addr":"45.133.44.70","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jcdn.tsyndicate.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 05:32:09 GMT","end":"Sat, 29 Nov 2025 05:32:08 GMT"},"fingerprint":{"sha1":"2A:BD:A3:1C:2B:E5:69:B4:AF:63:83:0C:52:66:96:70:0C:AF:BE:F1","sha256":"C3:CF:80:41:C0:4A:BB:F6:18:E0:72:BB:1A:16:DA:FC:BB:E2:B0:FB:69:E4:FC:BA:00:85:6F:4D:72:55:25:EC"}}},"request":{"raw":"GET /29c25e2e6cd54b649eb87dbea7866317.js HTTP/1.1\r\nHost: jcdn.tsyndicate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 2\r\nserver: nginx\r\nx-request-id: a89bd932-99a7-4963-a8bd-49d49f309bac\r\nx-robots-tag: noindex, nofollow\r\ncache-control: max-age=300\r\nexpires: Wed, 24 Sep 2025 16:22:33 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH1742,DS5058\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JSON text data","md5":"99914b932bd37a50b983c5e7c90ae93b","sha1":"bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f","sha256":"44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a","sha512":"27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd","ssdeep":"","tlshash":"c7100000000000c00000000c00000000000000000c0000000000000000000000000000","first_seen":"2023-03-07T01:15:26Z","last_seen":"2026-05-20T03:34:51.005429Z","times_seen":664926,"resource_available":true,"data":null}},"time_used":414,"timings":{"blocked":195,"dns":77,"connect":23,"send":0,"wait":24,"receive":0,"ssl":90},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.wpadmngr.com/static/adManager.js","fqdn":"js.wpadmngr.com","domain":"wpadmngr.com","tld":"com"},"ip":{"addr":"45.133.44.53","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"js.wpadmngr.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 02 Sep 2025 03:32:10 GMT","end":"Mon, 01 Dec 2025 03:32:09 GMT"},"fingerprint":{"sha1":"A8:B8:5C:A8:67:08:FB:6F:5B:FE:20:D6:BB:7A:04:B0:B2:1A:BE:F7","sha256":"03:91:48:19:1B:C5:3E:CF:59:DE:C7:39:A3:C0:C3:E0:BC:41:15:48:FB:42:AB:77:8C:5B:FF:37:FE:1F:3C:54"}}},"request":{"raw":"GET /static/adManager.js HTTP/1.1\r\nHost: js.wpadmngr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:32 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx/1.18.0\r\nlast-modified: Mon, 22 Sep 2025 09:17:22 GMT\r\netag: W/\"68d11422-247bb\"\r\ncontent-encoding: gzip\r\nexpires: Wed, 24 Sep 2025 16:22:32 GMT\r\ncache-control: max-age=300\r\nx-cdn-host-id: AH1742\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":149435,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"efd0d8736506eaf15f451fad2872d8f3","sha1":"2b3504b41f849c55de197face6135aad5a022a03","sha256":"fad4c62fc8e3657fcef74aacf53990a46cbf496fce2afb6daa1dfea79a0daef0","sha512":"901b8b7a39b4cf2939a8739e9b84c03bc37e7dd36048b15f57da60366e7f8dd923ebe21f46795c72474f330800c074ee79e8e2aed19e23ae8ed1d945f97e31ad","ssdeep":"1536:Zmc1pgoXEItQyJUGxdxOkxXK37CVBYEvtskaHIOPVKIZivAB5R1NKvfVf3dnCW+0:5UGzxlJKubxvtsH3nivATL8r+da","tlshash":"03e339c9b2d2b47407e75099d43f1206f33a1a16b80c9058f6a6e9c17878ddb9237f7a","first_seen":"2025-09-22T10:59:39.804812Z","last_seen":"2025-10-02T09:39:22.155066Z","times_seen":250,"resource_available":true,"data":null}},"time_used":241,"timings":{"blocked":90,"dns":32,"connect":27,"send":0,"wait":53,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"js.wpadmngr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tracking.eu.erdwas.com/rtb/feedimpression?uuid=659bc6cb-c5e5-4bc2-9aad-7be6cfffc660\u0026s=101\u0026d=254\u0026feedid=e727\u0026rt=1758730652728\u0026sb=0.0025\u0026db=0.005\u0026subid=6elqJg\u0026tokid=null\u0026url=J44XHDROF354SQSK6H3P6EMFWAHPU2R6GIAQ2WT2SFROO2FWR7WG2UR23MNEVJCZHY6YRELGMJFOYIU2ZUHGWSWMDICU3J76A7YYGTY=\u0026i=88d0bd\u0026u=125ff5\u0026g=NO\u0026ad=1058532\u0026sp=\u0026spv=\u0026sm=","fqdn":"tracking.eu.erdwas.com","domain":"erdwas.com","tld":"com"},"ip":{"addr":"138.68.123.32","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"moz-nullprincipal:{0cc465fd-c2c5-484e-beaf-ecdba10f5e3b}?https://www.poopbnx.com","date":"2025-09-24T16:17:35.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.eu.aneorwd.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 09:51:45 GMT","end":"Mon, 27 Oct 2025 09:51:44 GMT"},"fingerprint":{"sha1":"DD:8E:DE:D6:DE:1E:02:63:64:A7:6E:AA:34:37:99:39:B5:33:B0:F7","sha256":"14:49:B3:0B:9A:12:86:11:66:96:5B:15:2C:9E:D8:9D:8D:CE:B7:36:1A:90:D6:4D:42:27:41:9F:C0:1E:D9:73"}}},"request":{"raw":"GET /rtb/feedimpression?uuid=659bc6cb-c5e5-4bc2-9aad-7be6cfffc660\u0026s=101\u0026d=254\u0026feedid=e727\u0026rt=1758730652728\u0026sb=0.0025\u0026db=0.005\u0026subid=6elqJg\u0026tokid=null\u0026url=J44XHDROF354SQSK6H3P6EMFWAHPU2R6GIAQ2WT2SFROO2FWR7WG2UR23MNEVJCZHY6YRELGMJFOYIU2ZUHGWSWMDICU3J76A7YYGTY=\u0026i=88d0bd\u0026u=125ff5\u0026g=NO\u0026ad=1058532\u0026sp=\u0026spv=\u0026sm= HTTP/1.1\r\nHost: tracking.eu.erdwas.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nreferrer-policy: no-referrer\r\nlocation: https://x1.giriucon.com/8d04ffe9e8f556fe192.jpeg\r\ncontent-length: 0\r\ndate: Wed, 24 Sep 2025 16:17:34 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":37387,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T03:38:11.701034Z","times_seen":15465433,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/settings/494334","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 23:28:42 GMT","end":"Sun, 07 Dec 2025 23:28:41 GMT"},"fingerprint":{"sha1":"75:0C:2C:D1:88:D9:87:78:0A:96:30:7B:67:42:16:4C:38:3E:51:6C","sha256":"2D:C0:E0:B0:44:25:E2:6F:08:EA:D5:19:60:6E:39:05:4F:0A:AC:38:FA:D8:9F:D6:B8:A1:C4:6F:3B:67:51:37"}}},"request":{"raw":"GET /api/settings/494334 HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.poopbnx.com/\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Sep 2025 16:17:32 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-robots-tag: noindex, nofollow\r\ncache-control: private\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"1be64b6d6652effba7dcf744e90def6a","sha1":"d9fbc7d1fa49fa4733f90a3739882d63972c2352","sha256":"72d79d0ad9a70ef53c1bab65c588d44bffb1a1b5aba0eb2f9f6a886c4c3aec4f","sha512":"ff1aee5b5d4ba25f4f78a0ddc80cd878856815c1ded88b32370c72bff242e73522e6aefb60fa5e53c434f10d2611dab7679152edf9321edc2b656e0265ef7006","ssdeep":"","tlshash":"408004c00dc1545410c010f4434043150103140f535c3304d41d1701147f4d17030150","first_seen":"2023-04-06T10:58:14Z","last_seen":"2026-05-20T02:25:30.848628Z","times_seen":7611,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":84,"dns":44,"connect":13,"send":0,"wait":13,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/spots/494334?s1=1949187009982111745\u0026fs1=1\u0026i=1\u0026rtb_only=1\u0026url=https%3A%2F%2Fwww.poopbnx.com%2Fe%2FSrN90azL%3Flv1%3Ddoodbd.com\u0026sid=cbfb4cc3-b414-4e27-87a6-9a45e794cf1b","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.598Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 23:28:42 GMT","end":"Sun, 07 Dec 2025 23:28:41 GMT"},"fingerprint":{"sha1":"75:0C:2C:D1:88:D9:87:78:0A:96:30:7B:67:42:16:4C:38:3E:51:6C","sha256":"2D:C0:E0:B0:44:25:E2:6F:08:EA:D5:19:60:6E:39:05:4F:0A:AC:38:FA:D8:9F:D6:B8:A1:C4:6F:3B:67:51:37"}}},"request":{"raw":"GET /api/spots/494334?s1=1949187009982111745\u0026fs1=1\u0026i=1\u0026rtb_only=1\u0026url=https%3A%2F%2Fwww.poopbnx.com%2Fe%2FSrN90azL%3Flv1%3Ddoodbd.com\u0026sid=cbfb4cc3-b414-4e27-87a6-9a45e794cf1b HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nCookie: nauid=iqwgatdS0MMJgLoNSEWX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Sep 2025 16:17:32 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-robots-tag: noindex, nofollow\r\ncache-control: private\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3131,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (2071)","md5":"598828746211caf5b0e8965bfc5bce4a","sha1":"a9dae6c1eac73eb91362e322255f0b1f6610d6e2","sha256":"9beb0daee2025de9fefd4fce4cc27e9f2f2b7d75fefc5acbf899e72f64408ee2","sha512":"9bf8cc8fe0add32a734be2ddbc704fb8b2b3b3c483b967d99a44b06f2856be5c2be99cb94491123bbfce69dd7227a80a0eda30fd75ddd555cd99fdc6eadbf3d2","ssdeep":"","tlshash":"b151b7c483ac2256f62750a0ddbdcfdf586da541a649407eafbb1197c3cc2880e7118a","first_seen":"2025-09-24T16:18:06.680398Z","last_seen":"2025-09-24T16:18:06.680398Z","times_seen":1,"resource_available":true,"data":null}},"time_used":293,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":293,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tsyndicate.com/sdk/v1/p.js","fqdn":"cdn.tsyndicate.com","domain":"tsyndicate.com","tld":"com"},"ip":{"addr":"45.133.44.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tsyndicate.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Aug 2025 08:32:03 GMT","end":"Fri, 31 Oct 2025 08:32:02 GMT"},"fingerprint":{"sha1":"E4:52:21:98:B0:CD:51:03:1A:59:A9:01:02:8A:D6:3B:66:E3:EE:3A","sha256":"F1:77:51:DD:B8:B7:37:39:6D:01:37:95:43:1C:C1:78:42:1E:A6:30:E3:96:F3:D8:25:E4:61:7E:80:03:FD:8A"}}},"request":{"raw":"GET /sdk/v1/p.js HTTP/1.1\r\nHost: cdn.tsyndicate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:32 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Fri, 20 Jun 2025 12:52:21 GMT\r\netag: W/\"68555985-3ede\"\r\nx-robots-tag: noindex, nofollow\r\ncontent-encoding: gzip\r\ncache-control: max-age=172800\r\nexpires: Fri, 26 Sep 2025 16:17:32 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ah1742,DS5059\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16094,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (16018)","md5":"2926f345fb4641fde74661235b655468","sha1":"3e836fd79a6cf73b85570e5845ebba198eb995fd","sha256":"b3cd4ea4dbe8bcb473b7056e3b9705d5605a61060ebe6fd855377a1c06e4db72","sha512":"3605af943a37409c2899801241c51b7e699d814ec87f76199c2c287ef2517970289bf99ecf81371062156bde7c60628efbda7fcc1c49307cb68f40add3f19dd4","ssdeep":"384:phuEaLKr2ld+l2jzM8EYyzjfku/pCgpLYPQc6vn4:psNLK8NnxyvrpCgp0Mv4","tlshash":"287219dcb1c7b0615367a4b6857f6117ba3a6a14284c8845e066f6c23d3cdc6d237e39","first_seen":"2025-06-22T14:24:34.344756Z","last_seen":"2025-12-13T16:30:20.392365Z","times_seen":831,"resource_available":true,"data":null}},"time_used":215,"timings":{"blocked":88,"dns":32,"connect":30,"send":0,"wait":29,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.capndr.com/advertising.js","fqdn":"js.capndr.com","domain":"capndr.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"js.capndr.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 14 Aug 2025 02:32:40 GMT","end":"Wed, 12 Nov 2025 02:32:39 GMT"},"fingerprint":{"sha1":"29:AD:62:97:FC:BB:60:DB:88:37:9C:81:9B:75:1A:F9:A2:C2:D0:62","sha256":"D8:5B:F4:35:C6:F5:9C:AE:95:BB:5C:A9:3E:61:B6:13:E7:D6:E5:E3:64:B9:D8:A2:F0:28:B8:1C:F9:65:27:3A"}}},"request":{"raw":"GET /advertising.js HTTP/1.1\r\nHost: js.capndr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 0\r\nserver: nginx/1.18.0\r\nlast-modified: Fri, 14 Jul 2023 08:23:25 GMT\r\netag: \"64b105fd-0\"\r\nexpires: Wed, 24 Sep 2025 16:22:33 GMT\r\ncache-control: max-age=300\r\nx-cdn-host-id: AH1747\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T03:38:11.701034Z","times_seen":15465433,"resource_available":true,"data":null}},"time_used":249,"timings":{"blocked":111,"dns":36,"connect":37,"send":0,"wait":27,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"js.capndr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ntvpforever.com/keywords","fqdn":"ntvpforever.com","domain":"ntvpforever.com","tld":"com"},"ip":{"addr":"167.235.163.216","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:33.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 02:36:27 GMT","end":"Tue, 25 Nov 2025 02:36:26 GMT"},"fingerprint":{"sha1":"64:AC:96:73:4F:92:FF:85:D0:1E:15:16:DA:B2:A2:8F:FA:02:1D:05","sha256":"1B:3E:09:8B:67:DE:C9:73:00:B7:68:C4:8A:D7:17:4D:D5:19:A0:85:23:3B:65:9C:31:C6:FB:A5:8E:BA:22:83"}}},"request":{"raw":"POST /keywords HTTP/1.1\r\nHost: ntvpforever.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 79\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.20.1\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\ncontent-type: application/json\r\ncontent-length: 21\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d69e68835ea2e3e3ce409980422c5e29","sha1":"7422227a72f82e018bee3c50c2a8ce958303869c","sha256":"f97633f5140723fcb16ac351c985c3823b4dc276e539daf79ace5ae8300e3980","sha512":"4de802594af58959189c14656cd44bda60b02bd8a19af8abb4ca58b50e4ccca93bbfd176bef4f4b39d4405a8119528ca4a6c6c86a756e529829262d1ce063c51","ssdeep":"","tlshash":"1f70000c200b08030ca0b20033008a002000e0220082280820a2000283022000008888","first_seen":"2025-09-16T21:07:48.219712Z","last_seen":"2025-10-08T10:02:34.684702Z","times_seen":79,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-FZ6E2FXG92","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:30.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:34:53 GMT","end":"Mon, 01 Dec 2025 08:34:52 GMT"},"fingerprint":{"sha1":"DF:7E:8A:F9:1C:B5:DC:9E:90:E3:71:A7:92:85:2C:8F:2B:B4:42:8E","sha256":"3A:65:11:10:B9:58:2F:E1:BF:38:98:8D:2E:3E:A2:01:9D:C6:BE:69:5B:AD:F7:99:53:F9:AB:A6:6B:82:47:F1"}}},"request":{"raw":"GET /gtag/js?id=G-FZ6E2FXG92 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 24 Sep 2025 16:17:30 GMT\r\nexpires: Wed, 24 Sep 2025 16:17:30 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 139446\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":418015,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"3b85994da60a1cc5b18445132266d57d","sha1":"502b3116dcddad8dd2c1e8878ef4edd94e7dcc58","sha256":"237bce6d64085a0758426b3b3506cc9c71bc4ca93ab3faa16c5462504288cb4f","sha512":"bb1a9d3c7f31ef0a3cb2481004bf192db241b2eec41a3b819e479af3657b43f8b6e2fdf33a7de6e072ac2ed55cafd88d028e4ec3a646fd9b896c3daf98e53297","ssdeep":"6144:X4B9wEqNrxY1D2im0DgfI2QNTs7eAT/PK1f2Q:XWm//YN2ixgMAw","tlshash":"e2940bce73c674665396f078907f018ba5bb28a2b45cc895f189cce42e74a9a4137f7c","first_seen":"2025-09-24T04:41:31.313165Z","last_seen":"2025-09-24T16:18:06.682371Z","times_seen":2,"resource_available":true,"data":null}},"time_used":176,"timings":{"blocked":58,"dns":1,"connect":8,"send":0,"wait":30,"receive":25,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bereave.onelinevideo.com/moire/calibre/eclipse","fqdn":"bereave.onelinevideo.com","domain":"onelinevideo.com","tld":"com"},"ip":{"addr":"47.253.93.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bereave.onelinevideo.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 21 Apr 2025 00:00:00 GMT","end":"Mon, 20 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E0:8E:3E:B2:04:D3:F1:8E:24:9D:86:3A:9E:82:A4:F5:45:3F:D1:AD","sha256":"92:99:82:77:56:12:E5:7A:6F:E4:9E:E1:33:D0:ED:6E:11:A4:AF:65:E4:1A:60:B9:75:F8:9B:59:74:D7:01:8B"}}},"request":{"raw":"POST /moire/calibre/eclipse HTTP/1.1\r\nHost: bereave.onelinevideo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.poopbnx.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 901\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:32 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: no-store\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with no line terminators","md5":"938596e4ea94c3b1c0efae4de3a351ef","sha1":"b18bc6783d11496dc6a25725e1e6df41e161ea40","sha256":"2f101c64bc619e7b317dc3e176c7a9617988ad0f2bfb450561672c31d41f33fe","sha512":"19ba913831fe45f3e1a617e7cdc678c7e398ae45cda7b7ab3823693a2406ef2da9cdbe0bdd5c0ac5e250a4eec5064b655ac675e9c8a9e9307326436c98b5b8ee","ssdeep":"","tlshash":"dc800407d3734744dd05100347f11f4504d114004011c05104710d00554111150f5d51","first_seen":"2025-09-24T16:18:06.683414Z","last_seen":"2025-09-24T16:18:06.683414Z","times_seen":1,"resource_available":false,"data":null}},"time_used":948,"timings":{"blocked":459,"dns":0,"connect":108,"send":0,"wait":110,"receive":0,"ssl":264},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/asg_embed.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.613Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tapioni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 10:12:45 GMT","end":"Tue, 16 Dec 2025 11:12:39 GMT"},"fingerprint":{"sha1":"53:EE:30:9F:D0:82:6E:D3:05:D7:06:C0:89:A1:7F:95:D2:E2:01:7E","sha256":"21:58:AE:A3:46:B3:6B:EB:5F:82:88:D2:99:DE:87:F2:60:5D:36:27:10:AC:28:89:4F:06:F7:18:18:B4:95:23"}}},"request":{"raw":"GET /asg_embed.js HTTP/1.1\r\nHost: cdn.tapioni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:32 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 77002\r\nserver: cloudflare\r\nlast-modified: Mon, 22 Sep 2025 10:01:41 GMT\r\nvary: Accept-Encoding\r\netag: \"68d11e85-12cca\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nage: 195254\r\ncf-cache-status: HIT\r\ncf-ray: 984397b2c9df712a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":245512,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators","md5":"0eef4f80e127c9db6bb4c0135bffc83e","sha1":"84925fb336ae49a8b356cad8fc9c220db72a6395","sha256":"e2fa18a9d94f65ebb3bcf6b40556457d88d86d94e750f4f97b8fa136c546c97a","sha512":"f94748fa14b66f7c8b5713274e355c95a70cf8c702d32d42e85e229a24a467a2fb958e99dd1907176c7af0266a14dc5fadcff78d91b9afa706600eb21ba93b7e","ssdeep":"6144:AedFcApjUoMdMH4gCyCthyPpfM7t+ZBRnH8VoceXz93Y+OL1fKd2fNKfnEWVhwTm:JpwoMjGS1O","tlshash":"9034c889b6c1b0b402e3b1b4056f551af277b944744ec5c1f629d9c0aeb9a0e9a37f3c","first_seen":"2025-09-22T17:52:53.981101Z","last_seen":"2025-10-22T07:04:13.260466Z","times_seen":220,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bereave.onelinevideo.com/moire/calibre/eclipse","fqdn":"bereave.onelinevideo.com","domain":"onelinevideo.com","tld":"com"},"ip":{"addr":"47.253.93.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bereave.onelinevideo.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 21 Apr 2025 00:00:00 GMT","end":"Mon, 20 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E0:8E:3E:B2:04:D3:F1:8E:24:9D:86:3A:9E:82:A4:F5:45:3F:D1:AD","sha256":"92:99:82:77:56:12:E5:7A:6F:E4:9E:E1:33:D0:ED:6E:11:A4:AF:65:E4:1A:60:B9:75:F8:9B:59:74:D7:01:8B"}}},"request":{"raw":"POST /moire/calibre/eclipse HTTP/1.1\r\nHost: bereave.onelinevideo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.poopbnx.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 916\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:32 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: no-store\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with no line terminators","md5":"5a71265cb9fd9902c2788b7131231ea4","sha1":"58b47160ab2fe11d1cd902f345ba104fcc46aeb0","sha256":"53712d81321b358bb2cf00e0ec497dfaf544b5c341fad2a98a1dfcea55e19de2","sha512":"21519c77d89f20f5653ebdc85eb81045124591ffebd0e6a8ed1bc56e2a3bf85a84a5eda0b3edf08e75e3e4472e67507720ed56f8010fdaa3091c25ab64d93138","ssdeep":"","tlshash":"cd800444531307435f141dc454005d001f13c1510d4101c1f75c1041054cd5d0050501","first_seen":"2025-09-24T16:18:06.684944Z","last_seen":"2025-09-24T16:18:06.684944Z","times_seen":1,"resource_available":false,"data":null}},"time_used":952,"timings":{"blocked":424,"dns":81,"connect":108,"send":0,"wait":112,"receive":0,"ssl":224},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sm.luxsmab.com/thumbnails/xbox-streaming/1922741901388288001/015ee9e1-5cf3-4c92-8314-2f6ccf0c906a/screenshot/3x3.jpg","fqdn":"sm.luxsmab.com","domain":"luxsmab.com","tld":"com"},"ip":{"addr":"104.18.54.96","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.596Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"luxsmab.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 Aug 2025 01:44:47 GMT","end":"Sun, 16 Nov 2025 02:44:36 GMT"},"fingerprint":{"sha1":"27:10:63:FF:9B:8C:8D:5C:4A:99:58:54:BE:FC:52:DB:19:19:23:30","sha256":"61:6A:F8:02:C0:93:DD:33:46:01:A2:35:D6:A4:F8:27:9B:70:90:85:EF:57:FC:40:5C:D9:F0:07:F7:EB:3D:9C"}}},"request":{"raw":"GET /thumbnails/xbox-streaming/1922741901388288001/015ee9e1-5cf3-4c92-8314-2f6ccf0c906a/screenshot/3x3.jpg HTTP/1.1\r\nHost: sm.luxsmab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:32 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 153510\r\ncf-ray: 984397b40e0a5685-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ncf-bgj: h2pri,csam-hash\r\ncloudservicediscount: CDN\r\ncontent-disposition: inline\r\netag: \"6aaf7b1507c155e9ae21a2a8936ae1e6\"\r\nlast-modified: Mon, 28 Jul 2025 18:28:03 GMT\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-expires: 1854964\r\nx-ccdn-req-id-46b1: 646b9f92770efa476009f0e131288e25\r\nvia: EU-TUR-istanbul-EDGE9-CACHE3[305],EU-TUR-istanbul-EDGE9-CACHE2[83,TCP_MISS,303],EU-TUR-istanbul-GLOBAL1-CACHE10[70],EU-TUR-istanbul-GLOBAL1-CACHE30[65,TCP_MISS,69],EU-GER-frankfurt-GLOBAL1-CACHE8[17],EU-GER-frankfurt-GLOBAL1-CACHE7[0,TCP_HIT,16]\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-amz-request-id: 000001985D814901B19E464894C60DEF\r\nx-hcs-proxy-type: 1\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncf-cache-status: HIT\r\nexpires: Wed, 24 Sep 2025 20:17:32 GMT\r\ncache-control: public, max-age=14400\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":153510,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1440x2544, components 3","md5":"6aaf7b1507c155e9ae21a2a8936ae1e6","sha1":"f9c06613ef8aa7249e4fa895ff49c51954f53add","sha256":"e9d133c97919b1a52e7724054c56f00fe1e0eb92a56c570f513bc4c6aa8bf91e","sha512":"8cf94d1341f25694c2add057ede329bc3217831118fcf036b4ad3f8e8d479799445af0333bff24f7b3cb2a252adb6ab1a89aa258ba5a3737451b8edefafd85ca","ssdeep":"3072:OPEq7VGCK9sOG4ds4ThbmWMWpLmWmir+DhiFgDqvmUfpOTOQizByuu29KBc:OcaCWOqa9lgDefEGZ9KK","tlshash":"4de313b16cffc67be50ccddce9482f1b417b985628adf978c84a5d141083b6d4aa28b1","first_seen":"2025-09-24T16:18:06.685869Z","last_seen":"2025-10-08T21:28:54.961369Z","times_seen":3,"resource_available":false,"data":null}},"time_used":473,"timings":{"blocked":210,"dns":2,"connect":1,"send":0,"wait":46,"receive":7,"ssl":203},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AfYwgwUcMgvtEP6n_invoQgiYgdIUWVDypCMkjLi1w5vUpJgzZCF11wzZq3TiD6gUPmQ2uOv-Cg7WA\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S-1271214270%3A1758730653878208","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.147.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:33.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:34:53 GMT","end":"Mon, 01 Dec 2025 08:34:52 GMT"},"fingerprint":{"sha1":"13:4A:0B:81:A8:A4:37:A9:D7:31:CB:DD:A6:76:53:21:8A:1B:2E:0C","sha256":"2D:8F:A1:B5:9A:60:F4:14:AD:1C:29:44:92:C7:8B:AF:4F:27:CD:EE:15:0F:A8:E4:E8:11:CD:41:8C:75:45:4B"}}},"request":{"raw":"GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AfYwgwUcMgvtEP6n_invoQgiYgdIUWVDypCMkjLi1w5vUpJgzZCF11wzZq3TiD6gUPmQ2uOv-Cg7WA\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S-1271214270%3A1758730653878208 HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreport-to: {\"group\":\"AccountsSignInUi\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi\"}]}\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"AccountsSignInUi\"\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-iMFOikGtcnJndJeAThw-0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.google.com/tools/feedback/ https://www.gstatic.com/feedback/js/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://support.google.com/inapp/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncontent-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/tools/feedback/chat_load.js https://www.google.com/tools/feedback/help_api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.gstatic.com/feedback/js/ https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.tx7Hf5xXnPQ.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T03:38:11.701034Z","times_seen":15465433,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":60,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nereserv.com/in/dip?event_id=437cec70-585c-48e8-a346-58249c111be2\u0026subid=1450210302\u0026spot_id=1457063\u0026created_at=2025-09-24\u0026timezone=0\u0026ver=1.168.17","fqdn":"nereserv.com","domain":"nereserv.com","tld":"com"},"ip":{"addr":"167.235.163.216","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:34.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 02:36:27 GMT","end":"Tue, 25 Nov 2025 02:36:26 GMT"},"fingerprint":{"sha1":"64:AC:96:73:4F:92:FF:85:D0:1E:15:16:DA:B2:A2:8F:FA:02:1D:05","sha256":"1B:3E:09:8B:67:DE:C9:73:00:B7:68:C4:8A:D7:17:4D:D5:19:A0:85:23:3B:65:9C:31:C6:FB:A5:8E:BA:22:83"}}},"request":{"raw":"GET /in/dip?event_id=437cec70-585c-48e8-a346-58249c111be2\u0026subid=1450210302\u0026spot_id=1457063\u0026created_at=2025-09-24\u0026timezone=0\u0026ver=1.168.17 HTTP/1.1\r\nHost: nereserv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.20.1\r\ndate: Wed, 24 Sep 2025 16:17:34 GMT\r\ncontent-length: 0\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T03:38:11.701034Z","times_seen":15465433,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"nereserv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.poopbnx.com/assets/vendor-chunks-CbR8uz8B-1758177775030.js","fqdn":"www.poopbnx.com","domain":"poopbnx.com","tld":"com"},"ip":{"addr":"104.21.64.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:31.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"poopbnx.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 1","organization":"CLOUDFLARE, INC."},"validity":{"start":"Thu, 18 Sep 2025 08:00:49 GMT","end":"Wed, 17 Dec 2025 08:01:54 GMT"},"fingerprint":{"sha1":"C4:5E:00:97:B1:21:CC:06:60:FE:C0:DC:6F:B2:A4:8E:02:F2:EC:A0","sha256":"F8:8D:49:70:48:E7:D1:35:E4:5D:D6:B4:4E:B0:63:B6:02:4A:AB:3F:4B:D1:BF:3A:C0:F4:5A:50:F9:C1:A6:E9"}}},"request":{"raw":"GET /assets/vendor-chunks-CbR8uz8B-1758177775030.js HTTP/1.1\r\nHost: www.poopbnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:31 GMT\r\ncontent-type: application/x-javascript\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019960964E75B119935FB082BBC5\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TBfYFyOnyc33d7a8wXg6mFTIVjvQhVaeHQzWtvf6G4%2FZqsgsbwVZfs7htrURDxxvBDiL4onlQmht%2FK5Kl74pu4WDSr7J%2B3fTXAKN8pU%3D\"}]}\r\nlast-modified: Thu, 18 Sep 2025 06:43:07 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2123847\r\nvia: EU-GER-frankfurt-EDGE5-CACHE3[12],EU-GER-frankfurt-EDGE5-CACHE5[0,TCP_HIT,9],EU-FRA-paris-GLOBAL1-CACHE11[9],EU-FRA-paris-GLOBAL1-CACHE14[0,TCP_HIT,7]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 6b27e36842fc45202253aab10bc997f1\r\nnginx-hit: 1\r\nage: 0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"7dd0f71b17044267127e1c37b2170ccc\"\r\ncf-ray: 984397aa2c0a0b55-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1269551,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (37925)","md5":"e81e1424503de4a1a2c968125972dc30","sha1":"742fe0376eb5927fb026119e2d032adb9967f7f7","sha256":"e7fc67bd0914f272d338b70db49569a78a3b2ca458da922d90cdaa447e1c9721","sha512":"1e0edcab40e73a7ded290aef6b35612f3c9ea5cffa2b10ccc37ad181bf7c224f1428b68d733ef8114b327d8d21c419c06767ed846ecb43504c19b9bc8c27986e","ssdeep":"24576:Tc1WTD3o6D2XPpTb1ki8S6XbZOBgT6KbditX:TAWTD3o6D2XPpTb1ki8S6XNL6KbMX","tlshash":"65254bd972a67062879361a4503f520b723a7d16244cc05cf63bf9ea2eb8d09647bf7c","first_seen":"2025-09-05T11:10:46.835419Z","last_seen":"2025-09-24T16:18:06.933567Z","times_seen":38,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"www.poopbnx.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/users/494331?v2=1\u0026fill=0\u0026s1=1949187009982111745\u0026fs1=1\u0026i=1\u0026url=https%3A%2F%2Fwww.poopbnx.com%2Fe%2FSrN90azL%3Flv1%3Ddoodbd.com\u0026sid=cbfb4cc3-b414-4e27-87a6-9a45e794cf1b","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.230Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 23:28:42 GMT","end":"Sun, 07 Dec 2025 23:28:41 GMT"},"fingerprint":{"sha1":"75:0C:2C:D1:88:D9:87:78:0A:96:30:7B:67:42:16:4C:38:3E:51:6C","sha256":"2D:C0:E0:B0:44:25:E2:6F:08:EA:D5:19:60:6E:39:05:4F:0A:AC:38:FA:D8:9F:D6:B8:A1:C4:6F:3B:67:51:37"}}},"request":{"raw":"GET /api/users/494331?v2=1\u0026fill=0\u0026s1=1949187009982111745\u0026fs1=1\u0026i=1\u0026url=https%3A%2F%2Fwww.poopbnx.com%2Fe%2FSrN90azL%3Flv1%3Ddoodbd.com\u0026sid=cbfb4cc3-b414-4e27-87a6-9a45e794cf1b HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.poopbnx.com/\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Sep 2025 16:17:32 GMT\r\ncontent-type: text/xml\r\nvary: Accept-Encoding\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://www.poopbnx.com\r\naccess-control-expose-headers: X-Asg-Config, X-t\r\nset-cookie: nauid=wplM6ipFnpaM9mG88oUx; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None\r\nx-robots-tag: noindex, nofollow\r\nx-t: 0\r\ncache-control: private\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":96,"size_decoded":0,"mime_type":"text/xml","magic":"XML 1.0 document, ASCII text","md5":"73d174f378b492e8958d14c2e6a9a4ec","sha1":"7d699dc411131a000b55c5e3808d6c75b443a25f","sha256":"c6f441dbb28602e988f9ae260f3f9c8556ac8d11eac13a6f997c04519267a621","sha512":"dd3c103c5a448e2e3df63dd51379b0f2225bbe5ce804402f5b13d102bd64500652eff4a136f311426d152d0068f4e9d0ce036e054b567246fb9e1a4156c0d195","ssdeep":"","tlshash":"e0b012867301b43305f16f135b24c01513783b85089d588ce8f30ad01e6440c03481ce","first_seen":"2025-09-24T04:41:31.323262Z","last_seen":"2025-11-20T22:31:42.782605Z","times_seen":115,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":34,"dns":0,"connect":13,"send":0,"wait":14,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"enrtx.com/get/","fqdn":"enrtx.com","domain":"enrtx.com","tld":"com"},"ip":{"addr":"94.130.197.239","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:34.117Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"popunder-base.infrapu.sh","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Sep 2025 07:32:10 GMT","end":"Thu, 04 Dec 2025 07:32:09 GMT"},"fingerprint":{"sha1":"50:EA:C1:7E:9B:20:00:A4:62:CE:FD:F9:FD:D2:E9:BE:77:FE:08:47","sha256":"81:9C:C4:CA:23:66:01:BB:6E:7A:21:04:B3:6B:69:EF:E7:F2:C5:8D:CB:6E:F7:3D:A2:3C:90:1F:BE:0B:6F:48"}}},"request":{"raw":"POST /get/ HTTP/1.1\r\nHost: enrtx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.poopbnx.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1717\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.16.0\r\ndate: Wed, 24 Sep 2025 16:17:34 GMT\r\ncontent-type: application/json\r\ncontent-length: 3004\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.16.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9306,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"9e3fd349bdb871bb5571b0cd39fc83f7","sha1":"0d111ec8420c07a5b2efdf22a6f5161874beff5e","sha256":"1c2c13134b1b507207c3e3c857c88055884a42d9256664500b8bc6353efa2168","sha512":"a0e3f47d8ac88fbe14f0b6a4af07a128eb680bd7c4ca66cbebf8d3951a5ea6b5339419dd31a7224be7048b4cd221ce3af3bb59a27ef39fe23ba3852a95b1c919","ssdeep":"192:y3RyuaEyRsvgKO/fHXvgK653RyuaEyRSfH0:yBaE/vc3HXvA5BaEtH0","tlshash":"2a121ac355abeaa1fd2de5c2d6f193285317dad23b1b094fdc564724898c31500cafae","first_seen":"2025-09-24T16:18:06.687861Z","last_seen":"2025-09-24T16:18:06.687861Z","times_seen":1,"resource_available":false,"data":null}},"time_used":596,"timings":{"blocked":156,"dns":14,"connect":44,"send":0,"wait":281,"receive":1,"ssl":97},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/ip-push.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tapioni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 10:12:45 GMT","end":"Tue, 16 Dec 2025 11:12:39 GMT"},"fingerprint":{"sha1":"53:EE:30:9F:D0:82:6E:D3:05:D7:06:C0:89:A1:7F:95:D2:E2:01:7E","sha256":"21:58:AE:A3:46:B3:6B:EB:5F:82:88:D2:99:DE:87:F2:60:5D:36:27:10:AC:28:89:4F:06:F7:18:18:B4:95:23"}}},"request":{"raw":"GET /ip-push.js HTTP/1.1\r\nHost: cdn.tapioni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:32 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 41265\r\nserver: cloudflare\r\nlast-modified: Mon, 22 Sep 2025 10:01:41 GMT\r\nvary: Accept-Encoding\r\netag: \"68d11e85-a131\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nage: 195198\r\ncf-cache-status: HIT\r\ncf-ray: 984397af9f19712a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":134816,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65498), with no line terminators","md5":"c492d7c5b08e6e1346c5568fd9375200","sha1":"3f16815f3fceef2be7b3d447b04ea3e9df6f4235","sha256":"3d717748d2bc757dca9959cc7ed88937d260a66164d4c6f7c74ae5030086210e","sha512":"6aec3ed2c0af66e44968183960a807e33fe9391fbf769856d0e7bf8ba25685001cb704b7d9dfef329cd0b89ea6cae80ae694b5b8f8c6792db20bbf1db8e13ba5","ssdeep":"1536:gmYHGtNYCX8m7HolV5WlvgO1kbUfyrMwaPdyvZiFTa+T0jN9ZTdSenoOAUBxMbCT:XYHGtNN7HolCHkbZaPyZF62","tlshash":"41d3628dbac1b56107e37064023f640ef2b63a54b44bc8c0fa29d5e16e7e94f6167e2d","first_seen":"2025-09-22T16:09:30.942407Z","last_seen":"2025-10-22T00:42:16.271508Z","times_seen":104,"resource_available":true,"data":null}},"time_used":124,"timings":{"blocked":57,"dns":8,"connect":1,"send":0,"wait":8,"receive":2,"ssl":45},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/spots/494334?s1=1949187009982111745\u0026fs1=1\u0026i=1\u0026url=https%3A%2F%2Fwww.poopbnx.com%2Fe%2FSrN90azL%3Flv1%3Ddoodbd.com\u0026sid=cbfb4cc3-b414-4e27-87a6-9a45e794cf1b","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 23:28:42 GMT","end":"Sun, 07 Dec 2025 23:28:41 GMT"},"fingerprint":{"sha1":"75:0C:2C:D1:88:D9:87:78:0A:96:30:7B:67:42:16:4C:38:3E:51:6C","sha256":"2D:C0:E0:B0:44:25:E2:6F:08:EA:D5:19:60:6E:39:05:4F:0A:AC:38:FA:D8:9F:D6:B8:A1:C4:6F:3B:67:51:37"}}},"request":{"raw":"GET /api/spots/494334?s1=1949187009982111745\u0026fs1=1\u0026i=1\u0026url=https%3A%2F%2Fwww.poopbnx.com%2Fe%2FSrN90azL%3Flv1%3Ddoodbd.com\u0026sid=cbfb4cc3-b414-4e27-87a6-9a45e794cf1b HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Sep 2025 16:17:32 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nset-cookie: nauid=iqwgatdS0MMJgLoNSEWX; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None\r\nx-robots-tag: noindex, nofollow\r\ncache-control: private\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3131,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (2071)","md5":"b4a332deb2a6aaa4a5e02af9451eb282","sha1":"787c43cf591fb103a59863fc3cc4062a79a612bd","sha256":"3d8ce24551fa7060730983cf09d057c97127b35fcba7f464ec32e911e72af979","sha512":"f78178c5af913b840cfba26fdf0c5575ad2455cf2634a93f7a57d3bafc300049ff1296af5d0a60419e073bc90dd47ed822d21e85f8f571c56ac05f82f3f8ce11","ssdeep":"","tlshash":"1751a78483bc2256f6275060ddbdcfdf596ea141a646407edebb1196c3cc2881e7128b","first_seen":"2025-09-24T16:18:06.689335Z","last_seen":"2025-09-24T16:18:06.689335Z","times_seen":1,"resource_available":true,"data":null}},"time_used":394,"timings":{"blocked":79,"dns":40,"connect":16,"send":0,"wait":238,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bereave.onelinevideo.com/moire/calibre/eclipse","fqdn":"bereave.onelinevideo.com","domain":"onelinevideo.com","tld":"com"},"ip":{"addr":"47.253.93.134","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:33.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bereave.onelinevideo.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 21 Apr 2025 00:00:00 GMT","end":"Mon, 20 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E0:8E:3E:B2:04:D3:F1:8E:24:9D:86:3A:9E:82:A4:F5:45:3F:D1:AD","sha256":"92:99:82:77:56:12:E5:7A:6F:E4:9E:E1:33:D0:ED:6E:11:A4:AF:65:E4:1A:60:B9:75:F8:9B:59:74:D7:01:8B"}}},"request":{"raw":"POST /moire/calibre/eclipse HTTP/1.1\r\nHost: bereave.onelinevideo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.poopbnx.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1318\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: no-store\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with no line terminators","md5":"6e8350819a5350f1397c0fd95595b594","sha1":"c45510d2d1b9966e86bb569e7eb35747cf415ce4","sha256":"70318171367459a0c8e3d579f1de63ebac69ff8dfbe82d3489d5c75c020d229c","sha512":"43db6e3c1de94c50a960c1264ee44019ebda67a7a76261f1f469dd8a1fe6cbfc994fb5a1e4434b5c54c47d0267f58d7c56ceabc578d0efc3291c25a7991bdd13","ssdeep":"","tlshash":"54800000b823322ec20083320fe0c302308e2208b333c3a82e80a03a022af0e02a0c8b","first_seen":"2025-09-24T16:18:06.690763Z","last_seen":"2025-09-24T16:18:06.690763Z","times_seen":1,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"na.nawpush.com/tags/349919?version_name=c\u0026domain=www.poopbnx.com","fqdn":"na.nawpush.com","domain":"nawpush.com","tld":"com"},"ip":{"addr":"45.133.44.24","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"na.nawpush.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Sep 2025 02:32:20 GMT","end":"Thu, 18 Dec 2025 02:32:19 GMT"},"fingerprint":{"sha1":"38:85:B2:05:59:7D:15:16:9D:87:1B:83:46:10:68:2E:DC:7C:7A:D1","sha256":"FE:22:4E:C6:6F:85:46:CA:64:38:8F:48:77:17:E8:29:0E:7C:14:27:20:EA:A9:7B:CB:5E:49:87:A6:B0:60:2F"}}},"request":{"raw":"GET /tags/349919?version_name=c\u0026domain=www.poopbnx.com HTTP/1.1\r\nHost: na.nawpush.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\ncontent-type: application/json\r\nserver: nginx/1.24.0\r\ncache-control: max-age=300, public\r\nx-cdn-host-id: DS5058\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1338,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"ec64fa82f0fe7f1f04196f3f540398a7","sha1":"4a8a67c013b9f91ddb508a7ef98b89e6d67c1c27","sha256":"209d4960bfde085691ee7e1988bea2352db387044882414cd061d6c5cd6a1a18","sha512":"53e5a8bf51eac88c8e0da73a9721692c07431628fad541834bbffcb441e1be0fe7a0e6150213c11de7c02eaa2e30eae9ff61fc973f5cd23259807508f1c001a6","ssdeep":"","tlshash":"4c2123fc95749caac0c4469684d63f4c02a4327bb2c8b496f5ad097815cf5961e3f24b","first_seen":"2025-09-24T16:18:06.691557Z","last_seen":"2025-10-12T09:46:37.106082Z","times_seen":4,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":87,"dns":1,"connect":28,"send":0,"wait":24,"receive":0,"ssl":56},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"na.nawpush.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"tracking.eu.flamtyr.com/rtb/nurl?uuid=659bc6cb-c5e5-4bc2-9aad-7be6cfffc660\u0026s=101\u0026d=254\u0026feedid=e727\u0026rt=1758730652728\u0026sb=0.0025\u0026db=0.005\u0026subid=6elqJg\u0026tokid=null\u0026url=null","fqdn":"tracking.eu.flamtyr.com","domain":"flamtyr.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"moz-nullprincipal:{0cc465fd-c2c5-484e-beaf-ecdba10f5e3b}?https://www.poopbnx.com","date":"2025-09-24T16:17:35.007Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /rtb/nurl?uuid=659bc6cb-c5e5-4bc2-9aad-7be6cfffc660\u0026s=101\u0026d=254\u0026feedid=e727\u0026rt=1758730652728\u0026sb=0.0025\u0026db=0.005\u0026subid=6elqJg\u0026tokid=null\u0026url=null HTTP/1.1\r\nHost: tracking.eu.flamtyr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T03:38:11.701034Z","times_seen":15465433,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sm.luxsmab.com/xbox-streaming/1922741901388288001/daf0c0cb-5788-4fe5-ba0a-8685d199944c.mp4","fqdn":"sm.luxsmab.com","domain":"luxsmab.com","tld":"com"},"ip":{"addr":"104.18.54.96","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"luxsmab.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 Aug 2025 01:44:47 GMT","end":"Sun, 16 Nov 2025 02:44:36 GMT"},"fingerprint":{"sha1":"27:10:63:FF:9B:8C:8D:5C:4A:99:58:54:BE:FC:52:DB:19:19:23:30","sha256":"61:6A:F8:02:C0:93:DD:33:46:01:A2:35:D6:A4:F8:27:9B:70:90:85:EF:57:FC:40:5C:D9:F0:07:F7:EB:3D:9C"}}},"request":{"raw":"GET /xbox-streaming/1922741901388288001/daf0c0cb-5788-4fe5-ba0a-8685d199944c.mp4 HTTP/1.1\r\nHost: sm.luxsmab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 35326244\r\ncf-ray: 984397b43e285685-OSL\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 000001985D8149D1B2D67D1FB5DCD8F4\r\netag: \"7fdd18030f4cd08ab5ec050e215c0ef6-7\"\r\nlast-modified: Mon, 28 Jul 2025 18:27:16 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 1952794\r\nvia: EU-TUR-istanbul-EDGE9-CACHE2[259],EU-TUR-istanbul-EDGE9-CACHE2[64,TCP_MISS,258],EU-TUR-istanbul-GLOBAL1-CACHE16[54],EU-TUR-istanbul-GLOBAL1-CACHE19[51,TCP_MISS,54],EU-GER-frankfurt-GLOBAL1-CACHE1[7],EU-GER-frankfurt-GLOBAL1-CACHE11[0,TCP_HIT,6]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 088006eb0811fc10050b3496332ff024\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncf-cache-status: HIT\r\nexpires: Wed, 24 Sep 2025 20:17:33 GMT\r\ncache-control: public, max-age=14400\r\ncontent-range: bytes 0-35326243/35326244\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1572864,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"228beff56c01f6a518fb8be434280552","sha1":"f16d6eade2a03602272f38fe5492ec7d24fb574e","sha256":"8039fd15993b53537e784938fecadd90d2caac62975463d22cf10762306e6d52","sha512":"1e117d7d0aec2a5711cc6ce31a92e6cb9e8171ff4aa8bd0470f455b75fcb86ad9189d78c6eb95bfc7a4ad9cebf97dcb0f382a837672af053fbfe1cb41891e4bd","ssdeep":"24576:4rW6CzQIheMUSaMMgdQzhcYvd2wfQD9O1:GW5EYUStCzydz9O1","tlshash":"9225335f9268a9b3dbc5c13a119afc101d1132e526f5cf2f3be1091b82459536b3fb2a","first_seen":"2025-09-24T16:18:06.692478Z","last_seen":"2025-10-08T21:28:54.976637Z","times_seen":3,"resource_available":false,"data":null}},"time_used":907,"timings":{"blocked":230,"dns":5,"connect":1,"send":0,"wait":277,"receive":163,"ssl":224},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x1.giriucon.com/8d04ffe9e8f556fe192.jpeg","fqdn":"x1.giriucon.com","domain":"giriucon.com","tld":"com"},"ip":{"addr":"172.67.128.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"moz-nullprincipal:{2b83d6d0-04f0-4427-afb6-4b75626d336b}?https://www.poopbnx.com","date":"2025-09-24T16:17:32.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"giriucon.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 19 Aug 2025 23:54:40 GMT","end":"Tue, 18 Nov 2025 00:52:56 GMT"},"fingerprint":{"sha1":"1D:21:14:E2:DB:07:DD:03:B1:EB:DD:D1:53:13:D8:D9:B4:6F:FB:1F","sha256":"33:59:C3:22:63:E3:AE:ED:EC:24:43:0C:4C:E7:94:34:80:95:79:C0:F2:EF:9E:23:4C:4D:66:1B:29:D7:1B:3F"}}},"request":{"raw":"GET /8d04ffe9e8f556fe192.jpeg HTTP/1.1\r\nHost: x1.giriucon.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 37387\r\nserver: cloudflare\r\nlast-modified: Sat, 03 May 2025 12:51:40 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"6816115c-920b\"\r\nexpires: Wed, 01 Oct 2025 08:55:36 GMT\r\ncache-control: max-age=2592000, public\r\naccept-ranges: bytes\r\nage: 2013716\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dcZj165b6YLFj3WFkp%2BpN2LP%2B50QsBbK7YMZs5sWeItyLK263kIBZqef7rkoLThn%2B0l9XMlFUvra%2BsGWtjzqI2Mgl7xYmUgAvuxgdS1aOg%3D%3D\"}]}\r\ncf-ray: 984397b5388276ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37387,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3","md5":"1490935efa167f9f0ef89929d4056ad3","sha1":"52c64e563610d58304bb9771bece829b9849059f","sha256":"7b51bb145896f492fcadd3c4a0d70959c0849ff6760332593d7aa69382b37f8b","sha512":"5513f883a314461ca4059ca2fba5fada27b0bffec6d373eade91a2b9107394782b833a6da671bbf10ace9d090935028021ae0fe6be763e1b51e762c253b59df0","ssdeep":"768:4am/iKR5YGXQvMNymh7t3ztdgpO/4YapOpISTzx+w:JgdXYGXKwzhxjEE/fTzV","tlshash":"8af2f14bf81396817e8a5e8274338b4f18332bd4d29792041d06e857f25e68299fde8e","first_seen":"2025-05-07T07:37:42.644558Z","last_seen":"2025-10-08T14:56:18.984016Z","times_seen":688,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":24,"dns":6,"connect":1,"send":0,"wait":10,"receive":2,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/solid.gif?z=2081141\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.596-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=MV1p5ulaHR0cHM6Ly93d3cucG9vcGJueC5jb20vZS9Tck45MGF6TD9sdjE9ZG9vZGJkLmNvbQ\u0026afid=3774434869306880\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026dto=2\u0026im=1\u0026noch=1\u0026cs=5","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:33.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"driverhugoverblown.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Sat, 09 Aug 2025 14:30:14 GMT","end":"Fri, 07 Nov 2025 14:30:13 GMT"},"fingerprint":{"sha1":"44:6E:47:A8:BB:33:79:32:BA:9C:BD:1A:10:5C:A2:39:6B:98:C1:DB","sha256":"4B:55:C9:15:04:92:44:04:1D:12:DB:96:79:F0:88:96:62:69:4F:00:12:BD:32:CB:B3:13:5E:49:6D:EF:D6:83"}}},"request":{"raw":"POST /solid.gif?z=2081141\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.596-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=MV1p5ulaHR0cHM6Ly93d3cucG9vcGJueC5jb20vZS9Tck45MGF6TD9sdjE9ZG9vZGJkLmNvbQ\u0026afid=3774434869306880\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026dto=2\u0026im=1\u0026noch=1\u0026cs=5 HTTP/1.1\r\nHost: driverhugoverblown.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nCookie: cart=1; cart_p=2\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nx-route-id: stats.tag.loaded\r\nset-cookie: PTS=; Path=/; Expires=Wed, 28 Oct 2026 16:17:33 GMT; Secure; SameSite=None\nUID=2509241117e9b797256955401fad0782e2fd; Path=/; Expires=Wed, 28 Oct 2026 16:17:33 GMT; Secure; SameSite=None\nCHCK=1; Path=/; Expires=Wed, 28 Oct 2026 16:17:33 GMT; Secure; SameSite=None\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"28e463819a210071de3b45ebe7633613","sha1":"6dccd571828ec0912629119cf7eabfea9f33ddbc","sha256":"44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84","sha512":"8a82ac5a7883cd9b74bdb561cf825ce86474e259ad8c445e538d697b0003e3f2b1d6edcd3dc6512f4ad16e9074da204a79938257c457ecf68f4329eac0182e67","ssdeep":"","tlshash":"04900003e280e082c3a0c0300e0ccb802b88a2308a28030fb0fc2baefc3a3a20c23000","first_seen":"2023-04-05T09:26:54Z","last_seen":"2026-05-20T01:57:45.828763Z","times_seen":21714,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.poopbnx.com/assets/main-BCBWfvme-1758177775030.css","fqdn":"www.poopbnx.com","domain":"poopbnx.com","tld":"com"},"ip":{"addr":"104.21.64.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:30.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"poopbnx.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 1","organization":"CLOUDFLARE, INC."},"validity":{"start":"Thu, 18 Sep 2025 08:00:49 GMT","end":"Wed, 17 Dec 2025 08:01:54 GMT"},"fingerprint":{"sha1":"C4:5E:00:97:B1:21:CC:06:60:FE:C0:DC:6F:B2:A4:8E:02:F2:EC:A0","sha256":"F8:8D:49:70:48:E7:D1:35:E4:5D:D6:B4:4E:B0:63:B6:02:4A:AB:3F:4B:D1:BF:3A:C0:F4:5A:50:F9:C1:A6:E9"}}},"request":{"raw":"GET /assets/main-BCBWfvme-1758177775030.css HTTP/1.1\r\nHost: www.poopbnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:30 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 00000199609650A2B11D10440EB2F649\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=evKpuHu5FVdzk1jD8xDhe7oPE7WjzUTLnX6UyyaKcX6zqNq3vvQv%2FMS6NZlzng2Dc3pYASU2cGx4lX%2BBdjJBSveSOtpsZUQyCrC78PQ%3D\"}]}\r\nlast-modified: Thu, 18 Sep 2025 06:43:06 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2123846\r\nvia: EU-GER-frankfurt-EDGE5-CACHE3[5],EU-GER-frankfurt-EDGE5-CACHE2[0,TCP_HIT,3],EU-FRA-paris-GLOBAL1-CACHE10[11],EU-FRA-paris-GLOBAL1-CACHE22[0,TCP_HIT,8]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 34f6b7ad2e2d170968c369627837061a\r\nnginx-hit: 1\r\nage: 468154\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"5918b055fc996286733c31bd6c5f70ce\"\r\ncf-ray: 984397a3ebdc0b55-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":59705,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (59704)","md5":"5918b055fc996286733c31bd6c5f70ce","sha1":"4f17f54c65fa7b5d2fca7574085b61ae76961062","sha256":"155829f32aceb3090a80d03fd3c77fae93cb73456b978f0e33735f22de7e0fb5","sha512":"aed128f5685660906436a86819831d3e73454125613fbca0decc37d88b1e082242d4c6e8d2bbd37ce5d7664b6cf6fb3f1e40195e9d848322255389e80b930262","ssdeep":"1536:9S4jKQZ2vX/MPg0ycGqNsmbHDXvfSCZDfhTwDzfTK2HnO0iyAoP7GitdtmnyWl05:RKQZ2v0YtcGqNsmbHDXvfpDfhTwDzfTj","tlshash":"a0438221b6174129b837b9e2e5d4ab4e31349d0ed922c7def601752dcece395243b22e","first_seen":"2025-09-19T19:24:06.561793Z","last_seen":"2025-09-24T16:18:06.693895Z","times_seen":22,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"www.poopbnx.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v2/s/home/resources/SrN90azL","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"104.21.21.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:31.794Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 08:55:57 GMT","end":"Sun, 23 Nov 2025 09:53:30 GMT"},"fingerprint":{"sha1":"08:F2:60:E9:C8:D9:A6:0C:EF:94:EA:5C:FE:35:53:1B:AC:9D:B9:4B","sha256":"12:25:E9:D8:90:25:2C:B7:2F:9D:18:34:43:E2:37:BD:5D:96:03:DD:E4:49:7B:08:F9:36:66:60:F9:05:69:6A"}}},"request":{"raw":"POST /v2/s/home/resources/SrN90azL HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.poopbnx.com/\r\nContent-Type: application/json\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:31 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.poopbnx.com\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nx-xbox-platform: streaming\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AQ94EI0u79emaeM163vpTxGzkjlafAXUuS8Gxdg9hWTXK6XUb9T7cC%2FyEZBIObJSkuRnb72fDGCTQm7ukNnVUz99ihynpdkqE2ib58wqn8FkC7Sk3s4%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 984397ad7f29b4ff-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":553,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"848aaff58ac02b089c71905452a0ebb8","sha1":"86d7ce0fc2acd873d0678706c89323e9a8161f55","sha256":"159c0451b288a4029e40aaff3167f0915f1e71ab87b4c1ae06f91cdbdfd14a2f","sha512":"79982a8354138f22c43ecafbf73d066d86653ab7c93e6e7d6720759e4c4f3a0dd1aa04208b036832d46e462b10d98a93aebdff5ab49641e11217ef2bc4d82b92","ssdeep":"","tlshash":"bff0c6f68512c48cc7d4664fd849968dd51ec45755679e8fdc914c0d809f0e3159d354","first_seen":"2025-09-24T16:18:06.694428Z","last_seen":"2025-09-24T16:18:06.927573Z","times_seen":2,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sm.luxsmab.com/xbox-streaming/1922741901388288001/daf0c0cb-5788-4fe5-ba0a-8685d199944c.mp4","fqdn":"sm.luxsmab.com","domain":"luxsmab.com","tld":"com"},"ip":{"addr":"104.18.54.96","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:33.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"luxsmab.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 Aug 2025 01:44:47 GMT","end":"Sun, 16 Nov 2025 02:44:36 GMT"},"fingerprint":{"sha1":"27:10:63:FF:9B:8C:8D:5C:4A:99:58:54:BE:FC:52:DB:19:19:23:30","sha256":"61:6A:F8:02:C0:93:DD:33:46:01:A2:35:D6:A4:F8:27:9B:70:90:85:EF:57:FC:40:5C:D9:F0:07:F7:EB:3D:9C"}}},"request":{"raw":"GET /xbox-streaming/1922741901388288001/daf0c0cb-5788-4fe5-ba0a-8685d199944c.mp4 HTTP/1.1\r\nHost: sm.luxsmab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=35258368-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 67876\r\ncf-ray: 984397b779685685-OSL\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 000001985D8149D1B2D67D1FB5DCD8F4\r\netag: \"7fdd18030f4cd08ab5ec050e215c0ef6-7\"\r\nlast-modified: Mon, 28 Jul 2025 18:27:16 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 1952794\r\nvia: EU-TUR-istanbul-EDGE9-CACHE2[259],EU-TUR-istanbul-EDGE9-CACHE2[64,TCP_MISS,258],EU-TUR-istanbul-GLOBAL1-CACHE16[54],EU-TUR-istanbul-GLOBAL1-CACHE19[51,TCP_MISS,54],EU-GER-frankfurt-GLOBAL1-CACHE1[7],EU-GER-frankfurt-GLOBAL1-CACHE11[0,TCP_HIT,6]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 088006eb0811fc10050b3496332ff024\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncf-cache-status: HIT\r\nage: 0\r\nexpires: Wed, 24 Sep 2025 20:17:33 GMT\r\ncache-control: public, max-age=14400\r\ncontent-range: bytes 35258368-35326243/35326244\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":67876,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"9358dc55f24eacf7ed2a9a1e87d91cf4","sha1":"5906367c02a6afc6a02d8adcd3ead93b0820c749","sha256":"78b5089e6296b2bec2a72b21f3606e75316316dd3e553cbf753e7b77b1807803","sha512":"08a238df5102ac735ac263717ff156467974ae1a3f27d6dc5f4ddc9514a1fa962dfc8ac580d791e68276f21f4785dcc5888649bbbf30bcd3c893e28b8d44cd57","ssdeep":"768:KZ6MpFHm3jTb0FSiGXIz3pyHT5y2H6k3+Fwlsu3uuhxBa3DZMfeELtOU7:KvwzTbWsXiac2Kb4dxBa3DZMfeELtOO","tlshash":"fe6372df7647dd65db4e27b0b508598420be82048acc7bebd349c0b075e266e93bcb46","first_seen":"2025-09-24T16:18:06.69535Z","last_seen":"2025-10-08T21:28:54.959657Z","times_seen":3,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fp.metricswpsh.com/fp?tag_id=349919","fqdn":"fp.metricswpsh.com","domain":"metricswpsh.com","tld":"com"},"ip":{"addr":"157.90.84.242","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:33.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"notification.tubecup.net","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 Aug 2025 02:47:45 GMT","end":"Thu, 13 Nov 2025 02:47:44 GMT"},"fingerprint":{"sha1":"F4:AD:2A:0D:F1:0A:AB:04:F2:6F:6F:72:39:99:7F:4B:E4:5B:2E:4C","sha256":"12:8C:54:04:9B:26:0A:7E:35:D0:23:72:4F:A8:FC:52:77:D0:9D:FA:F5:AC:FE:2F:D2:49:97:F4:24:B6:72:0A"}}},"request":{"raw":"OPTIONS /fp?tag_id=349919 HTTP/1.1\r\nHost: fp.metricswpsh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.poopbnx.com/\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx/1.20.1\r\nDate: Wed, 24 Sep 2025 16:17:33 GMT\r\nConnection: keep-alive\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Headers: content-type\r\nAccess-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\nAccess-Control-Allow-Origin: https://www.poopbnx.com\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T03:38:11.701034Z","times_seen":15465433,"resource_available":true,"data":null}},"time_used":333,"timings":{"blocked":133,"dns":1,"connect":48,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"fp.metricswpsh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sm.luxsmab.com/xbox-streaming/1922741901388288001/daf0c0cb-5788-4fe5-ba0a-8685d199944c.mp4","fqdn":"sm.luxsmab.com","domain":"luxsmab.com","tld":"com"},"ip":{"addr":"104.18.54.96","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:33.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"luxsmab.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 Aug 2025 01:44:47 GMT","end":"Sun, 16 Nov 2025 02:44:36 GMT"},"fingerprint":{"sha1":"27:10:63:FF:9B:8C:8D:5C:4A:99:58:54:BE:FC:52:DB:19:19:23:30","sha256":"61:6A:F8:02:C0:93:DD:33:46:01:A2:35:D6:A4:F8:27:9B:70:90:85:EF:57:FC:40:5C:D9:F0:07:F7:EB:3D:9C"}}},"request":{"raw":"GET /xbox-streaming/1922741901388288001/daf0c0cb-5788-4fe5-ba0a-8685d199944c.mp4 HTTP/1.1\r\nHost: sm.luxsmab.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=786432-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 34539812\r\ncf-ray: 984397b829fd5685-OSL\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 000001985D8149D1B2D67D1FB5DCD8F4\r\netag: \"7fdd18030f4cd08ab5ec050e215c0ef6-7\"\r\nlast-modified: Mon, 28 Jul 2025 18:27:16 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 1952794\r\nvia: EU-TUR-istanbul-EDGE9-CACHE2[259],EU-TUR-istanbul-EDGE9-CACHE2[64,TCP_MISS,258],EU-TUR-istanbul-GLOBAL1-CACHE16[54],EU-TUR-istanbul-GLOBAL1-CACHE19[51,TCP_MISS,54],EU-GER-frankfurt-GLOBAL1-CACHE1[7],EU-GER-frankfurt-GLOBAL1-CACHE11[0,TCP_HIT,6]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 088006eb0811fc10050b3496332ff024\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncf-cache-status: HIT\r\nage: 0\r\nexpires: Wed, 24 Sep 2025 20:17:33 GMT\r\ncache-control: public, max-age=14400\r\ncontent-range: bytes 786432-35326243/35326244\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":262144,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"e958a9e631579337a119e4b9ca89b13d","sha1":"81d13e44e0938b9e1afab2506a33f0d097cd1e97","sha256":"b5a979924bfc9a1f28875e6acb9ba33552b1f602ddd2a2f72690112d734932e5","sha512":"9bd5fcf4d99386165de7e3442b13ca0208b0bd7e368ea0c239c13c192f697e7f774660aa553be5b6a52d7f344a923a392d3a5884e792774ffbb30469ac8f81d5","ssdeep":"6144:ayTJghx6cnwf2Oia6smMik2hKN7MXw7P4B5I1IOI1XAMzW3:hsx6cwf2JDfq7lzv+OIc","tlshash":"4b44234c88611eeaca166170119ecc222aadb7801d31ad5ffa504b1fd49b5b3ef1fb58","first_seen":"2025-09-24T16:18:06.696526Z","last_seen":"2025-09-24T16:18:06.696526Z","times_seen":1,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.labadena.com/api/users/494333?host=www.poopbnx.com\u0026ev=223\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fwww.poopbnx.com%2Fe%2FSrN90azL%3Flv1%3Ddoodbd.com\u0026sid=cbfb4cc3-b414-4e27-87a6-9a45e794cf1b\u0026i=1\u0026s1=1949187009982111745\u0026fs1=1\u0026url=https%3A%2F%2Fwww.poopbnx.com%2Fe%2FSrN90azL%3Flv1%3Ddoodbd.com","fqdn":"a.labadena.com","domain":"labadena.com","tld":"com"},"ip":{"addr":"37.27.230.125","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.labadena.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 23:28:42 GMT","end":"Sun, 07 Dec 2025 23:28:41 GMT"},"fingerprint":{"sha1":"75:0C:2C:D1:88:D9:87:78:0A:96:30:7B:67:42:16:4C:38:3E:51:6C","sha256":"2D:C0:E0:B0:44:25:E2:6F:08:EA:D5:19:60:6E:39:05:4F:0A:AC:38:FA:D8:9F:D6:B8:A1:C4:6F:3B:67:51:37"}}},"request":{"raw":"GET /api/users/494333?host=www.poopbnx.com\u0026ev=223\u0026wh=1024\u0026ww=1280\u0026uuid=\u0026url=https%3A%2F%2Fwww.poopbnx.com%2Fe%2FSrN90azL%3Flv1%3Ddoodbd.com\u0026sid=cbfb4cc3-b414-4e27-87a6-9a45e794cf1b\u0026i=1\u0026s1=1949187009982111745\u0026fs1=1\u0026url=https%3A%2F%2Fwww.poopbnx.com%2Fe%2FSrN90azL%3Flv1%3Ddoodbd.com HTTP/1.1\r\nHost: a.labadena.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nCookie: nauid=iqwgatdS0MMJgLoNSEWX\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-robots-tag: noindex, nofollow\r\ncache-control: private\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":680,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (369)","md5":"a200849b3968f3274c99a824e1d9318e","sha1":"51186b3201fde3aa779a9b98aff50608cf64093e","sha256":"89d3d96888fa097087eaa9a95b250c79e36aefdb99ce9300c9f05b97a1eb375b","sha512":"5f7d0c36ad649b5a01051dcd78040c5f677251cc6d317ba10082f3eae6ab15af2c1a5284e0e9bdf97c49c5e28003aed47ba6465cda705e01d85d8df78cfdb6c1","ssdeep":"","tlshash":"a9012d858b4ca5fb8b4a50b7d9bc8ea2498e85b43604600bfb24430f64cb28343a0197","first_seen":"2025-09-24T16:18:06.697587Z","last_seen":"2025-09-24T16:18:06.697587Z","times_seen":1,"resource_available":true,"data":null}},"time_used":368,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":368,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"a.labadena.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tsyndicate.com/dsp-pixels","fqdn":"cdn.tsyndicate.com","domain":"tsyndicate.com","tld":"com"},"ip":{"addr":"45.133.44.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:33.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tsyndicate.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Aug 2025 08:32:03 GMT","end":"Fri, 31 Oct 2025 08:32:02 GMT"},"fingerprint":{"sha1":"E4:52:21:98:B0:CD:51:03:1A:59:A9:01:02:8A:D6:3B:66:E3:EE:3A","sha256":"F1:77:51:DD:B8:B7:37:39:6D:01:37:95:43:1C:C1:78:42:1E:A6:30:E3:96:F3:D8:25:E4:61:7E:80:03:FD:8A"}}},"request":{"raw":"GET /dsp-pixels HTTP/1.1\r\nHost: cdn.tsyndicate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\ncontent-type: application/json\r\ncontent-length: 70\r\nserver: nginx\r\ncache-control: max-age=172800\r\nx-request-id: ac65f9c6-8889-466e-b4a2-04f3dcef16e2\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Content-Type, Accept\r\nexpires: Fri, 26 Sep 2025 16:17:33 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ah1742,DS5059\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d65d54baa73d8c5cf1b4145ed2f566ce","sha1":"1924c807418dc7cdf8135bbf2be4e89402e21bfd","sha256":"282322db040ca32cc2f1657864a542d7b60f5d47f4f0f0f7708704acb3c54a88","sha512":"4d9b73b80c65606c0e31a0666a398ee5660fba63277c5abba2938038ba02c1de315fc3e9be8db67e252b8789699f93644347c5805b5a6cdc1b1063cfc9eb4b37","ssdeep":"","tlshash":"5ba022bb00a8b0ceaf20e0c83008a0000ccf80b820a88088ccf22cc0820b3a23030288","first_seen":"2025-06-26T11:56:09.222052Z","last_seen":"2026-04-29T07:27:33.225125Z","times_seen":3103,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/on.js","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"driverhugoverblown.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Sat, 09 Aug 2025 14:30:14 GMT","end":"Fri, 07 Nov 2025 14:30:13 GMT"},"fingerprint":{"sha1":"44:6E:47:A8:BB:33:79:32:BA:9C:BD:1A:10:5C:A2:39:6B:98:C1:DB","sha256":"4B:55:C9:15:04:92:44:04:1D:12:DB:96:79:F0:88:96:62:69:4F:00:12:BD:32:CB:B3:13:5E:49:6D:EF:D6:83"}}},"request":{"raw":"GET /on.js HTTP/1.1\r\nHost: driverhugoverblown.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Sep 2025 16:17:32 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Wed, 24 Sep 2025 11:43:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68d3d952-2471c\"\r\nexpires: Wed, 01 Oct 2025 16:17:32 GMT\r\ncache-control: max-age=604800\r\nx-js-ab: current\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":149276,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"a5e8e15ea932836469805f7f52275dce","sha1":"584bfa0e1eae375869a7d844a0d04f46f16ccbbd","sha256":"ae50d867c48d5c117aff14efe07bb2c1b8bc93b5dcc659227a5091b7e1ae8109","sha512":"8e6bd666c247f0c80920f548c8338f435975d62dd3dc16263ab4594c8f77b1a8360b107140031b39e66746e06075979c42ca9cdfae03602658a7b3020182a25c","ssdeep":"1536:0cRdUZA+EZ8BapKFDXxEbK76jWJVc3IhFE+mUzObouPm97hWVakDPtorps:0cRdUZA+E96LWbHWJG3Ucc7hDps","tlshash":"1ce3a58e76c62c354787b62f493b7d4a933a54e2bc498024d4e2c1e93f74509e2b2ef5","first_seen":"2025-09-24T13:32:56.400329Z","last_seen":"2025-09-25T07:02:41.497653Z","times_seen":14,"resource_available":true,"data":null}},"time_used":144,"timings":{"blocked":55,"dns":1,"connect":23,"send":0,"wait":24,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tapioni.com/adgpt.js","fqdn":"cdn.tapioni.com","domain":"tapioni.com","tld":"com"},"ip":{"addr":"172.66.163.179","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tapioni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 10:12:45 GMT","end":"Tue, 16 Dec 2025 11:12:39 GMT"},"fingerprint":{"sha1":"53:EE:30:9F:D0:82:6E:D3:05:D7:06:C0:89:A1:7F:95:D2:E2:01:7E","sha256":"21:58:AE:A3:46:B3:6B:EB:5F:82:88:D2:99:DE:87:F2:60:5D:36:27:10:AC:28:89:4F:06:F7:18:18:B4:95:23"}}},"request":{"raw":"GET /adgpt.js HTTP/1.1\r\nHost: cdn.tapioni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:32 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 881\r\nserver: cloudflare\r\nlast-modified: Mon, 22 Sep 2025 10:01:41 GMT\r\nvary: Accept-Encoding\r\netag: \"68d11e85-371\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nage: 3668\r\ncf-cache-status: HIT\r\ncf-ray: 984397b37a67712a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2403,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (2403), with no line terminators","md5":"ef9a81ee9ff82a08a41088ae4cbc7824","sha1":"b8eb866cf4d72bccb948f6f2791f56c9243e1ee8","sha256":"34b2437f43830b2c82bf69b4996e65b0fa6e16ba406cfe755c694c3b753883cf","sha512":"f2c32274da408677b3c2c772f097e903b314ad34b650d5b15e25cacc6b30c8ba6e941fb1196bb81d38312953fbe06ade59f6d27e8e0cfce8443d9c93f704386b","ssdeep":"","tlshash":"9b4113ee25a4fda0179b714c212b180af1bd35e0e3ace8c69fb984b47d7d6441111aed","first_seen":"2025-09-22T17:16:58.948655Z","last_seen":"2025-10-23T15:15:33.025845Z","times_seen":283,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"cdn.tapioni.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.poopbnx.com/assets/vendor-chunks-DoTr35U9-1758177775030.css","fqdn":"www.poopbnx.com","domain":"poopbnx.com","tld":"com"},"ip":{"addr":"104.21.64.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:30.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"poopbnx.com","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 1","organization":"CLOUDFLARE, INC."},"validity":{"start":"Thu, 18 Sep 2025 08:00:49 GMT","end":"Wed, 17 Dec 2025 08:01:54 GMT"},"fingerprint":{"sha1":"C4:5E:00:97:B1:21:CC:06:60:FE:C0:DC:6F:B2:A4:8E:02:F2:EC:A0","sha256":"F8:8D:49:70:48:E7:D1:35:E4:5D:D6:B4:4E:B0:63:B6:02:4A:AB:3F:4B:D1:BF:3A:C0:F4:5A:50:F9:C1:A6:E9"}}},"request":{"raw":"GET /assets/vendor-chunks-DoTr35U9-1758177775030.css HTTP/1.1\r\nHost: www.poopbnx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:30 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nserver: cloudflare\r\nx-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc\r\ncloudservicediscount: CDN\r\nx-amz-request-id: 0000019960964FEEB2D6013D03A1C7CF\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f5PN0JuxqRjpB1y%2FlOhE18d9ibDBURffdY%2FpUsNk5GBN10F95uu9Du6wzyQkDgS5BSvVPaRKUxEyamUSq0QtH%2FvX2eE%2BGvFwZt1yBcU%3D\"}]}\r\nlast-modified: Thu, 18 Sep 2025 06:43:07 GMT\r\nx-amz-id-2: 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaI=AAAAAAAAAAAAAAAAAAAAAAAAAA\r\nx-ccdn-expires: 2123846\r\nvia: EU-GER-frankfurt-EDGE5-CACHE1[5],EU-GER-frankfurt-EDGE5-CACHE3[0,TCP_HIT,4],EU-FRA-paris-GLOBAL1-CACHE16[3],EU-FRA-paris-GLOBAL1-CACHE3[0,TCP_HIT,2]\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 1d7972066a685ba81f6df9e538dc3ac6\r\nnginx-hit: 1\r\nage: 468154\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-expose-headers: *\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"583c695c76766d48b720411106e87599\"\r\ncf-ray: 984397a3dbdb0b55-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":161718,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"583c695c76766d48b720411106e87599","sha1":"e7e75b7ea87593b675eac8f4937a1af7db66f102","sha256":"3f61af115313bbfe92c14794125043e3c53029cc5be9de758ce7a6a4e503275d","sha512":"a9c008b55f23c2460d6650529750b10d9ff30b66cdeb90ca7ad75ec21bb350c619593ae0e01975bacf784d013e08795f40f95c365deeaa4e594a6aa3785e2756","ssdeep":"768:eK4kaqXtxtd5+NuoRbV/es4idulogKFjY3xkjS5nz1miiJykXEK1rBw0OBp6EnUp:eKLvTdw7tejDxkjS5nzK8BTpZaKjpi","tlshash":"58f39569ea10a27de91faf259bc49f8ca224e881cd311af7f685610c4dc3bf115e274d","first_seen":"2025-06-14T07:01:13.355089Z","last_seen":"2026-02-27T13:27:16.333567Z","times_seen":523,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":101,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"www.poopbnx.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v2/s/assets/f?id=6616460a-194a-4203-92aa-03ed9fc3e840\u0026uid=1949187009982111745","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"104.21.21.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.001Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 08:55:57 GMT","end":"Sun, 23 Nov 2025 09:53:30 GMT"},"fingerprint":{"sha1":"08:F2:60:E9:C8:D9:A6:0C:EF:94:EA:5C:FE:35:53:1B:AC:9D:B9:4B","sha256":"12:25:E9:D8:90:25:2C:B7:2F:9D:18:34:43:E2:37:BD:5D:96:03:DD:E4:49:7B:08:F9:36:66:60:F9:05:69:6A"}}},"request":{"raw":"OPTIONS /v2/s/assets/f?id=6616460a-194a-4203-92aa-03ed9fc3e840\u0026uid=1949187009982111745 HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.poopbnx.com/\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:32 GMT\r\ncontent-length: 0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.poopbnx.com\r\naccess-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE\r\naccess-control-allow-headers: content-type\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ckk7zAn9QK18T6g%2FuKECIiX9QlyiwY5dxX7j4edeDxt4PTlpbmLNjieUCndL%2BQzkSb8R4MSIhRB18%2F1qUodNkSVHMsJGT3VnnGlO26IhHj3zWozvrc4%3D\"}]}\r\ncf-ray: 984397af0898b4ff-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T03:38:11.701034Z","times_seen":15465433,"resource_available":true,"data":null}},"time_used":209,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ntvpforever.com/keywords","fqdn":"ntvpforever.com","domain":"ntvpforever.com","tld":"com"},"ip":{"addr":"167.235.163.216","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:33.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"inpage.infrapu.sh","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 02:36:27 GMT","end":"Tue, 25 Nov 2025 02:36:26 GMT"},"fingerprint":{"sha1":"64:AC:96:73:4F:92:FF:85:D0:1E:15:16:DA:B2:A2:8F:FA:02:1D:05","sha256":"1B:3E:09:8B:67:DE:C9:73:00:B7:68:C4:8A:D7:17:4D:D5:19:A0:85:23:3B:65:9C:31:C6:FB:A5:8E:BA:22:83"}}},"request":{"raw":"OPTIONS /keywords HTTP/1.1\r\nHost: ntvpforever.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.poopbnx.com/\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx/1.20.1\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\nvary: Origin\r\ncache-control: no-transform, no-cache, no-store, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T03:38:11.701034Z","times_seen":15465433,"resource_available":true,"data":null}},"time_used":232,"timings":{"blocked":77,"dns":4,"connect":34,"send":0,"wait":38,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fp.metricswpsh.com/fp?tag_id=349919","fqdn":"fp.metricswpsh.com","domain":"metricswpsh.com","tld":"com"},"ip":{"addr":"157.90.84.242","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:33.642Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"notification.tubecup.net","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Fri, 15 Aug 2025 02:47:45 GMT","end":"Thu, 13 Nov 2025 02:47:44 GMT"},"fingerprint":{"sha1":"F4:AD:2A:0D:F1:0A:AB:04:F2:6F:6F:72:39:99:7F:4B:E4:5B:2E:4C","sha256":"12:8C:54:04:9B:26:0A:7E:35:D0:23:72:4F:A8:FC:52:77:D0:9D:FA:F5:AC:FE:2F:D2:49:97:F4:24:B6:72:0A"}}},"request":{"raw":"POST /fp?tag_id=349919 HTTP/1.1\r\nHost: fp.metricswpsh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 1970\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Wed, 24 Sep 2025 16:17:33 GMT\r\nContent-Type: application/json; charset=UTF-8\r\nContent-Length: 58\r\nConnection: keep-alive\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Origin: https://www.poopbnx.com\r\nSet-Cookie: id=2594273706704894275; Expires=Thu, 24 Sep 2026 16:17:33 GMT; Secure; SameSite=None\r\nVary: Origin\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"c4efc1d6d16235d9433cd2565d887460","sha1":"22d069a5f536640e46122475c79db933e82d7f2e","sha256":"f0a6b8c736b7d8c5d3304a9ccd10d2114a0f25f2ba946cce62204df3384a131f","sha512":"af1cfe529f3173efdc7f4aff67355529095e775d8edb38d8a7c9565e09807aff470a465ffdf89ef6555f06cc88efa675823becc942896c63fa64a3140858f539","ssdeep":"","tlshash":"5ba00294c5c00e3c80200c3a73cf901628e4d304120217880ca66b5108822abe333c91","first_seen":"2025-07-26T17:44:43.174102Z","last_seen":"2026-05-20T02:25:30.860738Z","times_seen":6715,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":-1,"dns":0,"connect":40,"send":0,"wait":41,"receive":0,"ssl":112},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"fp.metricswpsh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.147.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:33.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:37:55 GMT","end":"Mon, 01 Dec 2025 08:37:54 GMT"},"fingerprint":{"sha1":"D6:CA:D9:3E:AA:21:3F:46:BD:DD:2C:06:2D:20:A1:D8:5F:AB:21:B2","sha256":"6C:68:26:80:36:50:C5:E4:B6:7C:60:D3:B6:13:10:1E:1B:6B:08:94:61:55:0A:E6:3D:BC:7E:1F:F0:DD:59:5A"}}},"request":{"raw":"GET /ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: application/binary\r\nset-cookie: __Host-GAPS=1:u8bhpg4VuxYiAhIrrEvx46PNT2-i_g:Il3aKQG4kiCJWVHW; Expires=Fri, 24-Sep-2027 16:17:33 GMT; Path=/; Secure; HttpOnly; Priority=HIGH\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\nlocation: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026ifkv=AfYwgwVRSNjESeyzXDAhMKT8pAW_78FPLrau6aCFNXPsNW2bkcv7KM-PeTY1UzOPu57CfzjXHytT-w\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-opener-policy: unsafe-none\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy: script-src 'nonce-vcYywGCi4jG4phnTXWkpIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T03:38:11.701034Z","times_seen":15465433,"resource_available":true,"data":null}},"time_used":183,"timings":{"blocked":72,"dns":0,"connect":22,"send":0,"wait":39,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.lixstreamingcaio.com/v2/s/assets/f?id=6616460a-194a-4203-92aa-03ed9fc3e840\u0026uid=1949187009982111745","fqdn":"api.lixstreamingcaio.com","domain":"lixstreamingcaio.com","tld":"com"},"ip":{"addr":"104.21.21.220","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lixstreamingcaio.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 08:55:57 GMT","end":"Sun, 23 Nov 2025 09:53:30 GMT"},"fingerprint":{"sha1":"08:F2:60:E9:C8:D9:A6:0C:EF:94:EA:5C:FE:35:53:1B:AC:9D:B9:4B","sha256":"12:25:E9:D8:90:25:2C:B7:2F:9D:18:34:43:E2:37:BD:5D:96:03:DD:E4:49:7B:08:F9:36:66:60:F9:05:69:6A"}}},"request":{"raw":"GET /v2/s/assets/f?id=6616460a-194a-4203-92aa-03ed9fc3e840\u0026uid=1949187009982111745 HTTP/1.1\r\nHost: api.lixstreamingcaio.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.poopbnx.com/\r\nContent-Type: application/json\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:32 GMT\r\ncontent-type: application/json\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s4C47wT%2FFeJmxPZPeaG2yHLxzxDSIkUV4pdk9vwbASNEGSCgTIyacXEn%2B389HaegzPSaBVo6QJ%2Bqb%2FovfngSXlhavsiJDhFzCESCzX8mcjhuE6L0WEM%3D\"}]}\r\ncontent-encoding: br\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://www.poopbnx.com\r\naccess-control-expose-headers: X-Error-Code\r\naccess-control-allow-credentials: true\r\nx-xbox-platform: streaming\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 984397b05e80b4fd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":162,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"dade6a0706efe19e72b096806b00ffa3","sha1":"6d91c5bcecfb2572a7ff460416b9f24872e22bb3","sha256":"6370cb818f3941b786d7ea210d95f707336acb52febbc818a2baf27dee222e5e","sha512":"363f086fc3f5744452993d831a07a7c586ae74ebba003056d961576c224e054e6826d6da8d071147fe34ac81aa02ef1866d804d70c84cd929a7a7885e03895cf","ssdeep":"","tlshash":"e0c080b8bd5d85550211548007d141638851f6c44385866e0777529664d1f4763ad5f4","first_seen":"2025-09-24T16:18:06.700862Z","last_seen":"2025-10-08T21:28:54.954445Z","times_seen":3,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.foolhardywear.pro/ecc874/202783d36835.js","fqdn":"www.foolhardywear.pro","domain":"foolhardywear.pro","tld":"pro"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.foolhardywear.pro","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Sep 2025 07:03:18 GMT","end":"Tue, 23 Dec 2025 07:03:17 GMT"},"fingerprint":{"sha1":"E5:B0:40:5C:CA:68:43:8A:89:51:FE:0B:B6:4C:43:D5:66:6E:CA:1B","sha256":"44:56:4E:51:BC:4E:18:36:B8:E2:8C:FD:58:B8:38:5F:06:C4:03:B3:86:6C:7C:E7:5C:D8:55:8F:51:B3:1A:32"}}},"request":{"raw":"GET /ecc874/202783d36835.js HTTP/1.1\r\nHost: www.foolhardywear.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: text/plain\r\nOrigin: https://www.poopbnx.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: Content-Type\r\ncache-control: max-age=172800\r\ncontent-encoding: gzip\r\nexpires: Fri, 26 Sep 2025 16:17:33 GMT\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":103678,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"28bd72a224aaf35c5e82076c39115e08","sha1":"fcd3571f3a90abf7c5765c3431fa157e87f00720","sha256":"9b01c93555d4d40a2cc04d1978d2e7aea945431d57ce1ee29a30e30d893f1404","sha512":"c71c557b1e3b812b93a83113eeba5977b02c8ae5fcc3a724f18fa45815b63fafc65129d8deed5ae009fbf5a7dbfbf2d72bb26fc02481c261e604b971de923fb1","ssdeep":"1536:rM+iZ3YOYuyx6PUQwRxcs8P3nhkQ8vL7T7Q6eGozzwVEnHzHRbPvk:OijxEQq3P5Enne9zkWHLm","tlshash":"c1a33461350b64fd2ad0c1e7eb6720886c295810e469cca1ecd1d7c7d6eb8e3429b5f7","first_seen":"2025-09-24T11:37:52.654774Z","last_seen":"2025-09-26T07:31:09.730577Z","times_seen":22,"resource_available":true,"data":null}},"time_used":288,"timings":{"blocked":132,"dns":64,"connect":30,"send":0,"wait":24,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/get/2081141?id=2081141\u0026jp=_cldyzeeroovrogbhwtbgyo\u0026dr=49\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.596-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=MV1p5ulaHR0cHM6Ly93d3cucG9vcGJueC5jb20vZS9Tck45MGF6TD9sdjE9ZG9vZGJkLmNvbQ\u0026afid=3774434869306880\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026dto=2\u0026im=1\u0026noch=1\u0026cs=5\u0026uf=0","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:33.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"driverhugoverblown.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Sat, 09 Aug 2025 14:30:14 GMT","end":"Fri, 07 Nov 2025 14:30:13 GMT"},"fingerprint":{"sha1":"44:6E:47:A8:BB:33:79:32:BA:9C:BD:1A:10:5C:A2:39:6B:98:C1:DB","sha256":"4B:55:C9:15:04:92:44:04:1D:12:DB:96:79:F0:88:96:62:69:4F:00:12:BD:32:CB:B3:13:5E:49:6D:EF:D6:83"}}},"request":{"raw":"GET /get/2081141?id=2081141\u0026jp=_cldyzeeroovrogbhwtbgyo\u0026dr=49\u0026cuaa=2\u0026nojs=0\u0026bavar=0\u0026febuild=1.0.596-st\u0026t=0\u0026wcks=1\u0026wgl=1\u0026cnvs=1\u0026os=0\u0026tz=UTC\u0026ss=1\u0026ls=1\u0026bb=0\u0026cti=0\u0026fn=3\u0026es=13\u0026ge=2\u0026th=\u0026pcs=2\u0026plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF\u0026lang=en-US\u0026pf=Win32\u0026cd=24\u0026vcv=Mesa\u0026vcn=llvmpipe\u0026ix=0\u0026x=1280\u0026y=1024\u0026md=0\u0026psu=MV1p5ulaHR0cHM6Ly93d3cucG9vcGJueC5jb20vZS9Tck45MGF6TD9sdjE9ZG9vZGJkLmNvbQ\u0026afid=3774434869306880\u0026eclog=0\u0026snc=0\u0026ssc=0\u0026vp=0\u0026dto=2\u0026im=1\u0026noch=1\u0026cs=5\u0026uf=0 HTTP/1.1\r\nHost: driverhugoverblown.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nCookie: cart=1; cart_p=2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nx-route-id: config\r\nset-cookie: CHCK=1; Path=/; Expires=Wed, 28 Oct 2026 16:17:33 GMT; Secure; SameSite=None\nPTS=; Path=/; Expires=Wed, 28 Oct 2026 16:17:33 GMT; Secure; SameSite=None\nUID=250924111755ccba3a890a42319de9ceebd9; Path=/; Expires=Wed, 28 Oct 2026 16:17:33 GMT; Secure; SameSite=None\r\ncontent-encoding: gzip\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3366,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (3366), with no line terminators","md5":"358b581b8544e21f1e572eb64941fafc","sha1":"e8a01dd300b6e67539723ddbf26e90c7a8cc8edd","sha256":"f620c826e2fdd388cf5ec771bfc8d0c23e91f0074a8b077921acdfdd59e1b361","sha512":"f33f4fddea5973f6e8802c7e69d3bf7a85bdd2bd5e67b11f0b97ff049e513d1e7251a6abefcb39c7b9fa05a1e35981cf375053469cc87a6c1c2b93f96f2a5728","ssdeep":"","tlshash":"0d61506c01e3a3d8c260c8af36fb1c8d708c21968e675106c5aae12b79f607777371c2","first_seen":"2025-09-24T16:18:06.701887Z","last_seen":"2025-09-24T16:18:06.701887Z","times_seen":1,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tsyndicate.com/sdk/v1/puengine.js","fqdn":"cdn.tsyndicate.com","domain":"tsyndicate.com","tld":"com"},"ip":{"addr":"45.133.44.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:33.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.tsyndicate.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Aug 2025 08:32:03 GMT","end":"Fri, 31 Oct 2025 08:32:02 GMT"},"fingerprint":{"sha1":"E4:52:21:98:B0:CD:51:03:1A:59:A9:01:02:8A:D6:3B:66:E3:EE:3A","sha256":"F1:77:51:DD:B8:B7:37:39:6D:01:37:95:43:1C:C1:78:42:1E:A6:30:E3:96:F3:D8:25:E4:61:7E:80:03:FD:8A"}}},"request":{"raw":"GET /sdk/v1/puengine.js HTTP/1.1\r\nHost: cdn.tsyndicate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Wed, 15 Jan 2025 14:08:26 GMT\r\netag: W/\"6787c15a-15dda\"\r\nx-robots-tag: noindex, nofollow\r\ncontent-encoding: gzip\r\ncache-control: max-age=172800\r\nexpires: Fri, 26 Sep 2025 16:17:33 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: ah1742,DS5059\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89562,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"87781e1d7683222115078304d2414b35","sha1":"8bf54dd8a67d75a6f38ab240d47007c12c6e2fdc","sha256":"37cf30c764c95d5900378ec4e56d09a6088a8b90ed7540c0b7cd3abebba37459","sha512":"64b8288978b5e509878a3f527ea8c9fe86fb762f3b09c52e1521a3adfc1bf78f6a262e78cd9bea6eb574acc270ff52eb2647c0d05ea2ca0715a7e330a192b043","ssdeep":"1536:v9zsfUK2AHAuaEGDoXhLAknqLULh9/S1dHWyRj:v9zsfU5mGc9A2qLULh9/SHHWyl","tlshash":"1b93d65d7093604961d2f6fc007f368a686ac850f45e8caa6674d3c2ec7c4ad84e79fb","first_seen":"2025-01-15T18:31:30.651098Z","last_seen":"2025-12-13T16:30:20.429188Z","times_seen":1461,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.capndr.com/popunder-admanager/build.m.js","fqdn":"js.capndr.com","domain":"capndr.com","tld":"com"},"ip":{"addr":"45.133.44.52","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:33.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"js.capndr.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 14 Aug 2025 02:32:40 GMT","end":"Wed, 12 Nov 2025 02:32:39 GMT"},"fingerprint":{"sha1":"29:AD:62:97:FC:BB:60:DB:88:37:9C:81:9B:75:1A:F9:A2:C2:D0:62","sha256":"D8:5B:F4:35:C6:F5:9C:AE:95:BB:5C:A9:3E:61:B6:13:E7:D6:E5:E3:64:B9:D8:A2:F0:28:B8:1C:F9:65:27:3A"}}},"request":{"raw":"GET /popunder-admanager/build.m.js HTTP/1.1\r\nHost: js.capndr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx/1.18.0\r\nlast-modified: Wed, 24 Sep 2025 14:40:15 GMT\r\netag: W/\"68d402cf-176b9\"\r\ncontent-encoding: gzip\r\nexpires: Wed, 24 Sep 2025 16:22:33 GMT\r\ncache-control: max-age=300\r\nx-cdn-host-id: AH1747\r\nx-proxy-cache: HIT\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":95929,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"98480354f1add639949b8362198412ca","sha1":"387e58447c13bc7664a31162f578e06cdd7d1484","sha256":"387661848249b96fb560f1e043ecf19a14b58f397ef879bd2bfd51650a693f54","sha512":"bf8d6d530a61c8f6e662a9617b4469d138b4ea872cadc93ac1f23c093e70787df83edf04bae7f72b6545d9f939e58125b0c8f70f72049a1f39fe5f69a8646c7d","ssdeep":"768:ubVWcprgLsdOKlEPHJDf0/lGA5lhY8Jnk2Teufy8qXqTXhc6UPBQ1w1AYOEPZBqg:WYmOKledMq8JNjU2ZRYj","tlshash":"609318ceb7d2b07042a7a5ba902f051ab33e29097449442cf925ded138ad94fd327f79","first_seen":"2025-09-24T16:18:06.703365Z","last_seen":"2025-09-25T12:35:45.979654Z","times_seen":20,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-24","alert":"Sinkholed","trigger":"js.capndr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026ifkv=AfYwgwVRSNjESeyzXDAhMKT8pAW_78FPLrau6aCFNXPsNW2bkcv7KM-PeTY1UzOPu57CfzjXHytT-w","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.147.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:33.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:37:55 GMT","end":"Mon, 01 Dec 2025 08:37:54 GMT"},"fingerprint":{"sha1":"D6:CA:D9:3E:AA:21:3F:46:BD:DD:2C:06:2D:20:A1:D8:5F:AB:21:B2","sha256":"6C:68:26:80:36:50:C5:E4:B6:7C:60:D3:B6:13:10:1E:1B:6B:08:94:61:55:0A:E6:3D:BC:7E:1F:F0:DD:59:5A"}}},"request":{"raw":"GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026ifkv=AfYwgwVRSNjESeyzXDAhMKT8pAW_78FPLrau6aCFNXPsNW2bkcv7KM-PeTY1UzOPu57CfzjXHytT-w HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: __Host-GAPS=1:4yOQ3NLcdtwO6zqEi241XSVE8z5Rxw:0qDsNq6OMLL2T3Up;Path=/;Expires=Fri, 24-Sep-2027 16:17:33 GMT;Secure;HttpOnly;Priority=HIGH\r\nx-frame-options: DENY\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Wed, 24 Sep 2025 16:17:33 GMT\r\nlocation: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AfYwgwUcMgvtEP6n_invoQgiYgdIUWVDypCMkjLi1w5vUpJgzZCF11wzZq3TiD6gUPmQ2uOv-Cg7WA\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S-1271214270%3A1758730653878208\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_gse_qebhlk\"\r\ncontent-security-policy: script-src 'nonce-XQ_VK2A0tll3eIekqb2PHQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport\r\nreport-to: {\"group\":\"coop_gse_qebhlk\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gse_qebhlk\"}]}\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 418\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T03:38:11.701034Z","times_seen":15465433,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tracking.eu.erdwas.com/rtb/feedimpression?uuid=6b5a85bb-e561-465e-b8ac-44ef73514db4\u0026s=101\u0026d=254\u0026feedid=e727\u0026rt=1758730652388\u0026sb=0.0025\u0026db=0.005\u0026subid=6elqJg\u0026tokid=null\u0026url=J44XHDROF354SQSK6H3P6EMFWAHPU2R6GIAQ2WT2SFROO2FWR7WG2UR23MNEVJCZHY6YRELGMJFOYIU2ZUHGWSWMDICU3J76A7YYGTY=\u0026i=88d0bd\u0026u=125ff5\u0026g=NO\u0026ad=1058532\u0026sp=\u0026spv=\u0026sm=","fqdn":"tracking.eu.erdwas.com","domain":"erdwas.com","tld":"com"},"ip":{"addr":"138.68.123.32","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"moz-nullprincipal:{2b83d6d0-04f0-4427-afb6-4b75626d336b}?https://www.poopbnx.com","date":"2025-09-24T16:17:32.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.eu.aneorwd.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 09:51:45 GMT","end":"Mon, 27 Oct 2025 09:51:44 GMT"},"fingerprint":{"sha1":"DD:8E:DE:D6:DE:1E:02:63:64:A7:6E:AA:34:37:99:39:B5:33:B0:F7","sha256":"14:49:B3:0B:9A:12:86:11:66:96:5B:15:2C:9E:D8:9D:8D:CE:B7:36:1A:90:D6:4D:42:27:41:9F:C0:1E:D9:73"}}},"request":{"raw":"GET /rtb/feedimpression?uuid=6b5a85bb-e561-465e-b8ac-44ef73514db4\u0026s=101\u0026d=254\u0026feedid=e727\u0026rt=1758730652388\u0026sb=0.0025\u0026db=0.005\u0026subid=6elqJg\u0026tokid=null\u0026url=J44XHDROF354SQSK6H3P6EMFWAHPU2R6GIAQ2WT2SFROO2FWR7WG2UR23MNEVJCZHY6YRELGMJFOYIU2ZUHGWSWMDICU3J76A7YYGTY=\u0026i=88d0bd\u0026u=125ff5\u0026g=NO\u0026ad=1058532\u0026sp=\u0026spv=\u0026sm= HTTP/1.1\r\nHost: tracking.eu.erdwas.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nreferrer-policy: no-referrer\r\nlocation: https://x1.giriucon.com/8d04ffe9e8f556fe192.jpeg\r\ncontent-length: 0\r\ndate: Wed, 24 Sep 2025 16:17:32 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":37387,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T03:38:11.701034Z","times_seen":15465433,"resource_available":true,"data":null}},"time_used":213,"timings":{"blocked":88,"dns":3,"connect":38,"send":0,"wait":36,"receive":0,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"driverhugoverblown.com/check.html","fqdn":"driverhugoverblown.com","domain":"driverhugoverblown.com","tld":"com"},"ip":{"addr":"94.242.247.35","port":443,"asn":7979,"as":"SERVERS-COM","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.poopbnx.com/e/SrN90azL?lv1=doodbd.com","date":"2025-09-24T16:17:32.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"driverhugoverblown.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Sat, 09 Aug 2025 14:30:14 GMT","end":"Fri, 07 Nov 2025 14:30:13 GMT"},"fingerprint":{"sha1":"44:6E:47:A8:BB:33:79:32:BA:9C:BD:1A:10:5C:A2:39:6B:98:C1:DB","sha256":"4B:55:C9:15:04:92:44:04:1D:12:DB:96:79:F0:88:96:62:69:4F:00:12:BD:32:CB:B3:13:5E:49:6D:EF:D6:83"}}},"request":{"raw":"GET /check.html HTTP/1.1\r\nHost: driverhugoverblown.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.poopbnx.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Sep 2025 16:17:32 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Mon, 22 Sep 2025 06:11:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68d0e8af-39e\"\r\nx-js-ab: current\r\ntiming-allow-origin: *\r\naccept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":926,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"088dba8e97eede53134c93219f7ebbae","sha1":"adb707654d1fe0af7d0d7a9f55660d22bd3625e4","sha256":"6da0120b4c7bc45b63fcbb87595c3c1ea2cdca482b0c48d4d2ab434f9e897aff","sha512":"23a1f87731e8aee4658993cd1ce35ec179fea80b89bf52aca7634488f1bdfcf88b9cabca4859481357a9fee06cbb49df64bbe0878b1dae0e5df4fa34003c6d80","ssdeep":"","tlshash":"6211d04934e1684c1127a6301597a2183c32a40315cbd949fb9cd7301f815a7dc596df","first_seen":"2024-11-22T16:59:41.974716Z","last_seen":"2026-03-04T10:11:28.020186Z","times_seen":13721,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}