{"report_id":"036051c3-167a-417c-9f7f-e33253283ce5","version":0,"status":"done","tags":[],"date":"2026-07-12T21:19:22Z","url":{"schema":"https","addr":"serawex.com/","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"172.67.177.6","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"serawex.com/","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"title":"Serawex — Online Games \u0026 Rewards","dom":{"size":213223,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (65468), with no line terminators","md5":"f0690aaab33f36f2838144ea7ef97f2d","sha1":"ad2fbae39d687dae339cd6ceb7ce2c185853b72a","sha256":"528a0e88d20b8780de92f257e5e34f4fd6ee9cf0a00cfb755ba1899fddd53f28","sha512":"26a5535c4dc84fde14140442473215fa9c6b7dedc167ac6486ad1e7da01ab4d765bac290f2e2b0fd78ab28be8c1f4eb5d5aa17c2c72a7f00279e5ae6f8c89056","ssdeep":"1536:72jpxxOPc5QgadnQF44MYYWjFvlJvRTgiR6666l666606666RKk5wTTqI/e:7orxObMHqI2","tlshash":"3e24b731e308591d7037c584ea61bf5e72b9c206d31a552ce3fe6475e38b8faa5272c8","dom_hash":"domhashc7eb0791f7d28d267fb2d4601f128b8e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"serawex.com/","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"172.67.177.6","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-16T21:19:22Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"serawex.com","ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-07-05","domain_rank":0,"first_seen":"2026-07-10T09:39:57.625901Z","last_seen":"2026-07-10T09:39:57.625901Z","alert_count":115,"request_count":115,"received_data":13751478,"sent_data":74429,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Next.js","description":"Next.js is a React framework for developing single page Javascript applications.","website":"https://nextjs.org","common_platform_enumeration":"cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:*","icon":"Next.js.svg","categories":["JavaScript frameworks","Web frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Webpack","description":"Webpack is an open-source JavaScript module bundler.","website":"https://webpack.js.org/","common_platform_enumeration":"","icon":"Webpack.svg","categories":["Miscellaneous"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-07-05T22:48:05.057169Z","alert_count":0,"request_count":4,"received_data":14426,"sent_data":2272,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-07-05T22:22:24.069932Z","alert_count":0,"request_count":1,"received_data":33694,"sent_data":743,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-07-05T22:19:28.847206Z","alert_count":0,"request_count":7,"received_data":277758,"sent_data":3988,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/1255-c32318a942e40e3e.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d0655ecf061ed2032b2ed77f5fac4960","sha1":"bd73869341e65531e389db448125d6aa1b94dc73","sha256":"da0b6bb480869080c97b8a651145be0afa28d583e9f61fdbf836fbaf22be5ce3","sha512":"848f838f84fef605ebcdfe400206de7557e437dbc80169c2fd494308da5747a6fa93547706a1a590b39d20aaf9587ea08e5bb71a162734255329beb93bad6485","ssdeep":"1536:bzigN+8/BhcO5HYHqLVcXo7yIzPr6Q04ToTlTx1p7eChTtaocZXxreXRNIrky/Sz:379LmA+sy4r904Aj44RN0z/Sz","tlshash":"f0f3dab636d0f8d107a780e5843b400af3291c3b146f74a0a3e6dcd975645dea1b3faa","size":173011,"data":"","first_seen":"2026-03-28T22:09:22.209351Z","last_seen":"2026-07-12T22:01:35.300715Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/6477-9e02b2a147e40874.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9572bd36ad48a0afeec6633517fa7710","sha1":"d6483ba4eef36b13eb61477ac213fb9e4209bbdc","sha256":"597b7a3a3a772044b01484b288189b297f5295509a6b9834b5a3e20ffa3c3ac8","sha512":"870b80a2619e547b7aba1eb21b54d03136d56ee0e07a197510acc346f159ca8fbc1224e2934260f169a4836806d99e7ae9bae320bf5f2202ee18679492454f60","ssdeep":"12288:8YvBFTs8FN+95dzoX8i3UEPLBTXyXTUCI3184x1BZcWt/6BHsYfowoy+INtbkflt:8YvnXFZ848GYfowoAeOXwF","tlshash":"ad955c0c4b6c34ba06dd77c236cd1f36aaec4db5a6d1d2128cbe566d21ecc38923d658","size":2057604,"data":"","first_seen":"2026-07-12T17:38:11.939923Z","last_seen":"2026-07-12T22:01:35.325726Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c3e3e350f78cf22bd7b335d70b41a58a","sha1":"cce22220b6a8dff76692755cc45439b4ec474a4d","sha256":"ee6bb81f4e9fc030a39a7c71affc4d1f2b900baa4b4c7af83361388d7c39599b","sha512":"15b6cbf8bd67e82a4952004138ebc95c44e4d373317826f1560eeec13416cc1d6a38d834609ef4b713e7a9c92d1b1bbf84de08e2e4061ed3d1e3891982c25b0a","ssdeep":"","tlshash":"3f90025ff2302063a756122b166f15456421626565550869123830eb4955148474265c","size":57,"data":"","first_seen":"2025-06-30T14:23:19.448274Z","last_seen":"2026-07-13T12:08:02.37488Z","times_seen":57669,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b3594c64cf924625c05a7010cafc018a","sha1":"0dfbc548122dea0a68476b400895ffa1eb22f645","sha256":"93268a0726ec1efaa676ae5171f84267e72b7c3d215b6190794cb4069d5f58d8","sha512":"8f1d3fdc6a2935557a199535e172a92c825bbd1b2ddf25cc9be3968fcd444cd0a4e023bd3eeb90c2c222588defbcb5f1ad05dfbd1f542eeb760769db532fd282","ssdeep":"","tlshash":"420156a9f32819da66d92fbfa06b570c7460203e380600319507edfa1700de021cbd8e","size":845,"data":"","first_seen":"2025-08-20T20:29:16.213676Z","last_seen":"2026-07-13T10:45:18.958871Z","times_seen":6570,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1a6e1178e4bbf5730bd664a49dd3bc24","sha1":"17c3ae3273f9de6afbbdedf2e413dbb3a6722792","sha256":"3814cddd18b2095e01abb745a99e5ada90178e709c09879324c3b623f2d829ea","sha512":"cfb1aab0bf589e33fd12906f448ddbbf7163420a088de513b174304c9ba3a7abcd9b41c98bc4dd51edd0206c1fe4660db9857e3c6163d1bf50c670cefddee509","ssdeep":"","tlshash":"de9002b090c39c5890264186687100160b6c040c01080141132184d810115048e40d8e","size":43,"data":"","first_seen":"2023-03-13T01:07:12Z","last_seen":"2026-07-13T12:17:46.768018Z","times_seen":186346,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4298e3bb283284174c517caafc804001","sha1":"41c638305509f5f2e3abadbdd4492ce79222eaee","sha256":"2dbdae79ed4c2bd1f5c11d999bb8bcc387150fc2e7ab673cb0d69e1d932c3024","sha512":"6e508f1126991f563e8c94ad6ff5d2bb7e690d4886a36d550fd801ed423f03997061cc0d56251d9aa3a066005e6824cdd2779f80855cdc6e2759d06e41f3b8de","ssdeep":"","tlshash":"8b41481fb408f5426da3de4b04b62e3b8a9de977413dc5acc48ed83a0121a3f9388d11","size":2252,"data":"","first_seen":"2026-07-12T17:49:20.821728Z","last_seen":"2026-07-12T21:19:32.008728Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e1d1a3e87b524038ea9f8d4bc11fa411","sha1":"3099971547042a5cc87f9e25b123d993c8421c08","sha256":"dd8764264d7017fdcccf3e9a381ad04383d1c38e47ae604f167004b28964b287","sha512":"617e71b2e94999b79aecd57bea4525e8cc9005f6807454f3e879815d8a1f803ccc3318973469690fb0fe4d9a5232a19b653bcc3174ec7c89abf7bbf5aba1abf0","ssdeep":"","tlshash":"2141d10f6404e4066ee3ec9b48b32e3b8a4dda73827cc5bdc95ed87a012163f0399d16","size":2246,"data":"","first_seen":"2026-07-12T17:49:20.822757Z","last_seen":"2026-07-12T21:19:32.00974Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d91c8a2fa4efdb74b884f4d6f04c3f00","sha1":"644c3855261a57256c6f61e719cbf6b13f9951f9","sha256":"7a89c32af7f910ef53e5160efe14b510a67cc816de95f7f47b9e43f486599c54","sha512":"3b569525f35a3f2c143ea05171b418da63aa87d90ba4fa9d18eb39f9c2bdca545d61e4a985b1988820f318789a58f925bc125460d84ce1a4889e354a493637db","ssdeep":"","tlshash":"15e0861f5040fc06aaa2dc9b09372e26ca8ce97741bc846dd6aed8a9020173a139dd16","size":355,"data":"","first_seen":"2026-07-12T17:49:20.823673Z","last_seen":"2026-07-12T21:19:32.010362Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"203056cdcc4224e25edae862d03a6300","sha1":"c908d269a0153770508bfc630c36c5b381c164a0","sha256":"90d7e8caff211e1ef1ac3262279bc85809f977c39367ba77b4749b81a9f9884b","sha512":"903ea68146b70b9fe4248a57492423b1f45c45430b949fc5652ccc8ea75a42bf2fb48b6db01e3a2f6a313a720f810fe3652872d99d08734cff73ab46750a710a","ssdeep":"","tlshash":"b271d5367203cf5fd89e7956147e0dba694c8b7e9ea0c694c1f1de30458ac78afc5880","size":3514,"data":"","first_seen":"2026-07-12T17:49:20.82456Z","last_seen":"2026-07-12T21:19:32.011224Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e796396e0170414cedc055e68d04975c","sha1":"9b5c86da1a74a28c19e5825c6c07f2f55aef1332","sha256":"8d87f005b9c6cb6f3bd38673153369618fd9a26c47376f9267fb9993b8099d36","sha512":"fe505073cde7b70911c63c89b49f13ddccde9b2d43440ff55a11e7bd2133f26c5f87085768c691f857a7190b820620274ee9f62b8f30261b7e999bdb54ec5585","ssdeep":"","tlshash":"a231f03c3008d94ffd997d1912be6d3a50dd456f03e59a788bc8de014a824be7b92e81","size":1686,"data":"","first_seen":"2026-07-10T09:50:21.092118Z","last_seen":"2026-07-12T21:19:32.012023Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"bca05ebaa352dec1376ce72326c8e630","sha1":"c6887c48602e2409d820efafa512a87096c55bac","sha256":"f21861004f3a33c77b5b445a8d29937519660dd789bf8b3db4024113120720da","sha512":"60d9f0ec8164085c963f728e8ed994ffb6125252f46254f6a41de391cb909ed88bc2cf0414b6081ee9686c15c28a654e5c3ec7b93ddd36b53e2d86f0abcfc891","ssdeep":"","tlshash":"e2418874a409fa8afd9eb958503eec3a20ce859f4ad19f7942d6cc64460247e3783dc0","size":2398,"data":"","first_seen":"2026-07-10T10:21:04.29759Z","last_seen":"2026-07-12T21:19:32.012621Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"645b52a9795cf944c8c4b5658bd3b6a7","sha1":"0ed2181c44b78d2e9277f2f5a1f2f3d3f5bdb59b","sha256":"4f3a042ce8abfb0e6fab5f8ffb542b36fd9c6cfb0e30e9d52b0f2f0e8f909891","sha512":"5edb565e2080a6b054539641ead997e548a9075eace29e854bbd6ac8d06878810125a394892ff470691c1de925389de292ff586164138f7bf9e7c8986ed98c20","ssdeep":"","tlshash":"38d02ba09c92cc0dc7660f3a183f5c3921ccc66102496246fc89db784a8ae340aa0ec6","size":279,"data":"","first_seen":"2026-07-10T09:50:21.094557Z","last_seen":"2026-07-12T21:19:32.013375Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1280c0c0111f8915850a7e694cdb5061","sha1":"9d0463cbcb9075168a6df26e294b2128d0dac82e","sha256":"b533f3d4ee3d1ad3b5ad9eda81fb36d16a1c7a99ecabd720efb9f8e5fad287db","sha512":"39af3408291e17f45470606b85e994986f1d4468a1e0d8a2a3808dc34a442a5cfed5f6c11cb7fc6be7d77014e20ef3d3582dcfc9b72d6b69d1be47f6cd957751","ssdeep":"","tlshash":"d39002a0d58d0d668032055264241c094798c40d00445d8012e550cd5062995a555d4d","size":55,"data":"","first_seen":"2025-10-02T06:34:56.794292Z","last_seen":"2026-07-12T21:19:32.014049Z","times_seen":73,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0ecdd3e2d2f84daaf719afe6883c1ed5","sha1":"75f251c1eda48d33699e6a8d40488d508ad1ccef","sha256":"40533807b0c9bdf4ece5b25d29ce93032e8dfaa5c6e7649c4c5d6d6073d5f41c","sha512":"bc47927f16c653c315d7ce28ff4f3f1b698cdd25249efe7edad550a3587077e429f6958a98748584f46741a0953efb3748ed03a7c9e257621d1b965f4fbb1441","ssdeep":"","tlshash":"6351c0a39e15de05cbcbaf14297f3cb024ccc6939245955fe19cc924828b97829f5f62","size":3122,"data":"","first_seen":"2026-07-12T21:19:32.014706Z","last_seen":"2026-07-12T21:19:32.014706Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"20281e45103fdcedd0a42ece4b5d8566","sha1":"365152b9a541be927ed138e1b4a9eaeb8b0fe0de","sha256":"f158da4b9371d073bc1d9cca38044807cb946788682b45acc28a6cadbba77aba","sha512":"92f35e9bde5ccb7ebd0ed0d1d85bf89f719bc588aa9458453c0df76843d28470015e2616fbee4ee915659dd6fec41a9c4b52fb78ac3b5c09501b5a8b8d86b4c1","ssdeep":"","tlshash":"cb900470f1400c574431001314fc711115dcd14c04010d001f515f473c131557f0dd47","size":45,"data":"","first_seen":"2025-07-25T19:48:55.250327Z","last_seen":"2026-07-13T12:17:46.829194Z","times_seen":5712,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d4f58df8ef556437633bb90cc31469c4","sha1":"c1c713bb5046a54cb79a8e7537b6d7fca624fd45","sha256":"2dcb2e50c883929aebb7a64a7a22cfe2260d856a3c36a6926c082da19c552b7b","sha512":"54c8a79f5897cd198db689700c24f950ad7fe19eed815f8bfa0e47428701d8c84a1fd8f677a6f1b2a4f1443f35f2dbd19e6f456ceeebfb1c59275bb356e1a5e9","ssdeep":"","tlshash":"bfc02b041427c47b421c6f4dc02243d4e4b020bcdc492480801d181800d0c313b40cd6","size":130,"data":"","first_seen":"2025-03-25T18:26:20.414558Z","last_seen":"2026-07-13T12:16:44.104268Z","times_seen":50934,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5a87f811171a797b89b8d185d7a93052","sha1":"e9b49c2be7f7cd86eab532f326af34e997a7d949","sha256":"a2de2e58c50b3a040444955e5bed514b82e241acde87d5586be2336f0097e375","sha512":"3da88dfa70488afca88098c84a064e1b31bb7ce6cff36f4007be560397025f19fad3e934c5416a975c8e820b58006735439fb8ec3caded395d2499a4fc1765e5","ssdeep":"","tlshash":"1c60000000c3003c0fc300003cc0cc30cc30f000300c0000000f03c00000000030333c","size":16,"data":"","first_seen":"2023-03-08T20:20:25Z","last_seen":"2026-07-13T12:06:05.684626Z","times_seen":12460,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f1d8410f129a659e882f6e80ef48b45d","sha1":"1d6480ba482cd0fcc0885d521778381d29e1b6d2","sha256":"8f1a66bb3132bd59867f5baedeb2e755bfbe69ce10d24878f5514897051fe90d","sha512":"2e54e53cbfdabdccce0dba0339a04be14d2c920eda6c5755914f646e83662898332fbacffdab854fe73d5d31dd4e4d469a06c89a4d8f48bad460bf2fd47403ce","ssdeep":"","tlshash":"cf6000300cc3000c000000c030000cc00c03f000300003300003030c0003cc0033300c","size":16,"data":"","first_seen":"2023-05-01T16:55:24Z","last_seen":"2026-07-13T10:45:18.959992Z","times_seen":9997,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/app/layout-3f0574c4e5d40333.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c0d11d52032af6ad193ca67a8408c35c","sha1":"8932c0ff9004f3317bb6d2e2c06693f5f855a761","sha256":"6165148d41738b1c671dce4457ec8f9742d6b4489d0de7f6c916b30a77d5f34e","sha512":"7a88391810320df94fc5f40b777293396b0f6fef64aac6c6ba2ac848997bf81dd11dc7cedbe7fbf16e450fe788117fe66f79dae4b072b67724e99c13c2590fdb","ssdeep":"768:+s5XQwaevuPsAc9kxPsAzea6AZZGSYY2pxJuFFdYnQ:+s5XQwaevuPxnpMpxJuFFynQ","tlshash":"80d21ba6920a293cb5b245e8663f910cb17f6b25d72e4414b7bf2c313b498cd92727cd","size":31080,"data":"","first_seen":"2026-07-10T09:45:03.495816Z","last_seen":"2026-07-12T22:01:35.275778Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/webpack-88bb21cc9b698da8.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a6e899e41a949fba95deb581bb003e29","sha1":"89ba1afcdead5a1d29e3f536b345fae2dba1b13f","sha256":"6e412f48b783c41ca2068b946c56cd6312c80b2d3abffb6dbfd140e72c87ba60","sha512":"37f42a21cc92480d8f99693a786fa2152a4eb6e87e9543a80d7e50e46bc07d6baf311b4dcee59547fc6bb6e1af56aee9c0ff37c864449797ef34c6bfe4d4b052","ssdeep":"","tlshash":"0a6195a93625f9b556f108868c7ed142f21a6037051af8a0e717dcf9b464ae20562ff3","size":3448,"data":"","first_seen":"2026-07-10T09:45:03.472302Z","last_seen":"2026-07-12T22:01:35.287927Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-07-13T12:16:58.694482Z","times_seen":394696,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/8347-2cdd515f34b89f12.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"49950202b034f7c0521d2f2129c83c84","sha1":"b39a0b9a93e867cf8675f483507f08d29d1375f9","sha256":"b35f82e8ce5a7a8b3b1083a9731c3d7351973f866106ebffd0c69b90405e5db6","sha512":"e40aac677169b6d180e3fe9b824cb491c49e9c1298c17f6a222b00343907f3ae29daa5d7b2a5c9af388e54bfcd0f92611283a303bb310752b5721c51c943be04","ssdeep":"192:njk3KSwJQV71am/oOJZBOcIkQmAYxDvLZNIw:jk3z1D/9JZQkQmAYdvLZNV","tlshash":"8f02daf5b762383149ebc2d6b5722942f318078e6628d81051f50d2e7358e0eea52fd8","size":8438,"data":"","first_seen":"2026-03-03T22:08:14.650035Z","last_seen":"2026-07-12T22:01:35.278324Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/6820-e593c9faa2a09980.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5c1e6130f49137ec5692ac319914a3f5","sha1":"e2db6215232326cd4d627e0f60c9a2c0ebc01c74","sha256":"131356516768ecf2507d0f76b9a7e9908b01e31dfc8df88329705d2e2afc3222","sha512":"d69ad7e662752ba1072c4de3574746de1675d7c123fc8c86dc45531e3ba9df2435998247276573ffc511590437f9cf1f4a3eab9c59d8e0ef9dfb3fc717e73b12","ssdeep":"192:WL9p3LRi2cihbDVksxQTu5c4tMSojxugZNYOHCh0wMcGW0T2vJVkwkFFtzQj:WL99Rx2Tu5cAMJVjiqwMcGW0T2vrkXbu","tlshash":"5422c8d9b5d1f8a583ab4090443f100bf2795d75281e5184e3f95ceab9a045ca2f2fa9","size":10748,"data":"","first_seen":"2026-07-10T09:45:03.49158Z","last_seen":"2026-07-12T22:01:35.290779Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/4038-49fdd8ae32fa9982.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fcc0345f008acbe8f529de677f7ea0b8","sha1":"4709ac8c02289d17f1a27caf9f719c3199e33199","sha256":"94702b098b138dcadab4016ec2aaa5431ce4daf3592629f2b1bd4bfea2c18363","sha512":"40efb9d579d53f9a2b66c219b459d80829c15026ef38f76021613ef87027131a8a09f3ad0c4cbc7d7421f37e3632c419088eeafc6f2907fd8b471081a65c4f18","ssdeep":"1536:kjI+qNzajw1Muc9T05eMK89JgRPWSEtmfPjvss85QxnpYQoQCsdZ:k0plajw1Cez9JgRPItmf7v85mnWRmdZ","tlshash":"178319256609315cf17bc58872cfd91db26e362ce61ac578bf3e7829179a0f4b126f80","size":82267,"data":"","first_seen":"2026-07-12T17:38:11.838423Z","last_seen":"2026-07-12T22:01:35.286472Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/app/(main)/page-1242cbe80559576f.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2ee880e294b488be8baf2ca00c36378c","sha1":"8097afdbc5ddf81116d40b3ee666e00de6c6f3e0","sha256":"ef032dd04b290288f2ae2edc7770a8d5b9326fcef21f5bc58b25227269543da0","sha512":"3eb17709c4aec980db281cba79a3b2a34ab80a6faa5937533e6b892184a66f54ccabf143dbee2d30eb530a94f2627e766a7452702e844f442e436f1d413dcf8c","ssdeep":"1536:7cJf0hkZ9geTeIY6rGa5cd1Q8g993275WBWVQ4u:7y3ej6Ka58g993UZQ","tlshash":"8863193a975a7918f837ca8c769f410cb16e4528a34e0db4a7bbac3113854f4b667fd0","size":70076,"data":"","first_seen":"2026-07-10T09:45:03.50869Z","last_seen":"2026-07-12T22:01:35.305089Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b2cde633364ca71e63e183fcd285ce7a","sha1":"9a862e68484ea8b8bb94f672043d0752dbded9c3","sha256":"77456310fac2a586847d628eb005a0b7fa04b0e9569341b7bb5702bbdb94920f","sha512":"80caa655040b31db018b4aa93f5ccee47b87cad631f25e0b6f316c5a36fdfdcf3fb8da6ad95b895a620a2ccb565090f596acf0070a561a4804e502da79b3ff3a","ssdeep":"","tlshash":"6ef00e5a2c97a4a737fa367ec31b562b235203037882d808ba0ec4242fa8a951c4298d","size":614,"data":"","first_seen":"2026-07-11T14:42:53.022414Z","last_seen":"2026-07-12T22:01:35.324806Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/main-app-f3336e172256d2ab.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"39016df7484bb925b0b0fe1905ddbceb","sha1":"088ce59eb609b8c19e00e2d93e10d33b75578d7a","sha256":"91801d552d3e97ad6aabb535c2d8eeff31bab152fb2448b8556373894e7d7215","sha512":"41618a49d22f65beb83086c769a8c67e5ba76cbd01b838ee2ef88857171a333a9ee680d08d182a3ef65393eef1b4d2984c122e3d4d0913e82c0f0e9ee004e46b","ssdeep":"","tlshash":"8bf0d69a4f0cf52f5d26ad65fe97ace2245f4175202b4e606901ee613c23bacd270404","size":572,"data":"","first_seen":"2025-09-01T15:30:28.522834Z","last_seen":"2026-07-13T11:41:26.835456Z","times_seen":634,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/8602-8018835a2b8c6467.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f366648bcf45d5debf0c1b40cf7d2f5f","sha1":"0b1a9b153106e4fea89f7cac44766d059c2e5941","sha256":"673a7d8aaeb6a9b355d1054015014fd544c8be225843d7bc37d39210d4caf7cd","sha512":"87bc2980f9da79d98616c2345107d092948b85ff882e652aee6ea02a2b3e01f9f8a2f49bd4835069e0487ce71bb42d9591bcd223fe11cb936a9d27a489040e70","ssdeep":"384:iTrTbTaTUnT74TeTVTwT9TQTkTz2uLSD8Tl4rmN2tTRT5ToToT3TuTcTrTP8TQTz:EP/MUTa4NOlu6zVmD8J4rhVxJ22jICPz","tlshash":"936286be77dd348d5a02e2e8d92ba0039bae0138264c4434b14ee4fd5958947987bf3f","size":14841,"data":"","first_seen":"2026-07-10T09:45:03.507605Z","last_seen":"2026-07-12T22:01:35.288512Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/app/(main)/layout-4d27638b938b6895.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bff7621c687cd5d0f66ebf66ca833cfd","sha1":"cd1f50b353365d253742afdf6ae67fdf39795351","sha256":"d28666a9634510936f8d64bbba35597f853a668c80009cdb3607125168eefc37","sha512":"b25b6d5745ac6e3165fcbcf29518a315ad942447a0a7dd97c02324c08a791d30f9eb178fed39ee9f4b5694defbccc9c1b7ec56764182c26bcb50a4158aed6dfb","ssdeep":"768:f4f66H0enWAvs3/94888itgZ6E9hHnIiTuJWxdlBLdvHT6tyaz3DXE7ir3zeZ6z:fcrnWAkva888itgXhNrT5eDE76zeQz","tlshash":"f2430935aa073d18f63f81c9778f550eb15fa924fa4f4538ba7e2c3212584e4b226bd4","size":57728,"data":"","first_seen":"2026-07-11T14:42:52.99703Z","last_seen":"2026-07-12T22:01:35.313706Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/4bd1b696-100b9d70ed4e49c1.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2a9c2166a0ae63c27a466c7fb5903d80","sha1":"51f1c90c3f1e1d32d0c81e836ded7ed5ba0601d6","sha256":"5421e13a91a9389517b66179f3b4b5eaa0d95245438066d4d7b19ac30aeb809b","sha512":"8dc6274f2637076f1b5c4cd3f61b14259ec5552d844245c8b93a64f19c8b6b7347554a03b994b0f880b7dae74ad65e54eaa00be81783c2cedbae82a7fd4b89dd","ssdeep":"1536:DWET9Lwegcl2MywYleojBFOQLfioEV7hNc7lFlgXGhJx4bzZc5zg5tgW/zAe6c0:Z9LwzMyh1vLEE7RgXOQ5SIA1","tlshash":"ecf3f8ec3999e611aeb342a700df28037378261b240d4d60a614fd9ea57845bb17bfde","size":173025,"data":"","first_seen":"2025-08-21T15:49:50.637902Z","last_seen":"2026-07-13T10:45:18.945199Z","times_seen":13110,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/app/error-33d1788fed5ffb4f.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5127c8a0bf18bf19c981c4c0f5fd3b5d","sha1":"f812e3d7611042d8be29a2491fa3cbbaf991d54a","sha256":"937b53427e51b436510f6512d504cecc2f6b5478328d3f8e1ce04c45758345b6","sha512":"46314691bf04c743c678ec3b850bf7fc634132b3102eff1279ab430bee9398efe937e8b5021231f5193dbaa3e459cdc12bfcd4e31160df42ac8d8f7fdebdba59","ssdeep":"","tlshash":"cd41621766056e18f437c94877ff900c71eb4428712ade7867a89d3a11d64e53a2b7d0","size":2364,"data":"","first_seen":"2026-07-10T09:45:03.569736Z","last_seen":"2026-07-12T22:01:35.294604Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/9792-bbed82e0e875a1e0.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b082208296b9b3705076807c6a765752","sha1":"df9d0a8602debe4cc087445f2f2928428a8dd8f8","sha256":"e5cc5cd6fd587fd300815648759a627ef8c4dc295d75f12440f6d27de6b02924","sha512":"44a1bafc5746c002fc285d55b8f9240e4dc493c65c631114334e52b732499504fee8c0449fbebf9d50205593347c073ebedd5e48fb1e606a37f7cb474066b846","ssdeep":"192:O3Yaic4We1aowaYz4n6rUGUCKbLgcJ/t/ml/6/hYmPE:O3LuWsYn/8rc/8E","tlshash":"76121b92baa2f8b291bb6552683703863130277b790b4441a3bb4cac2354f59b4d3f5d","size":9337,"data":"","first_seen":"2026-07-10T09:45:03.521341Z","last_seen":"2026-07-12T22:01:35.311525Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/app/(main)/error-e76e5ecab04323eb.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ea37a6907bbf49850fbc241b021b98ac","sha1":"0c4b73cae7505f9098532e047b378bfae64317ac","sha256":"38ad85b1457519a9dc72e54394f3996d7560f3d34e3398ec2ec72a9ed62253aa","sha512":"dc3684031a1dfd4df683fa10824f12e47c829ae2d20a92efd4820e6ad9e55732c6a9784530685c9356a7af34747a1a16f700f036f08e09d75bee9b15f06256cb","ssdeep":"192:lTzTFtTCTnsHTTYTetT9TYTFTYTcTLATnPtpSTiuTQTp6TPTSDTETzT3sToThTF9:lTzTjTCTsHTTYTmT9TYTFTYTcTLATPrw","tlshash":"681224fe5f9e25ce5512c3ccaa4ba040d7de0338365e4821a58ea8b9c241956fd77f24","size":9171,"data":"","first_seen":"2026-07-10T09:45:03.528266Z","last_seen":"2026-07-12T22:01:35.281579Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/5708-926a5cbb3579d1f7.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b58d901009e5dd078ec84a30e48e151d","sha1":"f871fd5e9a02a283c8e31a9be700e4ae15715e17","sha256":"0faa839769526c3620c7c8f7bc9b4b78004ef9980c103cd365079fbbedff3ab4","sha512":"b31d347b922a69e047655ced69bf8b14f63967d19b9b2df4b68726f51b5462170295305ad351d502bc84613fa23d89898c53400e8ce7adfa908d20f7c8ccf899","ssdeep":"384:u4daU8llCsp4PSOIX+lhs1UW5KRJ2YE7d2BzS+k0JQu2U67PMvia+MT/BuM+Mn4U:u4davGFu+j22","tlshash":"f1c27019aa4ba4bb87f116ef697d0b8401af075ff548ce17e529cf183347a252c91e2c","size":26916,"data":"","first_seen":"2026-07-10T09:45:03.479914Z","last_seen":"2026-07-12T22:01:35.306961Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"serawex.com/lab/slots/fire-strike.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.462Z","timestamp":1783891131462,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/slots/fire-strike.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:19:02 GMT\r\netag: W/\"108ae-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=j7JfmTLsqabor34O6MXwA%2FxSdTw8TL%2BCmcwa2gV4YVsjk873mIV8Szl2zUH2P6nHJKmpon6FsvvXmm7jShq1x7j378G1h4t6PM9OLO3Q1SB9ZyC%2FVb6rQUrvmjhlLw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31533a893723c-OSL\r\ncontent-length: 67758\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":67758,"size_decoded":68759,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b60599e0bc3952067e16891a5fb97653","sha1":"71247bc7e769a0c953cd6458ad536436f11098e2","sha256":"0a3d85ce2dcd6d1aa8b9be3ac6db4ccae0e4f3f832c06b46062df86fd4ab060e","sha512":"34671a695c0cd4a154c97ed5c030c378917af33ca0a5a95b5d7f789dcfd353af6b8c77df1a90e0098e3602936360583a93d1faaee5e9ab8064c7c4c116dcdef2","ssdeep":"1536:yqon/EW4B8UjSTy80dQPYtJ4HpUbsUQtIJTP45lqLbalx51jTos:WcW4BTSTy8pwtQpUbXVJc4w51Ys","tlshash":"096302b330e35429038019f2ee67f84f62a2a5898057115e7907d587cf36c0f52ea9ef","first_seen":"2026-07-10T09:45:03.466313Z","last_seen":"2026-07-12T22:01:35.269607Z","times_seen":17,"resource_available":false,"data":null}},"time_used":11636,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11305,"receive":331,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/1255-c32318a942e40e3e.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.406Z","timestamp":1783891131406,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /_next/static/chunks/1255-c32318a942e40e3e.js HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"2a3d3-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=V5h%2FOXy0fyxIr4FigdNW%2BnWXYAVm7ulOkIX%2F%2BprMXK0QyzvQLgLT60GcyG7dc0Ej3G1mEt6ylvhWeXMSsOD5nf9FWIyyClkCwobvYyyELj5eLnNYju4JNM%2FHbQQjCQ%3D%3D\"}]}\r\ncf-ray: a1a31533484e723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":173011,"size_decoded":46820,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d0655ecf061ed2032b2ed77f5fac4960","sha1":"bd73869341e65531e389db448125d6aa1b94dc73","sha256":"da0b6bb480869080c97b8a651145be0afa28d583e9f61fdbf836fbaf22be5ce3","sha512":"848f838f84fef605ebcdfe400206de7557e437dbc80169c2fd494308da5747a6fa93547706a1a590b39d20aaf9587ea08e5bb71a162734255329beb93bad6485","ssdeep":"1536:bzigN+8/BhcO5HYHqLVcXo7yIzPr6Q04ToTlTx1p7eChTtaocZXxreXRNIrky/Sz:379LmA+sy4r904Aj44RN0z/Sz","tlshash":"f0f3dab636d0f8d107a780e5843b400af3291c3b146f74a0a3e6dcd975645dea1b3faa","first_seen":"2026-03-28T22:09:22.209351Z","last_seen":"2026-07-12T22:01:35.300715Z","times_seen":26,"resource_available":true,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":44,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/api/reviews?locale=en","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:55.723Z","timestamp":1783891135723,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /api/reviews?locale=en HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 21:18:55 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Host, X-Forwarded-Host, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qi1w3bVkO6mdLFIu1rLFgC%2FUCigE0xB%2FxxDNX58fvC%2Fd9yV%2BSr7MoI2kVFtNNTGffkRtHvOtpCOkVB9%2BqDFz4kh3HFYlomPLDn0Uttm7U9HPVGX%2BZ1f4AWIBJXlQpw%3D%3D\"}]}\r\ncf-ray: a1a3154e4e8f723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18928,"size_decoded":6362,"mime_type":"application/json","magic":"JSON text data","md5":"d16e373ccdd16c5e3e1f4d323449985a","sha1":"4f0be4b252aaaa30ae2f1fb5faaf1a47f4bd69e7","sha256":"ecf27688680d4cd4ef724bfa14d5b9599c6c53f13c8659747ca7adc6d66cd3d7","sha512":"e8436522448eae9b408b8bb4d4dfaffe07f4552cbc39b540fae25151c19c2e0ff993a75f8dbc873de8ad99eca787e4977686d4bf230d084179d819fa6c207097","ssdeep":"192:3uYByNeF6PSGNfHaN+NuYdyUpVEYiFtMnVVqqnRpldQdMn3kaeJ4XgA/57ZUnRvZ:BY90UvVNd3kaeKenVi7mi0cRHHEi1eZ","tlshash":"598264672518223c7a7220eac14b7fa4371cb9327712dca0ed0fcebe41e21f9447649a","first_seen":"2026-07-12T21:19:31.884951Z","last_seen":"2026-07-12T21:19:31.884951Z","times_seen":1,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/games/trytostart/1924.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.156Z","timestamp":1783891136156,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /games/trytostart/1924.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"33a9e-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8AlUiPVNxUytllmnE6UtypSgOGeumsTJTcLFcHD00CEc5F6DsxJdP2Vq4O1B5sQKBoqQpSj3gBQOOVx6B2yaDLxL1ceMsUy2Xe4bglSJLl2LPlhp3RC%2BTVg9huBbEg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31550ff44723c-OSL\r\ncontent-length: 211614\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":211614,"size_decoded":212538,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"af1db56f60120f307d2ba81818e8002d","sha1":"d70c970aabbb178488165af57e62c7fb26fe18bf","sha256":"3876d54e638854fb3eebd66d3687beb7553bc05ed25b050a9b4da9c021e66ad4","sha512":"25b6cd6a2d39d04b6e30e57f5186f9d9eb60d3817963540e1b3363f963a218bce3d0f7956b07cb8e9d4f7af163c23bacbdbc96a180c11721246bd56f4f7eaf94","ssdeep":"6144:pnwxvYgBDXYvD7qjbEwCAc2jkinaLeCfHEIdb9j7lsYa+2:pwxvYhLUnyl9h9j7ls3","tlshash":"6e24120259e88b5ff1bb1c658fca4c4a2383e2f129fed086154db37b25d0c996b5cb16","first_seen":"2026-01-31T13:42:56.720032Z","last_seen":"2026-07-12T22:01:35.264393Z","times_seen":17,"resource_available":false,"data":null}},"time_used":542,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":367,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/slots/starlight-princess.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.469Z","timestamp":1783891131469,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/slots/starlight-princess.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"17660-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RGyQMBi2jkLhXpk4IIW1OYOehKi3ZvMS8rrhqEO7IW1lMPd6%2Be%2BmImpQPH19pvSNH4%2BfbMrfgBrpsd96rmtlC%2F1FOQLUwSeNn5lWAbIIPba6ojHIvBH4ftPOmSK%2FKA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31533a89d723c-OSL\r\ncontent-length: 95840\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":95840,"size_decoded":96845,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9824b494b8ade7c0157812b4aacaec2c","sha1":"d57539bf59f9115e0ed688bf2a0d6c52463e8fcf","sha256":"6c5adb95eeb1a45770a8d30d019378335141a52e1af4472b0cf4b4645ed93f6f","sha512":"e1942c4af37eb41984eb54b63afdf61f4264b023afcec48b8fca603883093002d21f90db0aaec5ef65ff0bc485fa5991eba74393b18181ea1c146c039c058d42","ssdeep":"1536:HGXhI6Tit+KvC2DM768fnbxPExl0l9lWlXY+nuCnt+8V+b5I7GKI6Izs:mS6Tu+KvXY7JfnbxsDa9liXY+nDt+8YS","tlshash":"769302da9eb729e7f6419b36062479c256fd49dd66239e3032c9e18ccf740f442ce892","first_seen":"2026-07-10T09:45:03.50984Z","last_seen":"2026-07-12T22:01:35.260154Z","times_seen":17,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":68,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/api/media/393c7c15-55f1-4872-9e8a-8c4031c9fa10.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.022Z","timestamp":1783891136022,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /api/media/393c7c15-55f1-4872-9e8a-8c4031c9fa10.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ib%2FOPrmhGx%2B8MqEqW6bMnfp3KKXhU8QCnZkN9J7PfN0ymfbCwpRbqQ9LQ61l0fon8HCTYLQw%2Bp4xEzed1KfphRchlwIo6G9OAbR3cypKfSL8r2V2m1C18V5atn%2BDIw%3D%3D\"}]}\r\ncf-ray: a1a315502f0c723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":147468,"size_decoded":148481,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"3907fc5dd8d6104080c97e7198a11879","sha1":"103438e410b11e541f5f565b8bffadf10fb53257","sha256":"418df053ff23662b34c7498396d726bc84be81982ee89cc1090161b23ec35175","sha512":"5a2bd52f9e64befa1bfc4292d5683f7a55ce12e7f27a371039be3dddb1598ef76de05ab64774813ecc2f850ff86de8b30ebcc8c43759484b548a1795889eca84","ssdeep":"3072:3dJOJt+Va89AFduFVRqBVjdpCJXOeKr61821ImD6IuxV:3dkPu9AbRPCJjK217v6I4","tlshash":"50e312a450a464d4c36163530e10d60ce8d86fb0962b0ae0f8e5bd8f786fe59777fe40","first_seen":"2026-07-10T09:45:03.571625Z","last_seen":"2026-07-12T22:01:35.273089Z","times_seen":16,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":77,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/games/trytostart/2032.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.155Z","timestamp":1783891136155,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /games/trytostart/2032.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"13a12-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F%2B5tx5jxLnpt5%2F6kBVRV49%2BzxFVBKe775RktNmtPKdVM0w27nnrb8BLgXtflgcooEYHLg6j0I%2B3hMTvXxBEdoPLcQe9HuQsO%2F1bJwtpxq1MZuaRKyuaQNBQd7JJyWQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31550ff42723c-OSL\r\ncontent-length: 80402\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80402,"size_decoded":81335,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x1714, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e7dc4522e10474c081773974610ab511","sha1":"3181b650b874a6f00af8cec083cc17dc01c003c1","sha256":"3c6e6e37ff2520c65c5ad44b99b019b5089360f30b99a435b54e11d80908704f","sha512":"3756ec09c7d883607f9bedceabc3d21dd409db40a12bdef1972a83395e851e570d605bfe51318ee476215efe60ff6a1416ab09a70a33914efcde43b792f04c47","ssdeep":"1536:MYPvqxixFFUpIiaxvmXukpnHyAlj5EYGw4n68VVHiP2:PPHeifxvmVHDOyO68fCP2","tlshash":"617312f11f9a0df6a1ac63a05a91c95e33bc1b5de1c745ff06c58e28f62e04642e4e6c","first_seen":"2026-07-10T09:45:03.513887Z","last_seen":"2026-07-12T22:01:35.289626Z","times_seen":16,"resource_available":false,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/avatars/avatar-01.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:19:13.825Z","timestamp":1783891153825,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/avatars/avatar-01.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:19:13 GMT\r\netag: W/\"7aa2-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NjWZdPCwewrqM2ZSc3TPnMhlHkwrx0jB4HNYnwqL4PsyjAWYqUDj%2BFV3C8Uzvw%2FiHBbDbne5EK5V9htcFHlqWW%2FggWajAqsyH0emt27sjILeuAQkx4UjnabvIKyfNg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a315bf68b5723c-OSL\r\ncontent-length: 31394\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31394,"size_decoded":32394,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"5509ff2b421b108162329e8480cbf42a","sha1":"3072d660a2b73a831d89a61be8422498eb70923a","sha256":"395e861b9886862ff3c0e250045d90084dee194225fa87649ff810a93029cf72","sha512":"9f23044ac22cde5a69e0c215d9bf1b2cc7cc81d9653b82b6caecf195dc9de2bdce6dc2fbe57f8d243fb042baf5bb7ea9ed2f18c81486635b520ff91123a4a576","ssdeep":"768:qLVZRKuBtND4jceGyr8Ee4m90bm9JIqXkeRDMB:qJK84HGysp9FX+B","tlshash":"d6e2f194db0488e1a2646f155fd0aa42131ecdba610a2f7f13fa4fc133eee6489f2591","first_seen":"2026-07-10T09:50:20.394431Z","last_seen":"2026-07-12T22:01:35.25383Z","times_seen":13,"resource_available":false,"data":null}},"time_used":147,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":124,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/6477-9e02b2a147e40874.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.417Z","timestamp":1783891131417,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /_next/static/chunks/6477-9e02b2a147e40874.js HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"1f6584-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oxjDo3PXGuayT6S5wsMcV%2B1B79h1NVJpyz0rcFo3zCXtC8n%2F1g5%2F5Qr7gv5OuLEqHV9YaAge%2BRitVimIVSvR9lBa67G3eBhc6YHwLTpKvrYXC64%2FUIuvRe5Bmp%2BYBw%3D%3D\"}]}\r\ncf-ray: a1a315335856723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2057604,"size_decoded":579580,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (58638), with no line terminators","md5":"b66b4adf96b34361e624085bac02f4dd","sha1":"2de8fbf5f39e235c724e087c37803769892783e5","sha256":"1a3cdfb687ced8dcc7ab9067134bd56a92782f468c26a9dbe595515555b9ec17","sha512":"7794ef09a3b5ad4c01e2c14b4f1e7723e8dc4b5e1ad6a148c4854ca3046fefb331e250302714bb016dfa238618c722f3cd56f8d87a0fc4f427227934f0dbc757","ssdeep":"12288:8YvBFTs8FN+95dzoX8i3UEPLBTXyXTUCI3184x1BZcWt/6BHsYfowoy+INtbkflV:8YvnXFZ848GYfowoH","tlshash":"77453918872c38b743dd33d136ce0f7aabec09b2a4d2d112dcbe952c62acd74616d659","first_seen":"2026-07-12T17:38:11.894837Z","last_seen":"2026-07-12T22:01:35.275068Z","times_seen":8,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":125,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/slots/wild-west-gold.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.459Z","timestamp":1783891131459,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/slots/wild-west-gold.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"1267c-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=050Y9c4om32%2B2lGvryKM9JzKH8bspJ7FijZ6bgm0JJ8%2BnDigEjslX2zzbFVu9PEt%2F7S78T%2FljwVVtNI8Q2326NjGQogFTvv%2FMKFsZDwUezp%2Fuimbw2bcXiSbaeIZJw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31533a890723c-OSL\r\ncontent-length: 75388\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":75388,"size_decoded":76395,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"a4d08f2ce7d608f3f8c032b0822a72b1","sha1":"4af5325f2834e09cbac50c22145eede287e20ea0","sha256":"3f856fd2ffad9148db6e06b06306c8753774c51fe02bb3f189702b14d0be6a30","sha512":"e182a41e1df5f49e6bcb4212c0ff417ad34a0534fa86c3f5f8350230b00325b85b15f065202c4745694b6e742793208ffd6ef59fef11f2b3f62f212f1ecb72d9","ssdeep":"1536:xCht2pj7iiYngyCZguVap90E6+dd5QHIyJtiQj3Yj339wQOVMP:whYp7zIDuVapeEjdd5QHVt78j3tIOP","tlshash":"c77302ac830ce2953ee17c7bfdd56457c0804ae6326b5ec92a01b4d61737ce5cad3a1a","first_seen":"2026-07-10T09:45:03.496757Z","last_seen":"2026-07-12T22:01:35.295138Z","times_seen":17,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":51,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/avatars/avatar-09.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:55.893Z","timestamp":1783891135893,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/avatars/avatar-09.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:55 GMT\r\netag: W/\"3b6a-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\npriority: u=5,i\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LmAcBqhiHck%2BXemkpg91oAIWTuTFrg7z918nFMBMndX1mbjE9ZJqwjOBfI3B5Gu8CAmZx8xP9%2Fw38xTp5sKf1%2BXsxJxuL6uJW5zTxMQxiIF4BIyNDo%2B0n86CRNFOhA%3D%3D\"}]}\r\ncf-ray: a1a3154f5ecb723c-OSL\r\ncontent-length: 15210\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15210,"size_decoded":16212,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2a78743d1476c3c31c278098d05aa442","sha1":"0171fe525153dd0fb03255535502ecf1262e0458","sha256":"c3e6f099611d8d3faf622bf7a6f48302be66da2d4a26e2463f8977462024ae11","sha512":"415db81487d3880d7725c004ae56deee7809dbcd6a946761bd15aafa00ddb2d24b21a2a48c93f3db855114b2d4a698115d3612473cbd7f13fbd95668d4e776c3","ssdeep":"384:NbMdd3BQ7u8wpujsdFXaNfo+PQ615yq1jQS0w:NbMdrQ7ubkwdFX0PQlqpQS0","tlshash":"f3628d09392245a4dfea2bbafaac160f88338c773c2105ff8d3491167503d91d7b9b24","first_seen":"2026-07-10T09:45:03.573888Z","last_seen":"2026-07-12T22:01:35.301749Z","times_seen":15,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/lipis/flag-icons@7.2.3/flags/4x3/br.svg","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.020Z","timestamp":1783891136020,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2026 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 20 May 2026 15:48:47 GMT","end":"Sat, 05 Dec 2026 14:48:47 GMT"},"fingerprint":{"sha1":"D4:05:C2:EC:C7:EE:2B:D0:08:68:0D:3D:33:77:48:78:43:E7:D1:E1","sha256":"ED:84:90:EE:71:BC:6B:5E:B3:D2:50:B0:23:3A:06:0D:E0:50:C6:B6:A9:09:36:E6:CE:FE:E8:66:89:EB:4E:C5"}}},"request":{"raw":"GET /gh/lipis/flag-icons@7.2.3/flags/4x3/br.svg HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-length: 2769\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: image/svg+xml\r\nx-jsd-version: 7.2.3\r\nx-jsd-version-type: version\r\netag: W/\"1fa0-F5abWsDNckUsWGPTTgDw9d7Bxs8\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nage: 982634\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\nx-served-by: cache-fra-etou8220094-FRA, cache-bma-essb1270037-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8096,"size_decoded":3517,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d5fc3717384cd954040873edb3061a68","sha1":"17969b5ac0cd72452c5863d34e00f0f5dec1c6cf","sha256":"45531de3e2b3e8a7f6db53f8021ba18482176600bd5cf66e547b3e7fc8aa99ea","sha512":"8d13cd413061736f506d580b37924aa472c3cc472df3961cf5777e73b670db829359980ebf3f4f1090f2ab023a793a40790916e78649a348dfa8913dd236c92a","ssdeep":"96:0GRMoBsOat6xhf5W2JGRU7edrp39bgWT00zmkJ14JVK8jWLJ3pkREYa:9RMoyOait5W2JGZXn9efTOpeEV","tlshash":"1ef189bc466cc2ec9ea696bc9f3ac0e0920de1eeb1e5c351a76cc17026935c9e14f456","first_seen":"2024-07-04T03:51:54Z","last_seen":"2026-07-12T22:01:35.254723Z","times_seen":120,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/vip?_rsc=1otn0","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.212Z","timestamp":1783891136212,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /vip?_rsc=1otn0 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RUeS%2BwSWI1xJ%2BXqkmAbqkWz2Z7DQwtm%2B00Y%2BMcCpPo%2Fikw8zaAceU62%2BjzBClGErSHiv5pEaJyS9BJszVQM89L0Rb2%2BTmukJXORfzdtoITc%2FiIgZHdj2okMEs3rpew%3D%3D\"}]}\r\ncf-ray: a1a315515f54723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":1202,"mime_type":"text/x-component","magic":"ASCII text","md5":"9031317fd0e3ec6aeda46a94c6ed7377","sha1":"9a8ea25a9dcc5262d71d07d196082de5048cf31d","sha256":"de9c10d92f2ceb5be34715f7c33ec394dee95576adaf6d07ba05ed243a05de2b","sha512":"76ef7a530b2231604ff64a7a961a4c91548aa2cdf60c998c67f571a2dba109f4cb84860c2d5582bef620b24aa0ac9d86baeb4863ff1e2d8250a9b7df9368d9c8","ssdeep":"","tlshash":"e8c02b3146083ef66cbe2898456dc70f360e420f30c810f0f0934a10b73b02028075e8","first_seen":"2026-07-12T17:38:11.801639Z","last_seen":"2026-07-12T22:01:35.3Z","times_seen":8,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.437Z","timestamp":1783891131437,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: application/javascript\r\nexpires: Tue, 14 Jul 2026 21:18:51 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I%2BacCltGtADA9XVWcVulIQruo7IC%2B9mIT6E5F9wmO83ID2JSQsFsMDDa9s7eqlZNFVe4BILIB92KVmRn%2BupCpcgYX8bS%2FNbKfMNZ0beZyDZLls%2F8dySjZuDPOAH8tg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\nserver: cloudflare\r\ncf-ray: a1a31533787a723c-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":1292,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-07-13T12:16:58.694482Z","times_seen":394696,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Rajdhani:wght@400;500;600;700\u0026family=DM+Sans:wght@300;400;500;600\u0026family=JetBrains+Mono:wght@400;500;600\u0026family=Fraunces:opsz,wght@9..144,300;9..144,400;9..144,600;9..144,800;9..144,900\u0026family=Inter:wght@400;500;600\u0026family=Caveat:wght@400;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.628Z","timestamp":1783891131628,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:24 GMT","end":"Mon, 14 Sep 2026 08:37:23 GMT"},"fingerprint":{"sha1":"85:D0:EC:C2:01:33:25:23:96:FB:2B:54:90:54:84:07:0A:49:1F:03","sha256":"9D:7C:1C:9C:6A:25:1E:17:E0:DC:FD:42:95:CA:47:3D:C1:9C:20:FB:22:47:02:E3:27:EC:7C:62:03:30:83:BA"}}},"request":{"raw":"GET /css2?family=Rajdhani:wght@400;500;600;700\u0026family=DM+Sans:wght@300;400;500;600\u0026family=JetBrains+Mono:wght@400;500;600\u0026family=Fraunces:opsz,wght@9..144,300;9..144,400;9..144,600;9..144,800;9..144,900\u0026family=Inter:wght@400;500;600\u0026family=Caveat:wght@400;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 12 Jul 2026 21:18:51 GMT\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":33010,"size_decoded":2222,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"32e4dddb9ddfa22e604b89feb79021fa","sha1":"85662379533538a20c85b10fbcb103096a5c0f96","sha256":"f2b588ddc7fda434d3958e3290a0ce63b7a78155d9aede23ca79cb2fb55fa7f7","sha512":"6b3f36bceb7273ac0bd5b7574692fc5a64d9331e937271eaf31b1bc253a029e9d4fbe24db0f7f24e332a5d6639f6ea56c7cb1b9f6ab78c74350ae29547668589","ssdeep":"192:pRZyKjgRgPKmZwi+EwD+rw8+Owl+M0M0MEJMwpMpMEUMwXMXMEeMw1M1MEoMwWME:TgDkisM+N7xTXuM0pxOGC6Ca","tlshash":"5ee22191042ba400eb831cc233cf7e36ae8e61556085d5b99ffe1c98aceac7a537475d","first_seen":"2026-07-10T09:45:03.555282Z","last_seen":"2026-07-12T22:01:35.298168Z","times_seen":17,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":32,"connect":20,"send":0,"wait":40,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/avatars/avatar-02.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:55.897Z","timestamp":1783891135897,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/avatars/avatar-02.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"88c0-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3ksXQXAZJ6vn%2B2QrdzNbW5BhyjxuFvcSQ5CYrZjd7MXBeXdRxjfnmc6oSQphr7QYUJY9bGytzA7XgfBmkiL05uh%2Bj4bjKL72D25ANBh1jIwTruKTQzy%2F%2FtrVKGIMVQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a3154f5ecd723c-OSL\r\ncontent-length: 35008\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35008,"size_decoded":36010,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e24a10a59b8477837b5c35ebe08bab8f","sha1":"8fe74c26ad32ec7aaf96ba81351dd927422fd32a","sha256":"8e6e00abcc1788dd41e9d7d17fca30cef3556aacec8fe332b81f78d694282228","sha512":"cf3153db4a58a8ac1ad8c27b900fbda406340d20a6715d6ce1339f26242aef3f68acafedc3f87b787d029c4c5fa9cb7ec70ab1a495fd29db7945f09e3b6706a3","ssdeep":"768:r4q8fc4wlex68jL0fXMNTpWxjJN6MfnVTMiYd:rmO06CYXglUdgaVMiYd","tlshash":"24f2f1400d366927ff80a08bb92d255931c0fcb79be814a688ed79f2860fcd756b935d","first_seen":"2026-07-10T09:45:03.442356Z","last_seen":"2026-07-12T22:01:35.283457Z","times_seen":16,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/lipis/flag-icons@7.2.3/flags/4x3/us.svg","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.026Z","timestamp":1783891136026,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2026 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 20 May 2026 15:48:47 GMT","end":"Sat, 05 Dec 2026 14:48:47 GMT"},"fingerprint":{"sha1":"D4:05:C2:EC:C7:EE:2B:D0:08:68:0D:3D:33:77:48:78:43:E7:D1:E1","sha256":"ED:84:90:EE:71:BC:6B:5E:B3:D2:50:B0:23:3A:06:0D:E0:50:C6:B6:A9:09:36:E6:CE:FE:E8:66:89:EB:4E:C5"}}},"request":{"raw":"GET /gh/lipis/flag-icons@7.2.3/flags/4x3/us.svg HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-length: 308\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: image/svg+xml\r\nx-jsd-version: 7.2.3\r\nx-jsd-version-type: version\r\netag: W/\"288-N6tykxPUfRT2NzJqFDLuAuYttUQ\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\nage: 982610\r\nx-served-by: cache-fra-etou8220072-FRA, cache-bma-essb1270037-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":648,"size_decoded":1054,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1d23b9509d0a0a828e3071096b0d2edf","sha1":"37ab729313d47d14f637326a1432ee02e62db544","sha256":"e7be4240cf57987926673708f09233be1ab6bdf35acc7b86bd32a263f197a2a7","sha512":"b658ce1342283e8c9155e9f626a9ea094bbf2c7094e59459b3bc262384bdfd65b170b6110935c9d3a2989cac6e24efdbbf06e73f9fa9fe74119e60595d8e8650","ssdeep":"","tlshash":"80f0f4f1d2ece5a8851136cd1fbdb6a823d8bea806400dbba04c3c6c2425d7667835e8","first_seen":"2023-12-20T14:16:02Z","last_seen":"2026-07-13T08:02:39.907134Z","times_seen":4057,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/withdraw?_rsc=1otn0","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.225Z","timestamp":1783891136225,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /withdraw?_rsc=1otn0 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QMgyaUus6WnZJpvxG5BfglKZtZoigN%2Fkq9zkYx4BOMD4VUgFCsSW4HGqtwNIYpXL8qt3SHviCt5PF8ngfB41ltRvNjhLpPyS6b4r%2F%2FR%2FoYeIZZv1Noyf2CtWlMctJg%3D%3D\"}]}\r\ncf-ray: a1a315516f59723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":156,"size_decoded":1199,"mime_type":"text/x-component","magic":"ASCII text","md5":"dcb549be020f0e7a3b103927874114bf","sha1":"b21576a9bfc89614dd34ec0d3389a3458f90c15e","sha256":"752f22910f45fdce9245374bd634c27fd5403d8ef4779bc0e2637ea94e7ff9ab","sha512":"86dd330c10a28f8805d3be9a8c3a7f01c16b290e26f56a5f35114ce9bb3375dd1d7a208fc7a5dd379990b3fefe77954e7f964c9bec4a64c40ad173467bf03499","ssdeep":"","tlshash":"41c0806141093df55df934c405bdc60f351d420b20d4d0f69057c5117b3701008075d4","first_seen":"2026-07-12T17:38:11.843779Z","last_seen":"2026-07-12T22:01:35.26804Z","times_seen":8,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/app/(main)/layout-4d27638b938b6895.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.425Z","timestamp":1783891131425,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /_next/static/chunks/app/(main)/layout-4d27638b938b6895.js HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"e184-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w3w6UHWL7LTHmoXE7IUVtyE%2Buri2frkon1e84aTwi7JdbCQoxu5ypias%2F9qKU4sLzZwynTVwpllZtn1yIJzstEYFo2T9xjAd1azU4ExS3Jxk5MPelMm3yrIyjuXIKA%3D%3D\"}]}\r\ncf-ray: a1a315336863723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":57732,"size_decoded":17927,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (55907), with no line terminators","md5":"bff7621c687cd5d0f66ebf66ca833cfd","sha1":"cd1f50b353365d253742afdf6ae67fdf39795351","sha256":"d28666a9634510936f8d64bbba35597f853a668c80009cdb3607125168eefc37","sha512":"b25b6d5745ac6e3165fcbcf29518a315ad942447a0a7dd97c02324c08a791d30f9eb178fed39ee9f4b5694defbccc9c1b7ec56764182c26bcb50a4158aed6dfb","ssdeep":"768:f4f66H0enWAvs3/94888itgZ6E9hHnIiTuJWxdlBLdvHT6tyaz3DXE7ir3zeZ6z:fcrnWAkva888itgXhNrT5eDE76zeQz","tlshash":"f2430935aa073d18f63f81c9778f550eb15fa924fa4f4538ba7e2c3212584e4b226bd4","first_seen":"2026-07-11T14:42:52.99703Z","last_seen":"2026-07-12T22:01:35.313706Z","times_seen":10,"resource_available":true,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/webpack-88bb21cc9b698da8.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.402Z","timestamp":1783891131402,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /_next/static/chunks/webpack-88bb21cc9b698da8.js HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 21:18:55 GMT\r\netag: W/\"d78-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JnQVCEXXx2npH9Ca9UvQJyM%2F42PlG8s21mBRq%2FzwsSfawU9aC7rge8aSGd3%2BBRJmsE9BubWeC%2Bd%2B2FmkHzmNlEKuP8yYwt57ZjMBaOj9UJyVUvWfK8wVUnuP6s0X%2FQ%3D%3D\"}]}\r\ncf-ray: a1a315334842723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3448,"size_decoded":2736,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3448), with no line terminators","md5":"a6e899e41a949fba95deb581bb003e29","sha1":"89ba1afcdead5a1d29e3f536b345fae2dba1b13f","sha256":"6e412f48b783c41ca2068b946c56cd6312c80b2d3abffb6dbfd140e72c87ba60","sha512":"37f42a21cc92480d8f99693a786fa2152a4eb6e87e9543a80d7e50e46bc07d6baf311b4dcee59547fc6bb6e1af56aee9c0ff37c864449797ef34c6bfe4d4b052","ssdeep":"","tlshash":"0a6195a93625f9b556f108868c7ed142f21a6037051af8a0e717dcf9b464ae20562ff3","first_seen":"2026-07-10T09:45:03.472302Z","last_seen":"2026-07-12T22:01:35.287927Z","times_seen":17,"resource_available":true,"data":null}},"time_used":4094,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4094,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/slots/aztec-gems-deluxe.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.465Z","timestamp":1783891131465,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/slots/aztec-gems-deluxe.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"1d528-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6Cd2XSkZZ0Xg6DoR8NTjLWCgjsY4pFliJIjNDbh2baC90BjDW4MMhvBrYHKdkYWL9mGHaxPwkTKg6Z2olkzF7mGXHhl6NAMoFDOdVP1NK2lubKhuURtO2uPfY7Bx3g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31533a895723c-OSL\r\ncontent-length: 120104\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":120104,"size_decoded":121100,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"33a0becd3951ca3fdd35c7dd1da54efd","sha1":"a17632960f7cafb9b4ef525b69cbc0e14895364d","sha256":"4277a6f42779711e0e082be210ca816b7e1246d82b944293b069fb7c0523ce4b","sha512":"889704cb60a85169d9c20b1477000d987223e145510da6bbcd12f03b7edcf1cfcea299b0b6cf25e9eb9a73da46280201cfe594a6caed250ac2de13b1687c6d74","ssdeep":"3072:+gIA0CnPgRcql+4/sEs9QsChmvHRo/3aNJ5PvU:8YoP5BMQs8mvxWsDPvU","tlshash":"b9c312966367a2c3fc6a5f5c6a8d9d29adece217388b935f4d7c2163de40122cc5e403","first_seen":"2026-07-10T09:45:03.518594Z","last_seen":"2026-07-12T22:01:35.316474Z","times_seen":17,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":74,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/avatars/avatar-12.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.011Z","timestamp":1783891136011,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/avatars/avatar-12.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"12bc6-19f126f7068\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:01 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9LuVXROoYLgL5b7MbaU6TcFVp9G5N3%2FfW%2Bpqane8NU1UGXEDBsigLvkikCbpyu9bcKOxI%2FlkFd5YYJciwGnUd0ECT%2F4%2F3c5QmuGyo5dafGTQxzUEyV%2B%2F8QPJTYLwqg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a315501f09723c-OSL\r\ncontent-length: 76742\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":76742,"size_decoded":77751,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c35c1f1f8d87f2422799f9d9af427033","sha1":"5093a2f29b0632465cea85b65bb78d294e740de7","sha256":"ddd3bae877e7d338d3b4f7be9a49fd75bc81b80cf2a01f3832c390dfda1c53df","sha512":"1a62544cda0cabf2f240441ae1df8b87ab97f99d1dda8c161afa0ea5cb105211cb8055d5a20e3a8a60144c4e4896cd2aca94881c1583b2f5ead543b225ff7040","ssdeep":"1536:KZCv5oKqfLXRczTUnZFdIqTXsqqDQE6giYWyS:1BoK6LXKfgdVT3/YWyS","tlshash":"4c73028e9af50172e91dfbdd7eebadb1e79a71c625d7d0aa38040a00b05061720dbd0f","first_seen":"2026-07-10T09:45:03.502567Z","last_seen":"2026-07-12T22:01:35.289066Z","times_seen":15,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/giveaways?_rsc=1otn0","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.217Z","timestamp":1783891136217,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /giveaways?_rsc=1otn0 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XF5bdR1AerMd14vb%2BvWAbOSAOsn0BAgZLIxRhLdlfQKo3z7D0v6Y8ScBh%2Bq3jfpYjazgXrnUZOMHgmMMJtOusF8uTBPeA8sUcw5zVa%2Bmf9oLJt9iQpXTo04pRXrR6A%3D%3D\"}]}\r\ncf-ray: a1a315516f55723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":158,"size_decoded":1198,"mime_type":"text/x-component","magic":"ASCII text","md5":"0bfc3fd789c82ce146c5c12e2b511db7","sha1":"3bdeaf9b85ac35f5a912f96011769c56a1621960","sha256":"f1dde4c7e13818a4c848796b954ce0c1235716f5f2693b720dc202837c22478e","sha512":"f8fec6d2482f589d0d186e791ade1700e2eedd7a3bc078fe1424f7a0d70ad2457ee8fe491daa0d7d5095c346c8faa23b0b68f072c8e538df98e5a3251fcac332","ssdeep":"","tlshash":"7ec08c22420c3ef66cfe2a99286eca0f360e413b30c450f090e38b32a73b12008035ec","first_seen":"2026-07-12T17:38:11.809568Z","last_seen":"2026-07-12T22:01:35.274384Z","times_seen":8,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/play/vs20olympx?provider=pragmatic\u0026_rsc=1otn0","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.395Z","timestamp":1783891136395,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /play/vs20olympx?provider=pragmatic\u0026_rsc=1otn0 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uITjkSalslJRz5Zc6OEKBDlVchXKasEPAwTNSGdgRKnpFDE0DvDJBSu8Pl5p3QL8z1ljJH8Nfxn37GnQ%2FqfmwnO0xEhG%2FeRKd8hOc4BKk70U11YIoIC5XlDdk0Sgag%3D%3D\"}]}\r\ncf-ray: a1a315527f83723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":218,"size_decoded":1230,"mime_type":"text/x-component","magic":"ASCII text","md5":"d8a630dc6bded0f890ce0e6f1b87a2f8","sha1":"312baace2a8d4d83da7690fb50da433f3042fc79","sha256":"079ddc09e7f26a8bbeebf886b27703b895f36c9fb6ff8e721cbe410fb62fea60","sha512":"9e458527f0bba7c7d206b1e32f09be3d90948f3bfb3d08f1c92de16d0db041ce97bf265371c1dd8a23a1eece699ca9e4c86f93a53c95ce1e2c613e741d5dcfda","ssdeep":"","tlshash":"12d0a72642053af56c7a28c805bdd65fb51e519ba1c846f550668a35976303129035e5","first_seen":"2026-07-12T17:38:11.884346Z","last_seen":"2026-07-12T22:01:35.269174Z","times_seen":8,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/avatars/avatar-09.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:19:09.328Z","timestamp":1783891149328,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/avatars/avatar-09.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:19:09 GMT\r\netag: W/\"3b6a-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\npriority: u=5,i\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YiNXp0%2F605LJWmLq4hQSsmUYINFllq4ocZOrUMm4BYI0djjzcyFpOuOBnhzDvy5tGuhgPNzcmp2PAsEoEQH5Y28mX8BX1vJmHUS2YYnAWt62C8LlQZQaNoVOylu8lA%3D%3D\"}]}\r\ncf-ray: a1a315a34b79723c-OSL\r\ncontent-length: 15210\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15210,"size_decoded":16209,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2a78743d1476c3c31c278098d05aa442","sha1":"0171fe525153dd0fb03255535502ecf1262e0458","sha256":"c3e6f099611d8d3faf622bf7a6f48302be66da2d4a26e2463f8977462024ae11","sha512":"415db81487d3880d7725c004ae56deee7809dbcd6a946761bd15aafa00ddb2d24b21a2a48c93f3db855114b2d4a698115d3612473cbd7f13fbd95668d4e776c3","ssdeep":"384:NbMdd3BQ7u8wpujsdFXaNfo+PQ615yq1jQS0w:NbMdrQ7ubkwdFX0PQlqpQS0","tlshash":"f3628d09392245a4dfea2bbafaac160f88338c773c2105ff8d3491167503d91d7b9b24","first_seen":"2026-07-10T09:45:03.573888Z","last_seen":"2026-07-12T22:01:35.301749Z","times_seen":15,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/slots/mustang-gold.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.457Z","timestamp":1783891131457,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/slots/mustang-gold.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"127bc-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YL2crifbnoB8S1txk9ZWdRMVzXhsUeNf%2BoST3wpoT2n6h2X0iT0jsuv2DeinyoxStyVLdbX%2B%2B1LnDEla%2FHL7Wt3ll8G78RSEZW1O9JK9jRyyidlaohFbOb07uZbQNw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31533988e723c-OSL\r\ncontent-length: 75708\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":75708,"size_decoded":76711,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"6ab241a7011336ffafef1ebd67ec8f1e","sha1":"3ca9a556b634622656866885324eaebf326f9368","sha256":"84c0464497b0d3865d6e034f1bac30e08fdd9bb511aea21786fc0b7201614db4","sha512":"a39af5b7e6cdbab5a5d79334fe1308205ac5657d4a379e639324523c4048f4e910f667b553ae09ac4d0f35f9630d250dc8475d97d65e5cb5e2abb3df1d87d29d","ssdeep":"1536:tI+PhCbNLoTfYF13LlEZeBu/KQRSV443SRSi5TwN9Qg3j:u+PsoTf4YgBGKRG434Si5TwLQ","tlshash":"407302efca561fc4c4432938759e31eadd13765e6ef13e961a0048755a032a1886efc7","first_seen":"2026-07-10T09:45:03.435418Z","last_seen":"2026-07-12T22:01:35.266508Z","times_seen":17,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/api/news?locale=en","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:55.811Z","timestamp":1783891135811,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /api/news?locale=en HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 21:18:55 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kPEz32jsI2TX%2BeVr1By93yDltxaKeN6k82kG%2BjYmnFGpahkljyVHUtUav4RPly5FXMfo9BoUtbhqJEFktE%2FBjM4FNdVxqcDIyQftUYKn%2BcwEh3FzznPxEC1c7OK%2FAA%3D%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: a1a3154edeb3723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9990,"size_decoded":4342,"mime_type":"application/json","magic":"JSON text data","md5":"dbbd633ba2174e0e5c4477000592a2a5","sha1":"94b55540610452e55172b8f694c8d211023567ed","sha256":"5d4f2f6a920a9a3299da5cec7a65b490359b2539503092c8ed47c3c4769cbf80","sha512":"ab2e84fe7076c5805df542982b8462a15921a3255c75049ceed709f936eead2b6a519ed68e3c0f178137db7cedea4e5f0a71388d48bf49665a62ffd64e9369f1","ssdeep":"192:izTK2z9OmGLTNM+ny0xXAbu0JDL45yNsLzsfrEyl:z2zoz5dPxQDL45yNsnsjHl","tlshash":"0122b86d037918a4e73d0290980436af9a4db7f2e1fc7d5d2f89cb5d688989cc7085bd","first_seen":"2026-07-10T09:45:03.538242Z","last_seen":"2026-07-12T22:01:35.321706Z","times_seen":16,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/games/trytostart/vs20starlight.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.148Z","timestamp":1783891136148,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /games/trytostart/vs20starlight.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"36ebf-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wl4zutD9byNYEQSEduq6Es8xD8IGXQneSowCgXMlqTnPekWXQpHJ%2BpICvaCCBCTe9Lup06xAtNY%2FnKNBwNtuy0RqGiv%2BUbDIp3dV1R2o%2BfLMCcC13Cjqv8E%2F%2Bs6q1Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31550ef3f723c-OSL\r\ncontent-length: 224959\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":224959,"size_decoded":225893,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"4bf449fbfc039659ef34b9962ff3701b","sha1":"2da641dd7ea3cf3a23ce2c83561ae2ae2b0a9551","sha256":"b24676e15e785bad29cbb46cb5004ac2b2269a9477e9d32f78fdba386c3db3ac","sha512":"a60e70ceed2475517455e4d82f906db59c3f621bb408e7837a2bd475b621146856c799db265b184cb81a3d2d188b0c76f7ba59d7aeb518e602a02db3ff8057e8","ssdeep":"3072:zD4dZDNtiyjIyL1Q+kQtPQLQlNGqdZZL51YFbYqPCAYOss4R22g4ZXSNa/GnH:YfiAIuCQPmQlNdtYFwsL2lNr/GH","tlshash":"5f242349923e6d5f0a121787b8109e9dbabb33a74fa9043d70441be558340e1fbf1e6b","first_seen":"2026-07-10T09:45:03.532903Z","last_seen":"2026-07-12T22:01:35.310082Z","times_seen":16,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":88,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/games/trytostart/1067.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.151Z","timestamp":1783891136151,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /games/trytostart/1067.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"49757-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=otQpitiPEJzp3hYFsdmzcmSbAzcTbUJgLV%2BpNCEUYxNwxMZRho8TFxl8vmaWZmspau9IVloAmjOLqP%2FHN1QQdO2j6vrb%2B9De%2Blo4bEGIQEPmsDVN4vSy0%2B4v4908%2FA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31550ff40723c-OSL\r\ncontent-length: 300887\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":300887,"size_decoded":301821,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"31c37a2907e35d4375e0b638edf13841","sha1":"c6b60c2614f0065b9756d8e291e91b838b8becb6","sha256":"c838dc775ec2347f27cedfc6d53de677d89baf2c21b83080a151e87c9621b22e","sha512":"9b17bcdd06836e066649809af59c5ba06e9eab3611a79b35df184ae3a57eb28ac44fef212f8d95239ee8b31fcd28475dbedd7cd39ef7887033a402736ba90638","ssdeep":"6144:6+LrAwhkatFw4LIQEuihxRfQXp3RYRIzw:zL0wh9FPiZ8BRYIk","tlshash":"6e54232ae2211b4677c267b1e4a329aed1f65d046228e3fed661417fc1482ee31f73d4","first_seen":"2026-07-10T09:45:03.444324Z","last_seen":"2026-07-12T22:01:35.25531Z","times_seen":16,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":99,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.872Z","timestamp":1783891131872,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://serawex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 36932\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 04:44:35 GMT\r\nexpires: Fri, 09 Jul 2027 04:44:35 GMT\r\ncache-control: public, max-age=31536000\r\nage: 318856\r\nlast-modified: Wed, 10 Sep 2025 16:31:03 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":36932,"size_decoded":37745,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 36932, version 1.0","md5":"7c87a648293fbb5b2924aafaa59e8aea","sha1":"c57593e0adc4cf99dd9e67cb782242220a061a9d","sha256":"9fea608a947e67020c33cad9a6fe3d60c54119dfb8cff87768a8117a15ed7543","sha512":"764ced325a768dca84e1fb0cc458818239ce379dbcbdb324ee8849bbe15f54e3f0254ae6e52ee5a92741840637b4f9885d246a0978af23176b3acfe5b9cec23f","ssdeep":"768:mMQPOAQQKW6GccoXQ+OGpHNzXgtDM0SVu7P3nqtPl9Bf2csDpHUjbYE8j2:mMQz4W5og+tpH6tDJku73EPlPOcs5U/l","tlshash":"c0f2f23e7ea5691487c2b0be506b00935344c9bd37c18121bbb953f44ea67addc5d63c","first_seen":"2025-09-11T17:08:25.889763Z","last_seen":"2026-07-13T12:08:36.203591Z","times_seen":29708,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":44,"dns":0,"connect":0,"send":0,"wait":35,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/crown-icon-512.png","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:52.619Z","timestamp":1783891132619,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /crown-icon-512.png HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/png\r\ndate: Sun, 12 Jul 2026 21:18:52 GMT\r\netag: W/\"3d605-19f1a0f2520\"\r\nlast-modified: Tue, 30 Jun 2026 19:43:48 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nPxLi7AWAeeGfT7MUHCSDWPd5J0yreCPL3axUCtx7XbpkvNG0NjXAdve6IOTA6Mv1w3W%2FWuMxhmOt6rcFjGalm4557gIkNMc%2BSLqrQrq%2Bn8Cgnw9BwCteTT1CM%2Bi%2Bg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a3153aeb17723c-OSL\r\ncontent-length: 251397\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":251397,"size_decoded":252405,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced","md5":"80d4744555e10615fd0705451496696b","sha1":"cdbb7f742437134f1a5d60165acf86ad5213db97","sha256":"6e73823fa9392ebc0bf9d73a2d4125b570b38729f8d9ea310afa814fd6256abd","sha512":"c9bfda11e02a25c4582ae239c6e168d59accaa434e697ce2aa6d510edf759e3a24f623e9219961edf63a7a4a1f0dca027a8f06f505a2a544c73b0d3607457b3c","ssdeep":"6144:NVPLp8eA7j5PdHoachilP1Odjbn36A3EHgbmODh5d/FJH4VAvLX:NJNEtPh8ldjbnKTcp15ddZ4VAvj","tlshash":"8534232db096f918cc4e7f515e3d4f4a95b773eec97db804619865ae8a3d29030c4b2c","first_seen":"2026-07-10T09:45:03.470767Z","last_seen":"2026-07-12T22:01:35.244679Z","times_seen":17,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":100,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/slots/gates-of-olympus.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.466Z","timestamp":1783891131466,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/slots/gates-of-olympus.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"f0d8-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A3YOaLybAnemiUDpM95cVpJXIokGhytR%2FJ%2FI5%2FV99b89vhhwwl8a4VNXNnnTUi%2B38WOPXN9gZURJhxhU6Iz7%2B7x5AdaugRlDk5qUl8jkZrp4TkTQGiwfKBxCDAU1ug%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31533a897723c-OSL\r\ncontent-length: 61656\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":61656,"size_decoded":62660,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"5385dc5af3e323a64c8d460d53b38ea7","sha1":"afc4f25c210eac7f54158ffd13150d59beeeadeb","sha256":"5ffe571c58535b5f6923bf0b35f0b27c36c239359e768471b98115af0412fbd3","sha512":"c7a53ad11441621d6e599f71718d8688d94957852071c5599d29b56fd31de6c11780a9b5f21978ff6fdaad1893f2081d561f1687e0997b53186b26c744d0f1bc","ssdeep":"1536:GoHQqhP4lyxAukMALYYqYxxYw8XA6e4cr2Qfm:fhP4cWnMAI+xKXnc3fm","tlshash":"ed5302d492d4b92234c2583c7abb02585424e6e42712d59a737b769cfc32e89fcef885","first_seen":"2026-07-10T09:45:03.47386Z","last_seen":"2026-07-12T22:01:35.276397Z","times_seen":17,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/api/fx/rates","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:55.719Z","timestamp":1783891135719,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /api/fx/rates HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 21:18:55 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3NQxJih3I6v9hukek70T5HZWpuNUTzcKPeLAkxPr4lY0SomLZRZfsypYlJUJWBU5jYa%2FbqDSu6KgH0xr6XIT2YRKJLjEIsKLYSLtwnIH6AWcouk86pGvgklcpoq1DA%3D%3D\"}]}\r\ncf-ray: a1a3154e4e8e723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2515,"size_decoded":2468,"mime_type":"application/json","magic":"JSON text data","md5":"50841b8752636bf55e4a635cbe386b8c","sha1":"c049de7771cb7783675df2abda86000bf7f41547","sha256":"02e8828276ff632935cd781e21ba2b8eb04c807d1671ffada1b2289d5d8c13fb","sha512":"60b0e092e5a21b7714d5cf0808a6a021d64915e178ac4c839e6b9ccd09ba7c9e2d423b6eb2109f18685eff8276781d2fe55e39d39c7363b879d3df96ef4ef2fb","ssdeep":"","tlshash":"9f51b386eeeb19ef0366c8842e64569a3d6631c9f142dff3d400f780288367375a745a","first_seen":"2026-07-12T17:38:11.867592Z","last_seen":"2026-07-12T21:19:31.916683Z","times_seen":7,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/api/media/26e4d6f824b54c33b0666324cd0f018a.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.028Z","timestamp":1783891136028,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /api/media/26e4d6f824b54c33b0666324cd0f018a.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7l9FFBFVyGJVAXHoZsiPQMzB7nnRfab2S0n6Bk88zEHyqosuECjufIJm6ElMaUatic351Yw1COh9wdob0u7KA%2BRRpu5K2O4ugtnHyfXB7%2FGG9IR8p2oYhf%2FP65l0zA%3D%3D\"}]}\r\ncf-ray: a1a315503f10723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":99470,"size_decoded":100481,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x1446, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"fa3411773d93f8de394a5fe5f7fc908d","sha1":"3b32dff53270a2f61728ba8e80162adbcbdaa7fb","sha256":"ab21d29fa80489dcd0c549b8fc1a86a3883854dd2ea4c542efbf2cc690d98fa0","sha512":"c4cd3c0f88a40855b1fe0d1991f19afc3f824c18313f57e6f9e0e2fd4cb7930831e50fbce50384f9def5a4f387ff2feff9766cf755397d7513a4899ab1bb470c","ssdeep":"3072:JyMQ+X9mOqggzDkOgvxoepuPWEBfS2Q3lXH:rQuAdDBgZuxc2QN","tlshash":"98a312b3d82196792d1a31e3ffd4a1f64341a4636b2cd8ec88d78721e57f34ea324195","first_seen":"2026-07-10T09:45:03.511746Z","last_seen":"2026-07-12T22:01:35.267146Z","times_seen":16,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":68,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/api/auth/session","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.058Z","timestamp":1783891136058,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /api/auth/session HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nContent-Type: application/json\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncontent-encoding: zstd\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XzlbpolOXFNeV5f6ySplsg7NGlFv4MVcSvVFr40SRXtKNDSOlTcz8BGw%2F9XPFu%2Bl03SY1YOjwzGyx%2BCcpT030xS81RYH1VIwzg%2BUTYzU5Pyx1BBf5Ijjft%2Bd6qqk9g%3D%3D\"}]}\r\ncf-ray: a1a315505f1f723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4,"size_decoded":1074,"mime_type":"application/json","magic":"ASCII text, with no line terminators","md5":"37a6259cc0c1dae299a7866489dff0bd","sha1":"2be88ca4242c76e8253ac62474851065032d6833","sha256":"74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b","sha512":"04f8ff2682604862e405bf88de102ed7710ac45c1205957625e4ee3e5f5a2241e453614acc451345b91bafc88f38804019c7492444595674e94e8cf4be53817f","ssdeep":"","tlshash":"b9300000000000000000000000000000000300000000000000000000000c0000000000","first_seen":"2023-03-07T01:02:14Z","last_seen":"2026-07-13T12:19:44.824921Z","times_seen":271594,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/games/trytostart/vs10bbbnz1000.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.141Z","timestamp":1783891136141,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /games/trytostart/vs10bbbnz1000.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"31661-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mJ8WuIHMOKy3%2B2IdSun0tgQI3zZONIYuyQRKKZjd6vsCqey6Hcx3b6taW50mnvlz204lWTdkKGNy7YRAd5JAE%2BZJN0OTFmo%2BZmrVWXhiEDQEwVqAHhcotSJHLAs5Hg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31550ef3b723c-OSL\r\ncontent-length: 202337\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":202337,"size_decoded":203265,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"fc682a01b30969c31b5d2c66887d4be7","sha1":"605e59716ef7353dc35d0e7da342a8ee2a6b52df","sha256":"07a2e1c144e07f1aef4ef295b983371d4014290fe0386df6d89a2d63c600fe22","sha512":"e99d50df16f3783df87afd21266d31c1679b2718c11cdbb620c570be8339b4dd634b6869063c7eeb3e55c654eaeda751ef886809fe4ec45edbff01e5e8128258","ssdeep":"3072:+s2K0+E1BVyXNZdGahQpX10H3gIu4BgAKGMUy4e+qB3TxTp+K4ay62bB6+TDWOXd:FB8F0XgIu47KGNHzqwuy6qBdTDWOvA2n","tlshash":"d714227b36df3816e6c2a0768d7c5d279260a9e602f728d62c6173ead1358cf5017fa0","first_seen":"2026-07-10T09:45:03.494863Z","last_seen":"2026-07-12T22:01:35.31273Z","times_seen":16,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":134,"receive":81,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/games/trytostart/1352.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.153Z","timestamp":1783891136153,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /games/trytostart/1352.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"37a2f-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XONcUKO23UBjaRwYKO3NQ0MrAo7CWwEisu%2FZSKFcjDn6zI5KFzV1RXp7bsSAh0i91AJ3AU0xJj3EcL9dHaLuVEsygHcDwEsRKaRBxJz0qDUrhmGsuE5%2FC3fiyHT8lQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31550ff41723c-OSL\r\ncontent-length: 227887\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":227887,"size_decoded":228813,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"73175af9bbb796c9ff980818588755af","sha1":"12fa456b38b4674f9af18c3fcdd7867f791fad98","sha256":"d8d021ab1afb609bb0ce1937610b4cc1029c01efe935041569c240dd686f204d","sha512":"b468a98d7f5b297af1ba4f37596ed133b2d90064148c3bbc33e7bc217e6e1a41220c9c1c4b26e079a13400dcde8097fe94748df7fd9b13825bd6ee0008128825","ssdeep":"6144:5qcAhqfzGIpDobWf1WWzvnX840aumhm6YDbod:72qYW9WWzf84dBhsod","tlshash":"392423903e33db65a2778e3458fd93583b66e9069060d62cbcbb48eec524f93450bb25","first_seen":"2026-07-10T09:45:03.498623Z","last_seen":"2026-07-12T22:01:35.259349Z","times_seen":16,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.876Z","timestamp":1783891131876,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://serawex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 01:48:42 GMT\r\nexpires: Fri, 09 Jul 2027 01:48:42 GMT\r\ncache-control: public, max-age=31536000\r\nage: 329409\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-07-13T12:18:10.107777Z","times_seen":233449,"resource_available":false,"data":null}},"time_used":117,"timings":{"blocked":43,"dns":0,"connect":0,"send":0,"wait":55,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/predict-banner.webp?v=2","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:52.161Z","timestamp":1783891132161,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /predict-banner.webp?v=2 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:52 GMT\r\netag: W/\"763e-19f43a771f8\"\r\nlast-modified: Wed, 08 Jul 2026 21:34:35 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WLhpb3PgRvjpcXVebomXabZrdqaPj8NDbRoiw5fR3JU6Fp8geOKVy3SJRtwgqETcxezZ3u0Iv8pTCPnAZJDvfO7ijyMBnyEGtUL3ALVhJ5dgHbth0jjMhjROLA4nsg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a315380a51723c-OSL\r\ncontent-length: 30270\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30270,"size_decoded":31264,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x893, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f476b1ccbc123437a7b7358274626d97","sha1":"d4c5e7152a7061a5b8931bef466bf9daa34897c0","sha256":"d1b4bf3a703a70b2d125e2ea489dde042d66aac73538bcb0f9c773cb16c8b819","sha512":"c6846787fd7dac1965d5792bc2102d6c2b7e2f0d2e1cbe179d0cceea985c7004f24ec26568eadd6db023d64499e227965f30ebd084cb78666391ff109f3fd343","ssdeep":"768:m0OJ99zV1m/W5ZS4QxA8e/WA0ik9E11OJW1amWRng:mv9SGSVmbLk9E12DmW9g","tlshash":"87d2f13a255e166f7ee8a814b1308017902fff35ca375e6f9c1052e1e9b2199a13469f","first_seen":"2026-07-10T09:45:03.557227Z","last_seen":"2026-07-12T22:01:35.257547Z","times_seen":17,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/play/vs20fruitswx?provider=pragmatic\u0026_rsc=1otn0","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.318Z","timestamp":1783891136318,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /play/vs20fruitswx?provider=pragmatic\u0026_rsc=1otn0 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EORppPrWqgSI%2BJCZksFyEyElErLkBe6tV%2FTjKsg41LqYbwP8vF%2BQgXPiX0riUSL6lW2yFxcg8vpDt37qvku1TrMdFvAjc1em2PU%2FbeKnoiMxTYTSUFh3pk0%2BvBTYxw%3D%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i=?0\r\ncf-ray: a1a31551ff72723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":220,"size_decoded":1238,"mime_type":"text/x-component","magic":"ASCII text","md5":"2675fc4afee7fb6b05ffa88a3581019c","sha1":"904320710be35897d3ec0da7d94360aa1e5ff375","sha256":"aa988bca74c9242da6e9bcbeca46be91b4e19202379f310419d31fcd588bf554","sha512":"2dd94f8248bb2264fd118c18fc53b3c0120398692a34f0f3e3904c1f2a48d2f3fb3deff0f559f260027aa9c2743d8fa88f9063a0bfc721f74dd5e35f240f649f","ssdeep":"","tlshash":"06d0a72643063af5ad7a2888057dc69f751e515b61c946f190574a3593630311903ae5","first_seen":"2026-07-12T17:38:11.855689Z","last_seen":"2026-07-12T22:01:35.314519Z","times_seen":8,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/slots/wild-west-gold.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:19:00.339Z","timestamp":1783891140339,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/slots/wild-west-gold.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:19:00 GMT\r\netag: W/\"1267c-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4IYlWuhx7cjIZQb9bg3op25CTtNHCyr0kSQDQcFfOnqlHC1pMC5OiEfs4XG9TXmZBqo0TKt49CTM%2B2f4E78xqrZZaR9QIXuQuCjhQBddtGDRMURcIiPfE8eTAGlYGw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a3156b2df3723c-OSL\r\ncontent-length: 75388\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":75388,"size_decoded":76388,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"a4d08f2ce7d608f3f8c032b0822a72b1","sha1":"4af5325f2834e09cbac50c22145eede287e20ea0","sha256":"3f856fd2ffad9148db6e06b06306c8753774c51fe02bb3f189702b14d0be6a30","sha512":"e182a41e1df5f49e6bcb4212c0ff417ad34a0534fa86c3f5f8350230b00325b85b15f065202c4745694b6e742793208ffd6ef59fef11f2b3f62f212f1ecb72d9","ssdeep":"1536:xCht2pj7iiYngyCZguVap90E6+dd5QHIyJtiQj3Yj339wQOVMP:whYp7zIDuVapeEjdd5QHVt78j3tIOP","tlshash":"c77302ac830ce2953ee17c7bfdd56457c0804ae6326b5ec92a01b4d61737ce5cad3a1a","first_seen":"2026-07-10T09:45:03.496757Z","last_seen":"2026-07-12T22:01:35.295138Z","times_seen":17,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/slots/bigger-bass-bonanza.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:19:13.822Z","timestamp":1783891153822,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/slots/bigger-bass-bonanza.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:19:13 GMT\r\netag: W/\"16198-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UcB6mpRi5n8G5V0%2Bgkiy7AXmTfSuwuU2%2BHZwZdCqSbcwNxCvBnlXxsGV8ZjkIw%2FcxP%2BdpOgQwK8S2TqlDR3IsxeBNBOpOjV4ceOGWYHmjBoClksQn%2B8Y%2F4%2B4k7w1Zw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a315bf68b4723c-OSL\r\ncontent-length: 90520\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":90520,"size_decoded":91532,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e3f8e5841788bd266ee6bf17ec0475b4","sha1":"872069dd6f8ac718b46b581fdc46da24c2bdd3e8","sha256":"590941ede3a0091deb7626acf11bc039331d71385db4a14d486538f364e354d2","sha512":"c3c42e96c0801384e41fb01e016283ac61de9f779e3bd192a0829ac9734d86a561b7fbbb1c863481f9e00714509709c49f2d6185bb2cc3878aa953fdc6abdc33","ssdeep":"1536:BUDMnU+IWPe6sZLAn+87aIkQ/jusg5P+0SPqYJyqK9xcE8A7dlo:BUDKRHJC8+8r/j5gkrqYMaEP7dO","tlshash":"959312c9a739c27b656addc05e1ef2c466d7f346004776ba2a2463527f9072603f8632","first_seen":"2026-07-10T09:45:03.462318Z","last_seen":"2026-07-12T22:01:35.245968Z","times_seen":17,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/8602-8018835a2b8c6467.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.414Z","timestamp":1783891131414,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /_next/static/chunks/8602-8018835a2b8c6467.js HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"39f9-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mMcbH0sh0vmJwUuMBqYZQEDc3WrZXyrpKTtblmUKgzrqb3Mv0sFSZeCPG6pYmSyayqqxaA%2F%2B3J%2BlRwfTvbndl9auOiIINh9DYXfforw5gyUC4j1v8UwHth7LfhSL0w%3D%3D\"}]}\r\ncf-ray: a1a315335855723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14841,"size_decoded":5876,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (14841), with no line terminators","md5":"f366648bcf45d5debf0c1b40cf7d2f5f","sha1":"0b1a9b153106e4fea89f7cac44766d059c2e5941","sha256":"673a7d8aaeb6a9b355d1054015014fd544c8be225843d7bc37d39210d4caf7cd","sha512":"87bc2980f9da79d98616c2345107d092948b85ff882e652aee6ea02a2b3e01f9f8a2f49bd4835069e0487ce71bb42d9591bcd223fe11cb936a9d27a489040e70","ssdeep":"384:iTrTbTaTUnT74TeTVTwT9TQTkTz2uLSD8Tl4rmN2tTRT5ToToT3TuTcTrTP8TQTz:EP/MUTa4NOlu6zVmD8J4rhVxJ22jICPz","tlshash":"936286be77dd348d5a02e2e8d92ba0039bae0138264c4434b14ee4fd5958947987bf3f","first_seen":"2026-07-10T09:45:03.507605Z","last_seen":"2026-07-12T22:01:35.288512Z","times_seen":17,"resource_available":true,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/app/(main)/error-e76e5ecab04323eb.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.427Z","timestamp":1783891131427,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /_next/static/chunks/app/(main)/error-e76e5ecab04323eb.js HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"23d3-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rnmRXvxMw3uT5uEZ0yCmvHNiITr1gigiIaHgAU%2FAD%2B5w3P0dnGeWaFjDjbs%2BwhsjHNt%2F47SHq6nQkAaOlkg5CF0LQyi2IxCWAZtCzrcvhaMSe7PSvdMG0uiOdK8GhA%3D%3D\"}]}\r\ncf-ray: a1a315336868723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9171,"size_decoded":4203,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (9171), with no line terminators","md5":"ea37a6907bbf49850fbc241b021b98ac","sha1":"0c4b73cae7505f9098532e047b378bfae64317ac","sha256":"38ad85b1457519a9dc72e54394f3996d7560f3d34e3398ec2ec72a9ed62253aa","sha512":"dc3684031a1dfd4df683fa10824f12e47c829ae2d20a92efd4820e6ad9e55732c6a9784530685c9356a7af34747a1a16f700f036f08e09d75bee9b15f06256cb","ssdeep":"192:lTzTFtTCTnsHTTYTetT9TYTFTYTcTLATnPtpSTiuTQTp6TPTSDTETzT3sToThTF9:lTzTjTCTsHTTYTmT9TYTFTYTcTLATPrw","tlshash":"681224fe5f9e25ce5512c3ccaa4ba040d7de0338365e4821a58ea8b9c241956fd77f24","first_seen":"2026-07-10T09:45:03.528266Z","last_seen":"2026-07-12T22:01:35.281579Z","times_seen":17,"resource_available":true,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/slots/starlight-princess.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:19:09.325Z","timestamp":1783891149325,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/slots/starlight-princess.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:19:09 GMT\r\netag: W/\"17660-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GLW4n1AStE%2FfGJl7IYdE7nloWBshhwiS%2FFRfgeIbcW1KrxS14fKGVoq7QfgipWUTkYv%2Fk3SdVe02JQKg3jpeKWFA0xprxiuOlM4WUOJkb6cZtDWniiroP6qcXh4MRQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a315a34b77723c-OSL\r\ncontent-length: 95840\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":95840,"size_decoded":96844,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9824b494b8ade7c0157812b4aacaec2c","sha1":"d57539bf59f9115e0ed688bf2a0d6c52463e8fcf","sha256":"6c5adb95eeb1a45770a8d30d019378335141a52e1af4472b0cf4b4645ed93f6f","sha512":"e1942c4af37eb41984eb54b63afdf61f4264b023afcec48b8fca603883093002d21f90db0aaec5ef65ff0bc485fa5991eba74393b18181ea1c146c039c058d42","ssdeep":"1536:HGXhI6Tit+KvC2DM768fnbxPExl0l9lWlXY+nuCnt+8V+b5I7GKI6Izs:mS6Tu+KvXY7JfnbxsDa9liXY+nDt+8YS","tlshash":"769302da9eb729e7f6419b36062479c256fd49dd66239e3032c9e18ccf740f442ce892","first_seen":"2026-07-10T09:45:03.50984Z","last_seen":"2026-07-12T22:01:35.260154Z","times_seen":17,"resource_available":false,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/images/payments/bitcoin-btc-logo.svg","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.483Z","timestamp":1783891131483,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /images/payments/bitcoin-btc-logo.svg HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-encoding: gzip\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 21:18:55 GMT\r\netag: W/\"815-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bxRNbPrUrkz0kYJRUURuimdq4GjcxYx3rb4FGgOF2qOnB7Gv1f%2FfkRpjMAb1PKKEusnzO5EP2DKAiirYPCvST1h1nAgR6jXn1eUfxZTEC5vATfDLN%2BDpyF5dnchdxw%3D%3D\"}]}\r\ncf-ray: a1a31533c8a7723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2069,"size_decoded":2119,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f92890de8d6512e2597d378f00254e71","sha1":"ae4f3414bffd2594adedb794d4f9eefb2a86c382","sha256":"51a4362311aab24ca9f1b68d3ff5faf423385db8ffdade0894bd6acb799e53d3","sha512":"6ab7b81fef67d104a6fdf5c9523efc3d03d6039913a3cd3dac6d22fd4975d2449be7043953c840ff0ee8fdc7226894b07c287790381b0fb653579d8dd55f140f","ssdeep":"","tlshash":"cc41a5fcca1a8952ca9e4b6ceafc4c5e2f23604f016d01fcc58296f57c125f58645a9d","first_seen":"2023-07-06T20:31:23Z","last_seen":"2026-07-12T22:01:35.242849Z","times_seen":814,"resource_available":false,"data":null}},"time_used":4496,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4496,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/branding/crown-loader.mp4","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.529Z","timestamp":1783891131529,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/branding/crown-loader.mp4 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nReferer: https://serawex.com/\r\nRange: bytes=0-\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 \r\nserver-timing: cfExtPri\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: video/mp4\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"38c7a2-19f1a251a38\"\r\nlast-modified: Tue, 30 Jun 2026 20:07:47 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncontent-range: bytes 0-3721121/3721122\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pFPni0JmASp5c6JCzcvIRQDO%2BlN%2FSCrfx%2FeUMALfsPGbiKJeQZRYz5PeWzPOEBl9yZ%2BhtS%2FHChu492pVz87OnABCwq3auhCq1dzefxoBVo1rFGCe%2BIyuluHcjIu4Mg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a3153418c3723c-OSL\r\ncontent-length: 3721122\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3721122,"size_decoded":3722152,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"3a3c1bd7ef11371fa3862eb00bf4b609","sha1":"a132818eeeb6f0250691ca8c45474e0a92426897","sha256":"d089720c9cb4c13801367ed6c65dfdc0265af460d3275162c29134599759b65e","sha512":"101d5d2e3e29d961ae1a220b69df3fa5e72d84f48a2625a725b27a803d96c734efca12c8b13dcaf21f542fde6a4d94b9d80ba62f46203a743108aa735a111462","ssdeep":"24576:c86szvinuPYZLGtBdv+I0q7k0z7R6u9DJal6751INRU4w:menPBTdZDk0XMu3O6sUZ","tlshash":"2a2533d0c70a88dbfb55637c82489e433fd38ebdc60a06ea95d62945deb887671b13d0","first_seen":"2026-07-10T09:45:03.54451Z","last_seen":"2026-07-12T22:01:35.297322Z","times_seen":17,"resource_available":false,"data":null}},"time_used":367,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":251,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:52.150Z","timestamp":1783891132150,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://serawex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 36932\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 04:44:35 GMT\r\nexpires: Fri, 09 Jul 2027 04:44:35 GMT\r\ncache-control: public, max-age=31536000\r\nage: 318857\r\nlast-modified: Wed, 10 Sep 2025 16:31:03 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":36932,"size_decoded":37745,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 36932, version 1.0","md5":"7c87a648293fbb5b2924aafaa59e8aea","sha1":"c57593e0adc4cf99dd9e67cb782242220a061a9d","sha256":"9fea608a947e67020c33cad9a6fe3d60c54119dfb8cff87768a8117a15ed7543","sha512":"764ced325a768dca84e1fb0cc458818239ce379dbcbdb324ee8849bbe15f54e3f0254ae6e52ee5a92741840637b4f9885d246a0978af23176b3acfe5b9cec23f","ssdeep":"768:mMQPOAQQKW6GccoXQ+OGpHNzXgtDM0SVu7P3nqtPl9Bf2csDpHUjbYE8j2:mMQz4W5og+tpH6tDJku73EPlPOcs5U/l","tlshash":"c0f2f23e7ea5691487c2b0be506b00935344c9bd37c18121bbb953f44ea67addc5d63c","first_seen":"2025-09-11T17:08:25.889763Z","last_seen":"2026-07-13T12:08:36.203591Z","times_seen":29708,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/games/trytostart/vs15godsofwar.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.136Z","timestamp":1783891136136,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /games/trytostart/vs15godsofwar.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"43894-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=j%2FQ68yAfjaaKis3YSUNhlEQGFfe9mMlTNAKHBHiK9Vsjv38j36A%2BwRIgqjhvE4bej6QV7YR1i0NhZ5raAvrIYWBq%2BTuR8WFTdL7c87CpOJk%2BBSj7FAWVGbs72RJH8A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31550df37723c-OSL\r\ncontent-length: 276628\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":276628,"size_decoded":277558,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"979852fd6da5e7b15cd1f5f92a961106","sha1":"9d485e3fe899b422b9adc4b0c620eb144f335352","sha256":"f4559971ce6d4019c823558f1c57616e238fdbf96dfb35c8fd6583332ecd3636","sha512":"4bfa3b9e5e68e2765661c2baec88d68a3af81387d7cc1c463bd4a80679170ce9a6ad3ee840e604ffb99391dcf971bb26cc5d500dc5e79703f986cd0526580b11","ssdeep":"6144:mIeEt/tm0YtyKztgChb1k9q8OKrGs0fpltbEFatc+cahe:mBEtwNthtPhb1kBjN0fpv/cr","tlshash":"9a442356ff3970a651bbefb4aa0012d20b23ae7864ef33dd309655c10a4c5831a9b7dd","first_seen":"2026-07-10T09:45:03.512611Z","last_seen":"2026-07-12T22:01:35.309255Z","times_seen":16,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/images/cga-badge.png","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.489Z","timestamp":1783891131489,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /images/cga-badge.png HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/png\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"407d-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lloWPK8QIEKMwbMxOxDVnB28IPqii7QRPCvQhtXymUqNSFyr9Rty2nvCcnQ8o9obJcgXw12Vnm7kZynSMUOQU%2F4poZ8tEXAKZ4%2Fy857n22PlImfCVM%2FDuDJa0KBHVg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31533c8ae723c-OSL\r\ncontent-length: 16509\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16509,"size_decoded":17434,"mime_type":"image/png","magic":"PNG image data, 625 x 388, 8-bit/color RGBA, non-interlaced","md5":"af14168ff77d6f9b2b12bd8654d4ad86","sha1":"fcf4136dd6768b58f4b741581aab701c5bb4adbb","sha256":"90e8c0ae68316e5fca1da08d89a98338c37826f820c77ca856940636778f1de5","sha512":"28514fde7aac1c74c0f011aabad1044cf20887f80cde86e246168221c19081aadad105d28622fc7a1686c60cf100a5079b7b61765df574ecf2156f99df9fab4f","ssdeep":"384:B99999999bFek/E6fhVC9FmgjhUZskdtMwAf999998Jy1L2+pkqQyynJSh:nek/EUhIjhydtMw56BynJSh","tlshash":"fc72cf39b745a91fa1a93dc26911c7f2b63c51c1d028535b1ef3cc8c26e94cf6c22ea6","first_seen":"2026-03-09T20:13:42.379668Z","last_seen":"2026-07-12T22:01:35.305622Z","times_seen":27,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/news/vip-program.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.202Z","timestamp":1783891136202,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/news/vip-program.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"fd78-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gd4gtAIKd9dIp3Ul9A8SfFiQbZPDL8be5HNcfD4plnxrjMkw0AZ8GEm2mk2wYs9SI3GmHd0ZGUJfKwlu%2FGrfxA17PnIwW7NpcslLoueO%2BsThI0CLT1fkpsBAzNcRsg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a315514f4f723c-OSL\r\ncontent-length: 64888\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":64888,"size_decoded":65886,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1376x768, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"88ab20969a88612e5b824dc2ffed874f","sha1":"317985035c8e49154359d6f5a4b94e2a0014d5b6","sha256":"cbd580d7fbb3883f97bbbdaab03e539d2157d988f17588e34fff5cad2673f88f","sha512":"ee565e3ab3f1e3ed850cc0775f581d609f90eb72759c92f07158f38f6ffc7b6d9c61bf59008aa573061aae49c50605edbc5c968d0c0873fe6e81b3f8a0259022","ssdeep":"1536:ot4847WWBWi2e6kdL3TL9pAZiYcwrqVK2t7QHL4l4DYvR88:ot4lCWsi2yLP9pA5rqV3tkslZRF","tlshash":"7b53f143b743358d304fecb1809b3ba88aa9ce769c45dfd8c54ba8851e7538076cee49","first_seen":"2026-07-10T09:45:03.439321Z","last_seen":"2026-07-12T22:01:35.293218Z","times_seen":16,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/app/(main)/page-1242cbe80559576f.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.421Z","timestamp":1783891131421,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /_next/static/chunks/app/(main)/page-1242cbe80559576f.js HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"111bc-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jYiwq%2FxGaXc7Vx0Na%2B%2Fr3d%2FNTypz3GX%2FlwddpwQFTyp2iO2OtATAwq83%2FeQhCF26ea6XzQsyFepK2xRmu8USA8n1Bz9TiVdiuxvr%2FdjEOIZu8nXLNYH7XTHo7UrOBw%3D%3D\"}]}\r\ncf-ray: a1a31533685a723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":70076,"size_decoded":21630,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64865), with no line terminators","md5":"2ee880e294b488be8baf2ca00c36378c","sha1":"8097afdbc5ddf81116d40b3ee666e00de6c6f3e0","sha256":"ef032dd04b290288f2ae2edc7770a8d5b9326fcef21f5bc58b25227269543da0","sha512":"3eb17709c4aec980db281cba79a3b2a34ab80a6faa5937533e6b892184a66f54ccabf143dbee2d30eb530a94f2627e766a7452702e844f442e436f1d413dcf8c","ssdeep":"1536:7cJf0hkZ9geTeIY6rGa5cd1Q8g993275WBWVQ4u:7y3ej6Ka58g993UZQ","tlshash":"8863193a975a7918f837ca8c769f410cb16e4528a34e0db4a7bbac3113854f4b667fd0","first_seen":"2026-07-10T09:45:03.50869Z","last_seen":"2026-07-12T22:01:35.305089Z","times_seen":17,"resource_available":true,"data":null}},"time_used":142,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/games/trytostart/vs20fruitswx.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.134Z","timestamp":1783891136134,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /games/trytostart/vs20fruitswx.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"31428-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bGb4Q8oTNE4%2Bisyb8dQ5mu36w18wvGiRjMfDwosNAxNAx1RcX%2F5hn8aOMNRy5sG%2B3BTo5AeL8cYCRS8raDOf%2FQcjc4TGM9rzdrQsGoNTGjUU0J4OLIlADe62aKLs0w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31550df36723c-OSL\r\ncontent-length: 201768\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":201768,"size_decoded":202698,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"ac08f5558650d48d9b0bd9ae72b1166f","sha1":"bedda2b400d8004617b2ff776dc48ff33144e2bd","sha256":"b0e126b697e15eae77aa8bdf34acccad7a301f473dc51b04ae6c4dd44c37d215","sha512":"ec81c53934e25981e45dabb5592f15846e43c839b6096d82a68f1f4a85b93a4b201153a2c7a534beafeeb3db948f311a86af6c85a4a46106fe1acafa1fea99a1","ssdeep":"3072:sTgm6MDseJcjCdRlu1CcmdRDKaD8qcPZQdr76p1+CGOjPZcBxWb+a4Z7zLj1xHxH:v+gAcjE2EtD87qf6GOSWb+aqzLhxHic","tlshash":"c41423d726dd2b3b9b6b4a7a07f7522f88fd054f9060cde0e3690500a65bee99f44702","first_seen":"2026-07-10T09:45:03.514755Z","last_seen":"2026-07-12T22:01:35.265894Z","times_seen":16,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":78,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/news/provably-fair.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.205Z","timestamp":1783891136205,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/news/provably-fair.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"c05c-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GPBa8fL3AzG%2FktdNHmf6UOR9FOnfZga0drtNTAfpt5v4C15Wz%2BmpDp9Jf4Kkl42kUzTzqoJvxCH7JEaUcG8OVg4W9Rwt1W4q1l7nDYbage9TU1INRJB52wGkV9AxqA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a315514f51723c-OSL\r\ncontent-length: 49244\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":49244,"size_decoded":50242,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1376x768, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"7cb9cd43359de54e7564c725bb9517d3","sha1":"1245094b8fc133d439c2612cf4dd9fb47e3184d0","sha256":"8399ac55ccc149cc474c6441e1bf099afb1d89dcac48e6898df23203e13388d8","sha512":"e4a6ee358263129d6fd50c7e98367f83d92955c35abe7367b8e081757483319934cf8c10c76a54cc91e3ebdcc1562b4f16c1bed6bdaa6014c22319a457669783","ssdeep":"1536:dc7h8uOGfEiIWwtbwyn2ej2/4/S4uyrhXaetd:dMwGy2es4/S4uyr4+","tlshash":"152302dcfd0b7f91e3172448c110d0a5b5f565fa93596e825398d883b68a83fc6f428e","first_seen":"2026-07-10T09:45:03.524343Z","last_seen":"2026-07-12T22:01:35.323973Z","times_seen":16,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/deposit?_rsc=1otn0","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.223Z","timestamp":1783891136223,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /deposit?_rsc=1otn0 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F1Vyjfa63x9WWG90%2FsCrlZoXyH9B2rTYtm4uxR94zH%2BOmbasG0%2BOmGNZgd3QtGOrXCob9RTBlSXS4CWbB6dkt6nftDunYgv3Wwk7H2QyWFyM39pXHOa7VtriKyUqdw%3D%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i=?0\r\ncf-ray: a1a315516f58723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":154,"size_decoded":1199,"mime_type":"text/x-component","magic":"ASCII text","md5":"9876c10da7ccffbf190536b98dd3372e","sha1":"e514dc4db0e327e868e419c1d127c2751249764c","sha256":"0b92f700a78f7e4589dd7a1033cecd337cf04e41b2a2fd4c475f0173218bd3d3","sha512":"f0090ee4f182e4278813a920edee2da3fad2083e2c5e1ba3fca8ff791919278a02178ffd24e7fd7fdcfa5aa5e0e6272e9a372bc46a37dddff7c391f14063daa9","ssdeep":"","tlshash":"a2c08c2142093ef96eba3a88656dca0f260e410f21ca18f4d0925f20b7b702204075f8","first_seen":"2026-07-12T17:38:11.665541Z","last_seen":"2026-07-12T22:01:35.299012Z","times_seen":8,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/4038-49fdd8ae32fa9982.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.419Z","timestamp":1783891131419,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /_next/static/chunks/4038-49fdd8ae32fa9982.js HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"1415d-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HhrEqfJLg20%2Bq0XcBBohVVLi%2Bs%2FvvF5sU8ly7qwmS1lQZ3zFe0rBgfKs856ZABvWDhAlJEr7hePAZY7ln8aQbNYNsGpTyyHezJkN9wjAj655loWtywe0cMAiwyfXjw%3D%3D\"}]}\r\ncf-ray: a1a315335858723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":82269,"size_decoded":25762,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (60669), with no line terminators","md5":"fcc0345f008acbe8f529de677f7ea0b8","sha1":"4709ac8c02289d17f1a27caf9f719c3199e33199","sha256":"94702b098b138dcadab4016ec2aaa5431ce4daf3592629f2b1bd4bfea2c18363","sha512":"40efb9d579d53f9a2b66c219b459d80829c15026ef38f76021613ef87027131a8a09f3ad0c4cbc7d7421f37e3632c419088eeafc6f2907fd8b471081a65c4f18","ssdeep":"1536:kjI+qNzajw1Muc9T05eMK89JgRPWSEtmfPjvss85QxnpYQoQCsdZ:k0plajw1Cez9JgRPItmf7v85mnWRmdZ","tlshash":"178319256609315cf17bc58872cfd91db26e362ce61ac578bf3e7829179a0f4b126f80","first_seen":"2026-07-12T17:38:11.838423Z","last_seen":"2026-07-12T22:01:35.286472Z","times_seen":9,"resource_available":true,"data":null}},"time_used":141,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/hero/hero-vip-v2.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.451Z","timestamp":1783891131451,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/hero/hero-vip-v2.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"12118-19f1fac3ba8\"\r\nlast-modified: Wed, 01 Jul 2026 21:53:29 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K7yMLICtVkzEmNm5iUIsZ8jk9ybPE08gNM%2Bv%2BI76%2B%2BLYI7H2KJo289guGqZrfn%2FSU%2F8k7SipQDq0oENsLW%2FagFzPketAXdv5TqeG0uN0ogEg0b%2BYMHNBPT3l0Sy4%2Fw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a315339888723c-OSL\r\ncontent-length: 74008\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":74008,"size_decoded":75021,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b3619e2f0f7800d3951be34c267663f0","sha1":"b998fc7861c09dd7964f6ec1f5d49b793efea76b","sha256":"289834e4120de421eaac532dac21b56392c4a8c1fe499da2497b618be35d51b6","sha512":"2accadec8cd6e89ce82a2bef3cd057df9f742ff41561ad08d51aad21a3f532a2a6b380799fef0379dbf0b0748425a3317352943994626d95b83c3d04d79e7bf3","ssdeep":"1536:91HLNi5Iv2jucGwBgKvRVTSy4w5jlD/rLWIh36OLm2:91Hw5MaRLR5S1wjA2","tlshash":"257302ebba9b23cd5914bbbbd3004c06c72db345858d5aeb36a512c22a071fcaaf0515","first_seen":"2026-07-10T09:45:03.54267Z","last_seen":"2026-07-12T22:01:35.278992Z","times_seen":17,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/api/games?category=slots","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:55.809Z","timestamp":1783891135809,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /api/games?category=slots HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 21:18:55 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ac2ygqJR46oz%2FjYreD%2FSMwhrVsQpXvMc%2FWTwbycWuGMBPQdpQCl2pepS%2FaIbBGxg3rbrvd20%2BOyXMpGkuczN5LqWHZbgJVbA9XK6PqfzvJniIdbsC4PF9IJMI8kY%2FA%3D%3D\"}]}\r\ncf-ray: a1a3154edeb2723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":63477,"size_decoded":8409,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (63297), with no line terminators","md5":"c331d5f1893b478d08375b0bc50d68ff","sha1":"aa4291784773588400e363945c81680f3e1ae4ff","sha256":"bc505cd7737b683a57a012a20e85c46d010189a631ccb63361275aa4fb937f75","sha512":"edec89bda7b3603a530390dcf158707897973ee6e2d4f1c39b48884ed1de2b20a2b4c25bb22ea7af76a2ac30ef4956618e640b21bbb68d10165fdb5b38103dd9","ssdeep":"768:jjQHfWdheJwziaJM7HQ4W1XqOyJZu4Ylf7mlzG/b5UQS324z0ozqAr8yXApxEHV5:7ex3oxateO69c","tlshash":"b953633d7a6cfca4c78a88c655933ec9d52cb55752000c25ba4bcf3cc8e48fa6e1995b","first_seen":"2026-07-10T09:45:03.570635Z","last_seen":"2026-07-12T22:01:35.291909Z","times_seen":16,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/games?_rsc=1otn0","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:55.917Z","timestamp":1783891135917,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /games?_rsc=1otn0 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 21:18:55 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ua8hkKFfiHPFa4FeyzYHNHLj6xH6kFyM06af01KM2oTRiMZPmKk5KVTOWNd8oPRPo%2F5ObUj8kDr275uSXZ%2BdkuAbW0OhhjESDh%2FZTLdhFXoSXEkKmAG37GcG9Yn2bA%3D%3D\"}]}\r\ncf-ray: a1a3154f7ed8723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6494,"size_decoded":2725,"mime_type":"text/x-component","magic":"Unicode text, UTF-8 text, with very long lines (3468)","md5":"41cfe91216b12befd4a1015a9ad28172","sha1":"48ba8f88582f084581840694ff245f3d1b1ffbb5","sha256":"fc8e019e591e4925fbfaa132533f93f1117391b70f6ecfa1b1927d0f2b5faf9b","sha512":"1db72ff20177855ce53317b09cc074dceee956455dc0d31d18c94bfbf9751cc5a1ff1768637e4e56b5b00b6cbfbcc69c23a04cbf49fd8478f1b70358391022c3","ssdeep":"192:Wp9Id4t5LqJgXf8N9NuNfNoNRNSNzNMNFNHN2NFNMNbNaN5NQNKFgtOVyL9QfWjD:W8IiPQl+rchK3tY3KpEzmXso","tlshash":"bed1893fa6014a6fd6fb4142446f12897b1c4f3eeb50ca66c0ed1e39068a99c7f89365","first_seen":"2026-07-12T21:19:31.940331Z","last_seen":"2026-07-12T21:19:31.940331Z","times_seen":1,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/avatars/avatar-02.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.017Z","timestamp":1783891136017,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/avatars/avatar-02.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"88c0-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yiK%2FJiIslNIPdFj3jHjaTyLHNTxoTKpGTe2U7sRq2qLYThy9ElkhL3N2NGTyVipgx2j2l8VxON7SXA%2FOuPkQXhUrUTOaCIwsTnLryTmW6uROiKDjoCGOw54uxlw7jg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a315502f0b723c-OSL\r\ncontent-length: 35008\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":35008,"size_decoded":36009,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e24a10a59b8477837b5c35ebe08bab8f","sha1":"8fe74c26ad32ec7aaf96ba81351dd927422fd32a","sha256":"8e6e00abcc1788dd41e9d7d17fca30cef3556aacec8fe332b81f78d694282228","sha512":"cf3153db4a58a8ac1ad8c27b900fbda406340d20a6715d6ce1339f26242aef3f68acafedc3f87b787d029c4c5fa9cb7ec70ab1a495fd29db7945f09e3b6706a3","ssdeep":"768:r4q8fc4wlex68jL0fXMNTpWxjJN6MfnVTMiYd:rmO06CYXglUdgaVMiYd","tlshash":"24f2f1400d366927ff80a08bb92d255931c0fcb79be814a688ed79f2860fcd756b935d","first_seen":"2026-07-10T09:45:03.442356Z","last_seen":"2026-07-12T22:01:35.283457Z","times_seen":16,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/games/trytostart/1309.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.138Z","timestamp":1783891136138,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /games/trytostart/1309.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"2ea88-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yfJrMd0JyjJxv1RsYUikSfA7TOE9xBAtbeKUWm0TmtZyjD5fdhK42ho2ZMzE%2B3GZGKf%2Bu8YjpDMSABl8ai43FxgrVAiNv0TfcOvsuV0iYwWfwhy9ixpdvTgvnDNcRw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31550df39723c-OSL\r\ncontent-length: 191112\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":191112,"size_decoded":192038,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"67de634afd975632ed55c97a46274d7f","sha1":"266f437d9a77778edf3648153208b5ab234d482a","sha256":"2dd2997203a4aed12599d29f3b7acec417219602caf5ccefac1e6412de958224","sha512":"39bc73e745ca4e806f46bb88fd497f0da2c6b409d7f5e5e09fbc132688afa610080ddcb1928509636b1feb3cce304a7b4a2b656ccde12c295e0d21fc889edbc1","ssdeep":"3072:DfXnSkyhQNXDwrkbAF8UqsuJj5CMvQ3HrtjpnwzQr4YQ3iNekbEG9iBwUB2:DfX/+QNXDwAbAAFQ3Hrt9wzQrciVn9iS","tlshash":"bf14239ed7c056511be03a4b00d69f49a0afa22465f81af1c9fd35dcf1242ff82a8728","first_seen":"2026-02-02T19:22:04.376431Z","last_seen":"2026-07-12T22:01:35.285214Z","times_seen":39,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":76,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/games/trytostart/vs20fparty2.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.158Z","timestamp":1783891136158,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /games/trytostart/vs20fparty2.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"31246-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZAx2GqdJunsZS282UHH4nQMUBobIsufi74eJ%2BBS53J%2F4lC2Ksqk5iDimvazT%2FfOCB2GjSpMU4de3XZDMunODjMGUZfAkfrd6VVKb7lF08FiDOZmMjxUVp%2F2bSVi66Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31550ff45723c-OSL\r\ncontent-length: 201286\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":201286,"size_decoded":202216,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"4dbe1ad237ab45ef9472ddc3b8454d2d","sha1":"b393424472562ce7bcc2d214bede0c8b2653d069","sha256":"a4eeaad89a11e9c5fa29f6ae9e6e69cd75db74d4ebbdf8c00683942ba281188d","sha512":"d81ed3d39e11d3ca21a8b80fddccf9fa8a9d7fa810db7517f51432391ac3e0dfaea290a84c7dcef26f074d994525fd6f9ca0ca70efe7a0fdb025c3e20b400281","ssdeep":"6144:m+OD05Br44TS/a0f/9Wxf5wmlEquieLgj:PD5x44TS/ai/9Of5pEqPj","tlshash":"13142386764c20543fefde8c645a556a6aaa22b0ef825cfa01f3dcff804d105da16f52","first_seen":"2026-07-10T09:45:03.515685Z","last_seen":"2026-07-12T22:01:35.265291Z","times_seen":16,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/slots/the-dog-house.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.456Z","timestamp":1783891131456,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/slots/the-dog-house.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"109aa-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Zsb%2Bwdr7h%2FlHMM7P2rIogJAQTePcHrZe6tA%2FMZUNKIl4N0PDVjkqJmVkC%2F8f2Z%2FWBR9uojvGGnsAIba9YBWXg0SQHT56XF6cTOWRPruP5S2aESwIePi4QbdajGvlIQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31533988c723c-OSL\r\ncontent-length: 68010\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":68010,"size_decoded":69015,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2b9f8d3634b33f67618a2165bcfc9e64","sha1":"b78d21e115c70e802749e0abebd64d281960e839","sha256":"31dea2a3414638bb40323b0f736714adea89c3a4ec792a2633def6a031f40abb","sha512":"35236b4d268abdc18417458a9904855a347ccbe0041e51959d3773c693be9aed557b066748ec37e1a7fcdc0880b51c14bd1237ff0b7b66873d2b1c84dbc6219c","ssdeep":"1536:ZFyfU4Wy6d20OqYMZTQo/PklvkPc8tXK2Uba6sDqpGJb8fuLzg4E5n4OJM:ZFWWyZNqYMdl/PxFcb3smpGJb8f2g4EK","tlshash":"666302f75a996667f20b02bedeecebd8beed8a03c1b7d124096455b005374c343a5836","first_seen":"2026-07-10T09:45:03.457398Z","last_seen":"2026-07-12T22:01:35.315655Z","times_seen":17,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/play/vs20sugarrush?provider=pragmatic\u0026_rsc=1otn0","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.322Z","timestamp":1783891136322,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /play/vs20sugarrush?provider=pragmatic\u0026_rsc=1otn0 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jTaZozJj75DQQpZhjm66M5td8UhTcRbFwLs810zMY2QnnQ7xCZhaTRy2PQi18FrqDLRWgM%2BVtRWgNiSiFrfFhSDfFmd7BL3PWl0gW%2FzlJDu2i5Cq5O4EBGQpJBGHqw%3D%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i=?0\r\ncf-ray: a1a315520f74723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":221,"size_decoded":1231,"mime_type":"text/x-component","magic":"ASCII text","md5":"3265ea94b8edb331a659b21a81b3dc58","sha1":"059dc8e2cbb1f35c1173149aa46cefe41d434496","sha256":"d8f61083983fe755eb10faa200381b32507c14be526670b4ed95098efb1bc9ff","sha512":"8e74af12b0e99f74e926575dd456256ede8b5e09284bf3f19e3c662f54bb95acc3ceb714dd1802f5ed5601f6a1ac08ab1cf6514b4fca322b69e7beb0a363489a","ssdeep":"","tlshash":"63d0a72643093af56d7a2888457dc65fb91e515b61cc46f150934e35972703119036e5","first_seen":"2026-07-12T17:38:11.75351Z","last_seen":"2026-07-12T22:01:35.306431Z","times_seen":8,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/crown-logo.png?v=pm","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.442Z","timestamp":1783891131442,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /crown-logo.png?v=pm HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/png\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"f80a-19f43a76a28\"\r\nlast-modified: Wed, 08 Jul 2026 21:34:33 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=54mwcH1U8baE%2B4eoKBQuUKrwUpHBRp4yj9aSp4IOcjGnjMZb%2BdrA4y4Ib5ofGoYno4A3p9a2h6FJMC4QcUah8lHEmj0s5qaSZLovpfjB%2Bj64shoUnHqVoCWoVCEQGA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31533887e723c-OSL\r\ncontent-length: 63498\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":63498,"size_decoded":64497,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced","md5":"a3c9a1078bc4e53205f6412d40341501","sha1":"efc5627b4a72ea439076435289258e1b79b8d57b","sha256":"1e901b8226f1eb9f404ed2ed750935526bfe4bc1bdc3c655a0795b3985838b8c","sha512":"6cd908a4215ed45291ac9bfa839657d53226709912983e6d91cab8240efe87f1fa5acbb73dda72e6828c22d5d7345da2851a6a9cd55c237b4b0357cb16c71e26","ssdeep":"1536:xd6Ed8fHrKzgDjlVb0MvORymKojhtWjt7qtvy6STdyE0:pyHDRdz2vhtWjNXd6","tlshash":"0d5302d4f4b4afbc3419a6bce6961d130fbb42646dfa40212e887e4d9d22465d9f38c3","first_seen":"2026-07-10T09:45:03.481088Z","last_seen":"2026-07-12T22:01:35.256309Z","times_seen":17,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/slots/bigger-bass-bonanza.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.460Z","timestamp":1783891131460,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/slots/bigger-bass-bonanza.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"16198-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EF73cV704qc4Vw8s2XCc7CgHmlI2JtzzfVSJsaVboBRZ4IwGomUR2lKKfWZxoWtinuoAsIi6%2FwjVepVf6SAOeRSFX9jgBBt3afmtF9F4nLSfebkeuyLx0xxBiZ4YLA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31533a891723c-OSL\r\ncontent-length: 90520\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":90520,"size_decoded":91517,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e3f8e5841788bd266ee6bf17ec0475b4","sha1":"872069dd6f8ac718b46b581fdc46da24c2bdd3e8","sha256":"590941ede3a0091deb7626acf11bc039331d71385db4a14d486538f364e354d2","sha512":"c3c42e96c0801384e41fb01e016283ac61de9f779e3bd192a0829ac9734d86a561b7fbbb1c863481f9e00714509709c49f2d6185bb2cc3878aa953fdc6abdc33","ssdeep":"1536:BUDMnU+IWPe6sZLAn+87aIkQ/jusg5P+0SPqYJyqK9xcE8A7dlo:BUDKRHJC8+8r/j5gkrqYMaEP7dO","tlshash":"959312c9a739c27b656addc05e1ef2c466d7f346004776ba2a2463527f9072603f8632","first_seen":"2026-07-10T09:45:03.462318Z","last_seen":"2026-07-12T22:01:35.245968Z","times_seen":17,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/api/auth/session","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:55.734Z","timestamp":1783891135734,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /api/auth/session HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nContent-Type: application/json\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 21:18:55 GMT\r\nexpires: 0\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nset-cookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; Path=/; HttpOnly; Secure; SameSite=Lax\nauthjs.callback-url=https%3A%2F%2Faurexss.com; Path=/; HttpOnly; Secure; SameSite=Lax\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4782VWsD21l769JR822DMENSkI49XKoeGOVHU5vgBiUS9CFALmpGSStpYJZ%2FHd%2BKFJzN3zk337EWZJ29UOXlG9E3IBdXOK9qVLjQ1Hmq4XgklFiUqlYdT1Rz9CxxrA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a3154e5e98723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4,"size_decoded":1367,"mime_type":"application/json","magic":"ASCII text, with no line terminators","md5":"37a6259cc0c1dae299a7866489dff0bd","sha1":"2be88ca4242c76e8253ac62474851065032d6833","sha256":"74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b","sha512":"04f8ff2682604862e405bf88de102ed7710ac45c1205957625e4ee3e5f5a2241e453614acc451345b91bafc88f38804019c7492444595674e94e8cf4be53817f","ssdeep":"","tlshash":"b9300000000000000000000000000000000300000000000000000000000c0000000000","first_seen":"2023-03-07T01:02:14Z","last_seen":"2026-07-13T12:19:44.824921Z","times_seen":271594,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":39,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/api/media/ceb9e344-a5ce-43c1-8ffc-22302cd910c6.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.015Z","timestamp":1783891136015,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /api/media/ceb9e344-a5ce-43c1-8ffc-22302cd910c6.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kyJlrbvIA4NefTGVK3tgGNRbMHcIAwPn0f%2FUAUY1HP4IMVsNTFlFJHsFfj5Ai%2F0rVf2aEFhrc1lUXGHSP0%2Fgq5PIl3cwntXsK5jSueCiGYKzLaxnQZf%2BkCJGl5tLIg%3D%3D\"}]}\r\ncf-ray: a1a315501f0a723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":164394,"size_decoded":165407,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"137cdedc2f1c8db70aab54aa6e011b77","sha1":"29c0216d3b5508c9066886910e3d1c549f1d3a04","sha256":"bf004b731aac1a183833df63844be938cb69b2095b647428d48ef00ed9bdd051","sha512":"6949a5f01e83762591535d1e4042bd6907c2a877a2fd4463d029d021c751854dababc6e87876e1d8c0520ee2d273b2228349bcef02197204b014b6d23d89a204","ssdeep":"3072:eHo6l/e1LtSYcVQCruv14MTZC2Me+pgqE4y0NXowhM8am9eCrJJl:eHc9tSXbruvXZMxpDQAX3bam9eUl","tlshash":"31f312e6bc5c49935922540ef501aa0bb449e8486bfdfde5bd30ed5ccb6f630088b58d","first_seen":"2026-07-10T09:45:03.572616Z","last_seen":"2026-07-12T22:01:35.322231Z","times_seen":16,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":75,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/games/trytostart/vs20swbon2500.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.159Z","timestamp":1783891136159,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /games/trytostart/vs20swbon2500.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"7652-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bBKgd%2FkgI6Ch%2FplppK7DrODXoCkBVWOV8Akl7WYnzvUKGPrp%2B4s%2FUwwih7zToR8DakobRi3RgRTMW9OJoJqMeFknzCSQuNSF9UOPsJgNAF2a5eQpVGzRFYbhFaUgig%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a315510f46723c-OSL\r\ncontent-length: 30290\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30290,"size_decoded":31218,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 408x546, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ef7d1293c15a0467300fc4ec94aa0962","sha1":"68b0e661714180d5e68942a2537189d272038cac","sha256":"67a835363fd4f746517982066ee9325d6f4d5f7b2f551318194e1476b4fbf805","sha512":"a627528c36d388eebb82ddc6e357cb5973d96cbb94f1ffcb40c09b1e1a2f4e016cbfb52796b6621f5554fee680fdb3835c5f442e0b3c9ee468bad9a65b236b17","ssdeep":"768:a/wZJQB/bTR3E7oM3TXlsKiyp8ILpVz/t3/EtFBtheZyK:8wvQB/bZE7oM3Tl7xyILpVzl3/EPBth8","tlshash":"ead2e16738a19715e14e0373c15b88d0c74fd50ab883357e807786c5b0aada692e4ff7","first_seen":"2026-07-10T09:45:03.43836Z","last_seen":"2026-07-12T22:01:35.296805Z","times_seen":16,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/4bd1b696-100b9d70ed4e49c1.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.404Z","timestamp":1783891131404,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /_next/static/chunks/4bd1b696-100b9d70ed4e49c1.js HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"2a3e1-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AQsttplJZfXvUFMHT97%2BMpbc2UfHV0LuBaF7WhqL8hyMHluIfRlhwStsrdaYBusebi4p1bBNEib3T%2BJXnWV6JA2uxg648zTbCVf3X48ImuoLbribbQ6%2BPjrgKoWBxQ%3D%3D\"}]}\r\ncf-ray: a1a31533484b723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":173025,"size_decoded":55359,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"2a9c2166a0ae63c27a466c7fb5903d80","sha1":"51f1c90c3f1e1d32d0c81e836ded7ed5ba0601d6","sha256":"5421e13a91a9389517b66179f3b4b5eaa0d95245438066d4d7b19ac30aeb809b","sha512":"8dc6274f2637076f1b5c4cd3f61b14259ec5552d844245c8b93a64f19c8b6b7347554a03b994b0f880b7dae74ad65e54eaa00be81783c2cedbae82a7fd4b89dd","ssdeep":"1536:DWET9Lwegcl2MywYleojBFOQLfioEV7hNc7lFlgXGhJx4bzZc5zg5tgW/zAe6c0:Z9LwzMyh1vLEE7RgXOQ5SIA1","tlshash":"ecf3f8ec3999e611aeb342a700df28037378261b240d4d60a614fd9ea57845bb17bfde","first_seen":"2025-08-21T15:49:50.637902Z","last_seen":"2026-07-13T10:45:18.945199Z","times_seen":13110,"resource_available":true,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.867Z","timestamp":1783891131867,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://serawex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 01:48:42 GMT\r\nexpires: Fri, 09 Jul 2027 01:48:42 GMT\r\ncache-control: public, max-age=31536000\r\nage: 329409\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-07-13T12:18:10.107777Z","times_seen":233449,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":4,"connect":48,"send":0,"wait":42,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/avatars/avatar-04.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:55.895Z","timestamp":1783891135895,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/avatars/avatar-04.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"94f0-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xwkrXlnwAVy0UTafylWLLT3o%2BEBjrUZwfYlaTkiQ8%2BAsnOKMMpNqeBckpVHTLLjyaQjIOZOlC4iBhpV4t1cIyqI9Bt%2F0MMez7xnFtL52%2BYtQOikYVaWdVsuEBcgx5g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a3154f5ecc723c-OSL\r\ncontent-length: 38128\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":38128,"size_decoded":39130,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2d1c641d7f049af251a09cc0612e3d4e","sha1":"78322f070a54ebf93d74d7a8c0866f7db2881f51","sha256":"648865fa8c4429e627aaba9d6d51567f845c8aff7b8342ba684d2e014e4538b8","sha512":"31349595037ecd2825a344ce198fc486a4839bbe2ed62424cc1dcc6eca865ea42166a414b44da70e78d2ef646f1dd60f49e0e7613794ab0f4d127c3a71821f88","ssdeep":"768:7RA7zfI1kCGn8v2gRs2OOq0UY5paW/1xlY5njEaClicAsp3JLgwhzR:7RmfAynLge2OOPmM17YuaCli4p3JLLl","tlshash":"7e03f115d030bf43b8a5c5b5c7cfd8c62e9adba542bb83e152540a8410af1f1bfa2d21","first_seen":"2026-07-10T09:45:03.517578Z","last_seen":"2026-07-12T22:01:35.287301Z","times_seen":15,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/games/trytostart/vs20olympx.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.146Z","timestamp":1783891136146,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /games/trytostart/vs20olympx.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"3e27f-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PCJQ0EpY5K2dapWfFqA3zQvhdBkQWCYD8On6qjLn6nTTy3yF6O6TWVz9h%2BRIHPTOwQXdcpOmaiPLggjrt2WRwT66YL54%2FPE0k4Fg%2BYU1lP%2FGwTMD%2FrIN4Q9kfmW3uw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31550ef3e723c-OSL\r\ncontent-length: 254591\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":254591,"size_decoded":255523,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"7257e7983f3fc7614dbcc9f60d78e675","sha1":"708154f72258ce55b1e1954a62fcff0d0fc8369a","sha256":"fc9fa196019d6323ea1284aeb52dbca0b466ecdd3c5f28cfdd0a7138daff2870","sha512":"7ca60d36efbb7f6eedca2c18f617f207f04c0fa79a06f9166ed0509e5dfd893b75352ffc31a73a209f1d4a4ea7a21feaf55964f20b51374b6ce6d63b1470a88e","ssdeep":"6144:CiN4IwkOCuSMJO5F14DNQE1+u5n+zY/PhLPhlAkzEe0+X+:CiNgXCuMMDNF1Tn+MBLQkWE+","tlshash":"0b4423b1d86dae1580bbfc317d6837eb2fad593aa9b32129c780c55c715e8dc970c218","first_seen":"2026-01-30T22:42:01.211792Z","last_seen":"2026-07-12T22:01:35.273749Z","times_seen":96,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/play/vs15godsofwar?provider=pragmatic\u0026_rsc=1otn0","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.320Z","timestamp":1783891136320,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /play/vs15godsofwar?provider=pragmatic\u0026_rsc=1otn0 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M1I4fh%2BvR4tV3RK64qkJAheCD676kVBg%2FJj1KaXSXIQ%2BSoY6GBg3uB6ejjux2s9f3zC63GpoeEZQvYgqmFac9rjRLN5OyMO%2BXBuQ%2BQfGL%2FFu7X2LRASzl3A8fr4rRg%3D%3D\"}]}\r\ncf-ray: a1a315520f73723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":221,"size_decoded":1241,"mime_type":"text/x-component","magic":"ASCII text","md5":"23c01eb3c26338f91369fc8af176aa20","sha1":"9de0f3f7f24c3b5d2132d079c249fadc6d69a183","sha256":"8c0869cd0fd0ea595e988e46ac46c15890363303f3a70296c0f1dca9ca38794b","sha512":"b8388b5aa4211a82442b9cb18dcd9085cf1470abc20383c2df7089680d018d75068a8b22322096e190d3ff2f6347bdbd35e1ed9f5c504554513cd3d9954e7f38","ssdeep":"","tlshash":"a0d0a72646053af96c7a2884057dca9f761f515b61c856f250625a35936303219035f5","first_seen":"2026-07-12T17:38:11.91928Z","last_seen":"2026-07-12T22:01:35.249716Z","times_seen":8,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/avatars/avatar-04.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:19:04.831Z","timestamp":1783891144831,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/avatars/avatar-04.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:19:04 GMT\r\netag: W/\"94f0-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GFcH4i%2BloRmF%2F2XiHFz%2BU4k%2FqbvcYphkgvhO5lLX9hErh1VwHTPdnnKsbC02jZ62iz5K7owoGjDBAczWU7QKGM6CVR6UhIwDckz1Xgo5%2FyYQuFUOgLGXuXIrjQFVKQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a315873d18723c-OSL\r\ncontent-length: 38128\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38128,"size_decoded":39135,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2d1c641d7f049af251a09cc0612e3d4e","sha1":"78322f070a54ebf93d74d7a8c0866f7db2881f51","sha256":"648865fa8c4429e627aaba9d6d51567f845c8aff7b8342ba684d2e014e4538b8","sha512":"31349595037ecd2825a344ce198fc486a4839bbe2ed62424cc1dcc6eca865ea42166a414b44da70e78d2ef646f1dd60f49e0e7613794ab0f4d127c3a71821f88","ssdeep":"768:7RA7zfI1kCGn8v2gRs2OOq0UY5paW/1xlY5njEaClicAsp3JLgwhzR:7RmfAynLge2OOPmM17YuaCli4p3JLLl","tlshash":"7e03f115d030bf43b8a5c5b5c7cfd8c62e9adba542bb83e152540a8410af1f1bfa2d21","first_seen":"2026-07-10T09:45:03.517578Z","last_seen":"2026-07-12T22:01:35.287301Z","times_seen":15,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":36,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/9792-bbed82e0e875a1e0.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.429Z","timestamp":1783891131429,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /_next/static/chunks/9792-bbed82e0e875a1e0.js HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"2479-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dCZ%2FSqymaM2pIq1jEx%2BgRUSbxntizGOKn9EDfRKlJjIw5pRzWuopzZuVbxeDS1QFeJdn4ajUwH6qZdEcm9%2FZ4lpp6ro5WokHA%2FItF5brzdUXUPPAmmf5kihiyskPPA%3D%3D\"}]}\r\ncf-ray: a1a31533786f723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9337,"size_decoded":4398,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (9337), with no line terminators","md5":"b082208296b9b3705076807c6a765752","sha1":"df9d0a8602debe4cc087445f2f2928428a8dd8f8","sha256":"e5cc5cd6fd587fd300815648759a627ef8c4dc295d75f12440f6d27de6b02924","sha512":"44a1bafc5746c002fc285d55b8f9240e4dc493c65c631114334e52b732499504fee8c0449fbebf9d50205593347c073ebedd5e48fb1e606a37f7cb474066b846","ssdeep":"192:O3Yaic4We1aowaYz4n6rUGUCKbLgcJ/t/ml/6/hYmPE:O3LuWsYn/8rc/8E","tlshash":"76121b92baa2f8b291bb6552683703863130277b790b4441a3bb4cac2354f59b4d3f5d","first_seen":"2026-07-10T09:45:03.521341Z","last_seen":"2026-07-12T22:01:35.311525Z","times_seen":17,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/lipis/flag-icons@7.2.3/flags/4x3/nz.svg","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.013Z","timestamp":1783891136013,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2026 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 20 May 2026 15:48:47 GMT","end":"Sat, 05 Dec 2026 14:48:47 GMT"},"fingerprint":{"sha1":"D4:05:C2:EC:C7:EE:2B:D0:08:68:0D:3D:33:77:48:78:43:E7:D1:E1","sha256":"ED:84:90:EE:71:BC:6B:5E:B3:D2:50:B0:23:3A:06:0D:E0:50:C6:B6:A9:09:36:E6:CE:FE:E8:66:89:EB:4E:C5"}}},"request":{"raw":"GET /gh/lipis/flag-icons@7.2.3/flags/4x3/nz.svg HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nConnection: keep-alive\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-length: 642\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: image/svg+xml\r\nx-jsd-version: 7.2.3\r\nx-jsd-version-type: version\r\netag: W/\"87c-kuVFN1aapGTztuQPN7yl3EBdFaM\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nage: 982191\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\nx-served-by: cache-fra-eddf8230113-FRA, cache-bma-essb1270037-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2172,"size_decoded":1388,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"229d2fadba8d00df102927eae199d46f","sha1":"92e54537569aa464f3b6e40f37bca5dc405d15a3","sha256":"794a2c8c09796090ab748a74bc35aed825e701eaddc46b138f300401ac9a25cd","sha512":"30b43f270300cc3e8cd4aea0f4e234c24dd5028b71dc9cf33d199fbd6479b120c92db29a4c7741f26b156ac7a561460b46fc37664eb01a32d23f1b19ba9ea70b","ssdeep":"","tlshash":"8b41a080a5d6001dc9399300c7ccdecc9a1fe0db92432a97f6266dca67796d64c9a38a","first_seen":"2024-07-30T15:59:14Z","last_seen":"2026-07-12T22:01:35.303292Z","times_seen":199,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/play/1309?provider=hacksaw\u0026_rsc=1otn0","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.389Z","timestamp":1783891136389,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /play/1309?provider=hacksaw\u0026_rsc=1otn0 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hIFZn7WOIiOkOyk8VNEt23HZK4b8hv8KtqBL3eU%2BLTK8C91eRv73vOCKADaKHqtVbfdU4olT3qjnThdF9XezBksY9TYTEoRuUDFhpphc79%2B0oMvjDO7cif8EBmVXuw%3D%3D\"}]}\r\ncf-ray: a1a315526f7f723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":210,"size_decoded":1228,"mime_type":"text/x-component","magic":"ASCII text","md5":"61f86c62e5d4185f2cb14f4f1d7b8b6a","sha1":"0f7974d6e4c05b361224dc4e4396496458456f0c","sha256":"3c998ee62c0a9023e983cb7e7a4e0243fb99129f71add0a7c28b0ee95748b635","sha512":"2da772c21bad59375b7bdb73865a739b3abe7aff1adbcf613df43178bbfb5697ad6e28c22405b12a77f255fe7fff22a6cbef2defb24d8fdbbf86c8138948e789","ssdeep":"","tlshash":"f9d0a72647053af16c7a1884467dc64f791e100b61c80af190d35a31536302115036e5","first_seen":"2026-07-12T17:38:11.691866Z","last_seen":"2026-07-12T22:01:35.268591Z","times_seen":8,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/8347-2cdd515f34b89f12.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.410Z","timestamp":1783891131410,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /_next/static/chunks/8347-2cdd515f34b89f12.js HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"20f6-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FRHsSblJHibcNUV79wdZ1W7Phiac0b37v3dP5aPbgKcGeKkhnhhpntIBf5TW%2BK95XduwvyTbDf%2BNLNRnoU6U27lO49iOuV4eJWuzyWT%2BTORszqOApjliukU8Qj3Q1g%3D%3D\"}]}\r\ncf-ray: a1a315335850723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8438,"size_decoded":4192,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (8438), with no line terminators","md5":"49950202b034f7c0521d2f2129c83c84","sha1":"b39a0b9a93e867cf8675f483507f08d29d1375f9","sha256":"b35f82e8ce5a7a8b3b1083a9731c3d7351973f866106ebffd0c69b90405e5db6","sha512":"e40aac677169b6d180e3fe9b824cb491c49e9c1298c17f6a222b00343907f3ae29daa5d7b2a5c9af388e54bfcd0f92611283a303bb310752b5721c51c943be04","ssdeep":"192:njk3KSwJQV71am/oOJZBOcIkQmAYxDvLZNIw:jk3z1D/9JZQkQmAYdvLZNV","tlshash":"8f02daf5b762383149ebc2d6b5722942f318078e6628d81051f50d2e7358e0eea52fd8","first_seen":"2026-03-03T22:08:14.650035Z","last_seen":"2026-07-12T22:01:35.278324Z","times_seen":27,"resource_available":true,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/slots/wolf-gold.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.472Z","timestamp":1783891131472,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/slots/wolf-gold.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"e082-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2Wi%2F0W5ZbEYSt6jPgRTiJbe91oWo%2BRjAHeZA7H4%2F7P5bjBKk6ubXuDZqQIAWaNd%2F7RhNNbkrIFZEpmLe3Q2obHcyq68hhqSp3Xmxc3%2FjbFftPy6rPwvFYDIMKOfYMw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31533b8a0723c-OSL\r\ncontent-length: 57474\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":57474,"size_decoded":58478,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"6705cd397c489728422c0670b86b5901","sha1":"c4de9ddd398312a49b6851018b180cf61b0b7deb","sha256":"44d27f27efb951e48ffabb381be0b255de5b0555f7d257b4ab5b297bcff8d5a2","sha512":"3035ba279c99aec13340c48187b829d2ae8c47dbe888cf5eedf2c591db098d2b1538d7884adca587828e5878ec992b4e0471e5baf74d80779768462ea3cfe397","ssdeep":"1536:U37DpmX6h92fm+68Cf2g7OE3mWwpRAUiKeyUo6xTsL:UrDAX6HE8CE2WwSUiKe1Ji","tlshash":"0c4302c18280cf866909c979e8b441413463051aba97b5d6fe1afaa20bdf14b3cdf13f","first_seen":"2026-07-10T09:45:03.458684Z","last_seen":"2026-07-12T22:01:35.255734Z","times_seen":17,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/slots/sweet-bonanza.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.479Z","timestamp":1783891131479,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/slots/sweet-bonanza.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"11110-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7DuyHkxUTuoJ7428x6%2B5w%2BP3isHADsEOoQ4WaqHsbS69jVvxtQxkmo9eQVmzxyWiEbjoOxAxi58hNvWX%2BdYzuwHQoNw6dyuH985ErI%2BgFtZI86Lmg7S%2FNIR9SPsvbw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31533c8a1723c-OSL\r\ncontent-length: 69904\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":69904,"size_decoded":70909,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"721b6f52f6774f238e4849424522f47c","sha1":"d3080ed7ef65c3c03e2f93b18cc82756a8655b96","sha256":"d52f0c6f6681d1bfb2d399caefa084f38ce65e099e7bc22e61dc67dbf7ce5bdb","sha512":"510dedd7bf8c58f1b648f09f8c2b78f95dce5a0a765dde944e2d69d0b5511c63b1b5b107ed3d213e3682e73cd201f6f3ce575c0160d9a4a1a55f12aa107e24f0","ssdeep":"1536:BGgiPYdFt+tD7YcF6rZ9FiZ+gxAW7KHV1ynVCEB3M:BXikQD7OLIYgxt7KHV8VCE+","tlshash":"646302c07fa1ef0cd5f07bc362e76b64ecd21d95a22da1d629179f2356afa0214081ec","first_seen":"2026-07-10T09:45:03.510801Z","last_seen":"2026-07-12T22:01:35.261924Z","times_seen":17,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/api/slots/trytostart/games?limit=2000","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:55.815Z","timestamp":1783891135815,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /api/slots/trytostart/games?limit=2000 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 21:18:55 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZqNVhv0SfaapGRX%2F20sBArS3TorevyNK7dFWE2Dt8n60XPWiuTLee9qSqXHpFX5v7TtKJEn5BpY4VF%2F35F9ipHN2S%2BDIcXtCnsEjOUGefqMzqsoRwsWz6Q8SnQWpgg%3D%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: a1a3154edeb5723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":180338,"size_decoded":26392,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (65414), with no line terminators","md5":"d7c45617cb85a52adf093f316fc7d45c","sha1":"d763185a59e74e7a1530d393816bdf27ffb6fc7c","sha256":"f93e5113f827ce3143447538d37682d26223c5a08f19b1cfda71f535a14c02fc","sha512":"47b38b77e2c4ab2aa78fa751bb0552d0b8ec7750a5d3484feda461f299f5d36badba906fd0067bf2645e4c6943c6f04ea65ba92d3672ea4baabffb4fb632d5b9","ssdeep":"1536:l4bLnxB3csxYr5PDZsBTBvUkB0R0UASGtdyDtQ5eb4aei5QfQ7Q2MZsgmTHqBUc8:nnLhBld1y4Fk59oJga59XJ","tlshash":"6e04376bf85ca96ec53cae82adc34f9ed1dca24251815c0d60c68e3dd1e2ec31a19fd5","first_seen":"2026-07-10T09:45:03.500531Z","last_seen":"2026-07-12T22:01:35.295639Z","times_seen":16,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":47,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/community?_rsc=1otn0","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:55.912Z","timestamp":1783891135912,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /community?_rsc=1otn0 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 21:18:55 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IpXzTpIuqMXHNkMakzHUABAH5E%2FF%2BZjyycfLntnme1ja4Lc4KLo5GiNyV4xgodhe4%2Btfv%2FC0f2Zf%2BOklq3V2JpcN8XJD006mbxG2Mu85O1q0vu1VqZMEXUgBCbAsVA%3D%3D\"}]}\r\ncf-ray: a1a3154f7ed4723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":158,"size_decoded":1202,"mime_type":"text/x-component","magic":"ASCII text","md5":"1b0334705ee22e8a7d17bed69bac5a45","sha1":"3465996fda1b5a83c87e02b97b8df6ee0f9bed44","sha256":"f76a15b0ea09f5f901cf09bf4070cf841680c410472ec28c75a2f6ac0d8d2dd3","sha512":"2e444a8bf36dfff8dba923a3fe6ded8a12f0830293d60cd2a7bfc9a0a97849ec2e7da3c860aa937da2f4941a12f0b9b0358cc8061fe212b81f5bb853f8d9879f","ssdeep":"","tlshash":"a9c08c3942983ef66cbb288824aec64f360e430b21c611f0a0934e20f7370a00803de8","first_seen":"2026-07-12T17:38:11.869575Z","last_seen":"2026-07-12T22:01:35.246609Z","times_seen":8,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":39,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/profile?_rsc=1otn0","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.219Z","timestamp":1783891136219,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /profile?_rsc=1otn0 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qankr42nNOO19TBEBlKtDbKxIQ89sEWPzwB78oYZSSHVO3%2FxalGswyqNSWmA2ft9B1qoW0c7EWSmLaWdfOQEZT9c0QwYvR29v9WBHjVvMXU3vPmGRjmfX7ECSj75DA%3D%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i=?0\r\ncf-ray: a1a315516f56723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":154,"size_decoded":1192,"mime_type":"text/x-component","magic":"ASCII text","md5":"748bbf05207b6156f15cf17ba8133983","sha1":"dbaa18fb1807fb2871e0004bf3699c3c53efd1c8","sha256":"1ebe0a4a9f13aa50207ac26a36d9f51792ad04baad6b566811ee69fb6fea014d","sha512":"604509af3847411571ec0f98bb105c288bcfe41078aa0a0a65d95db63681e874fdde02f17f76f4488f4b553218e7f38f81e0173867e2223595b448d5e972a9c4","ssdeep":"","tlshash":"7dc08c23828c3ef6acbb3c8834aec60f660e810b30ca10f090928a10a7b702124035e9","first_seen":"2026-07-12T17:38:11.90966Z","last_seen":"2026-07-12T22:01:35.252625Z","times_seen":8,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/rajdhani/v17/LDI2apCSOBg7S-QT7pa8FvOreec.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.878Z","timestamp":1783891131878,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/rajdhani/v17/LDI2apCSOBg7S-QT7pa8FvOreec.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://serawex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15688\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 05:57:21 GMT\r\nexpires: Fri, 09 Jul 2027 05:57:21 GMT\r\ncache-control: public, max-age=31536000\r\nage: 314490\r\nlast-modified: Tue, 16 Sep 2025 03:40:35 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":15688,"size_decoded":16501,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15688, version 1.0","md5":"d5448938a162ccb434b09f4572c0191f","sha1":"be9eae3d1d9f4fbd2208e0fd3c871b17b65b6516","sha256":"5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f","sha512":"df0245084768642738387f7a0daa11c4bd0109617c4120bfd88083c30d686ee2bd327e426ce0d9ee1f50839c5e2890f8a2a2d7acce3705fe8fa324fe623ad942","ssdeep":"384:Bktl5HsgImpL/2gZDAMAyNWE3pZrsjyb2mf+X:Bkl5MgDpT2g5AMtswpZZ2mf+X","tlshash":"7962c046a5a6b998f4d4ecfb0086542c19bb5ca11c6230f3c719356f5bd3e75cee4540","first_seen":"2023-04-14T01:29:53Z","last_seen":"2026-07-13T07:15:41.198028Z","times_seen":5715,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":41,"dns":0,"connect":0,"send":0,"wait":19,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/crown-icon-512.png","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:52.621Z","timestamp":1783891132621,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /crown-icon-512.png HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/png\r\ndate: Sun, 12 Jul 2026 21:18:52 GMT\r\netag: W/\"3d605-19f1a0f2520\"\r\nlast-modified: Tue, 30 Jun 2026 19:43:48 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZdxE6R7pEXTHLalzSLeYBKm1wrPMrt%2F79obmVpRMGxoEucgoi%2ByDpTNfVl%2Bl8FPaAz3t6DiKUwFmfvNHJ01xs4Olt7mdFNo8Yvu4a2%2Bxl8A%2FjFclKDcp7vdYoFrKkg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a3153aeb18723c-OSL\r\ncontent-length: 251397\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":251397,"size_decoded":252408,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced","md5":"80d4744555e10615fd0705451496696b","sha1":"cdbb7f742437134f1a5d60165acf86ad5213db97","sha256":"6e73823fa9392ebc0bf9d73a2d4125b570b38729f8d9ea310afa814fd6256abd","sha512":"c9bfda11e02a25c4582ae239c6e168d59accaa434e697ce2aa6d510edf759e3a24f623e9219961edf63a7a4a1f0dca027a8f06f505a2a544c73b0d3607457b3c","ssdeep":"6144:NVPLp8eA7j5PdHoachilP1Odjbn36A3EHgbmODh5d/FJH4VAvLX:NJNEtPh8ldjbnKTcp15ddZ4VAvj","tlshash":"8534232db096f918cc4e7f515e3d4f4a95b773eec97db804619865ae8a3d29030c4b2c","first_seen":"2026-07-10T09:45:03.470767Z","last_seen":"2026-07-12T22:01:35.244679Z","times_seen":17,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":188,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/games/trytostart/vs20sugarrush.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.137Z","timestamp":1783891136137,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /games/trytostart/vs20sugarrush.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"36fe8-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fl82TXp40jDFbwoVYN4JwSAODGwMa0QO9Gxva8eMy8EImvRLBS65IpLb1MMDZTXWzvD6ihA6by13Pfl3bflRzEpqrdJq84JPWRcymHQHhcLBsb7aUJmWOJEjnhcGuQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31550df38723c-OSL\r\ncontent-length: 225256\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":225256,"size_decoded":226178,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"f1e286615a1298fed8c67ffbb7a062fd","sha1":"6d101d982cc98fab857c1e865edaa0deadad422a","sha256":"89798d3dedbedf88f7c77bc34e8f649bbc9af94baa31ff893654d9450756e49d","sha512":"bc650fbd189a96f0ec8eaf892e0b2d36e4e9b3d34a2302b2eea30ebd8c5de179a62434607c84951870718c67d54bb6dec43594bf444c23b183627ca687db34aa","ssdeep":"6144:ClVeX67QHxSVJXJ9bCLm7Db2klkC2pLimOj4jIjrsT/kB:bK0RSrbCC7DbepLO0FT+","tlshash":"fd24234d2f7a4eade580b43a0f3e6eebae30d5c69036126656f501bc055b6f0911dc2f","first_seen":"2026-02-12T20:36:03.510033Z","last_seen":"2026-07-12T22:01:35.251667Z","times_seen":30,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":81,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-12T21:18:47.586Z","timestamp":1783891127586,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 12 Jul 2026 21:18:50 GMT\r\ncontent-type: text/html; charset=utf-8\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlink: \u003c/crown-logo.png?v=pm\u003e; rel=preload; as=\"image\", \u003c/polymarket-logo.svg?v=3\u003e; rel=preload; as=\"image\", \u003chttps://cdn.jsdelivr.net/gh/lipis/flag-icons@7.2.3/flags/4x3/gb.svg\u003e; rel=preload; as=\"image\", \u003c/lab/hero/hero-crypto-v2.webp\u003e; rel=preload; as=\"image\", \u003c/lab/hero/hero-vip-v2.webp\u003e; rel=preload; as=\"image\", \u003c/lab/hero/hero-prizes-v2.webp\u003e; rel=preload; as=\"image\", \u003c/lab/slots/sugar-rush.webp\u003e; rel=preload; as=\"image\", \u003c/lab/slots/the-dog-house.webp\u003e; rel=preload; as=\"image\", \u003c/lab/slots/mustang-gold.webp\u003e; rel=preload; as=\"image\"\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-powered-by: Next.js\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O8JHRPqP2ib5JvI8fnEQrQa%2Bu7mzE%2B1bZKjb9FhQq5ISgBNK8mFC4fhth5VRkfp8jza6YiRO6gVz6Blfpgej6LIidhOBExOSovUnUfv1KyrQMluW75NvPTcVBsis2w%3D%3D\"}]}\r\ncontent-encoding: zstd\r\nserver: cloudflare\r\ncf-ray: a1a3152f1d890b02-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Next.js","description":"Next.js is a React framework for developing single page Javascript applications.","website":"https://nextjs.org","common_platform_enumeration":"cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:*","icon":"Next.js.svg","categories":["JavaScript frameworks","Web frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Webpack","description":"Webpack is an open-source JavaScript module bundler.","website":"https://webpack.js.org/","common_platform_enumeration":"","icon":"Webpack.svg","categories":["Miscellaneous"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":145149,"size_decoded":19772,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (36374)","md5":"fad8719861d590bc6648fd61e213bb26","sha1":"25dd1f89bdc2fdd55c7cddb309f8b37546a98980","sha256":"ea82de8a49b2ea52a566fe27e6b1fdb46d86fc5552e5aa750bc26954335722d5","sha512":"2ca953edec140ab9bb532fde15d12e457a275c69e775d6a1396f064b1a322e30d03cbe1b1d210808898a8052cb4c718ed8a99d1be7a7512e9e7d9c61ad8d097e","ssdeep":"768:gsOVpxjnjXu/sDk5wTTwLcZ+4NTfmE1fmndfm6BpnWl4kR/yosbbIPMOqDGTvKRM:GLjjs8k5wTTfNgjW0hIsU0u","tlshash":"f3e3b931f2095c2d7033c585e5766fae70a9c116d31a4518f3bf60b6e7c39faa6226c8","first_seen":"2026-07-12T21:19:31.973689Z","last_seen":"2026-07-12T21:19:31.973689Z","times_seen":1,"resource_available":true,"data":null}},"time_used":3331,"timings":{"blocked":-1,"dns":21,"connect":1,"send":0,"wait":181,"receive":0,"ssl":3128},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/hero/hero-crypto-v2.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.448Z","timestamp":1783891131448,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/hero/hero-crypto-v2.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"dfa2-19f1fac3ba8\"\r\nlast-modified: Wed, 01 Jul 2026 21:53:29 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9cRAfuBwko7Q72YNBHcfvkDV1rll%2BsR%2B%2FoeHRNJzNWkaIDLs01kH1jibC8pClG3ms8Iui6GhpybD8vfddWHyzy6Jd%2F0pB38pBNydKwYLCrZeEvgZlY9YFSzdQjiWbA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a315338883723c-OSL\r\ncontent-length: 57250\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":57250,"size_decoded":58252,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"56c58dba7ad45338604758c52e42af70","sha1":"491d07877f76c506fcadfc44a78f9de50271b96c","sha256":"6ddf7100c55662774a5dd5586a4895e0beda986e0ebb317899bc4029afd121cb","sha512":"b59a876576f35c880216286c5df93e91623335010175890c89f64e8e3b1ffa27a9bc7dcc4729ea30bf503ebfd15e9599fe2e73e96c91c115eaf81168fdf384d5","ssdeep":"1536:xywBsATj+mNGuSdV/idOIuArwisjvouYmptY3:xDTjltvdH/wiKvoZmptq","tlshash":"3543f1193565594a2f015cf9f56b0ed68eec835608ec18635df6714eaceb3430e32d62","first_seen":"2026-07-10T09:45:03.452699Z","last_seen":"2026-07-12T22:01:35.282632Z","times_seen":17,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":47,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/promotions?_rsc=1otn0","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:55.927Z","timestamp":1783891135927,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /promotions?_rsc=1otn0 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 21:18:55 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gdaCDpCGiD4ICfElkmU3F6zMC2SKu8USA%2Fqy93%2FdsqFSC35XFY9VndibWcFxazxE6VzMq0bYJyUYis18Eu%2B2RQKes%2BTI6ZmihRtN22p2BOyAbs38F3O2wC6aJnJHcQ%3D%3D\"}]}\r\ncf-ray: a1a3154f9edb723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5070,"size_decoded":2643,"mime_type":"text/x-component","magic":"Unicode text, UTF-8 text, with very long lines (2646)","md5":"f0df44092525ea87f26680624033f795","sha1":"1615e7aa48eb9cf595ea0f0b8fbf54dc34b87982","sha256":"abe5593e32f24e5c1196a2c2e9279c2b866a0ab8374d6216586fdd45e8367ba9","sha512":"58bbfe01a14a560d62dc8543cddbdbccba1bc659bf8907b39427ab556704be25f224acb21674a329979c41d0b4c35690e362dd6d1312a31c59ba1b52e0388d40","ssdeep":"96:W4SB6Z5ODVIAvZpeOdETypR1dnvX149KhsG60ZiTl+yL9QfWj5zY7qg7H7vkDocT:WpWODVIAvZcOdETyH1FFgtOVyL9QfWjD","tlshash":"5aa1f13fab005e7fe7eb4152449f6249375c4b3bab50c9b6c0ed4e18028a66d3e953a4","first_seen":"2026-07-12T21:19:31.976474Z","last_seen":"2026-07-12T21:19:31.976474Z","times_seen":1,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/api/domains/siblings","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:55.935Z","timestamp":1783891135935,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /api/domains/siblings HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 21:18:55 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncontent-encoding: zstd\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HvA9vABpgS%2Fi0gnz2pXAMCxIjR1k4Jx8IAB%2BwhypjF88MNw9Y2tdNWuiMIwtN2GV61X1QS9X3b%2B4nJMald1v9bGG1dObwo6GuK6cCqcTGC4M5P0iIq%2BKJW36YkVwyA%3D%3D\"}]}\r\ncf-ray: a1a3154f9ee6723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":251,"size_decoded":1159,"mime_type":"application/json","magic":"JSON text data","md5":"cfbe197c66f5e66ed6d935eed3bec7a2","sha1":"60b01699d0d3002e31b304049f5f1277dee38f21","sha256":"5c4ffc75f248bcdbe5fe8078a08f291ec3a0ae37f617cc5675a4d9b5c09973a5","sha512":"fe85fbdb6b9066fc69b0a89f4a42e00985b3b1a9ff730ea7ce18e62d90f1427ae6cdfdf159411ca786645601d226490f3e53fa16999c55a32b47affdad901554","ssdeep":"","tlshash":"69d002049b48859449454476b87e4e8475bc1cf5c718c6f08432d101427b38e1c6c8cf","first_seen":"2026-07-12T21:19:31.978225Z","last_seen":"2026-07-12T21:19:31.978225Z","times_seen":1,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/slots/big-bass-splash.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.463Z","timestamp":1783891131463,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/slots/big-bass-splash.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"105be-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gATuHGo5p90%2BX2psRCnuiIxcBhHlKPRV42Ics0z49K7UlWOv%2FpL5rsn1n8LZcjyE9Uue6TVMqa6%2FqfgMnh75kBSK2SgG74H10nbGyiulkwklE7YyfJI79dK0LCTfJw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31533a894723c-OSL\r\ncontent-length: 67006\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":67006,"size_decoded":68007,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"862f079aaebca7a9a7d6281477920833","sha1":"122ff8ea76c323dfbd5884d328d07a950af1703b","sha256":"917a5f0533529b7796b0d8e07cf304b7edec38169b6accaebd163c0775b8ff8e","sha512":"d6a81891abb189520f4fe8688057e024334449f28430778ca79e0c94e89cc944d141253448248766701e647cd11a957cf95d0abdd9d88d50cf9a5e1d78e5339e","ssdeep":"1536:Rj6UVBfMz71V3m5xMZs5u7v3XJtDFbBa4Bnp8CaE6j+CL8v1d:RbSz71VWCdJlX6iCYD","tlshash":"5f630297af62dce98f029830765ece909ba1c47404f780ac8f050e1eb7f87a97391c59","first_seen":"2026-07-10T09:45:03.563064Z","last_seen":"2026-07-12T22:01:35.261302Z","times_seen":17,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":51,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/polymarket-logo.svg?v=3","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.443Z","timestamp":1783891131443,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /polymarket-logo.svg?v=3 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-encoding: gzip\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"31c-19f43a76a28\"\r\nlast-modified: Wed, 08 Jul 2026 21:34:33 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sfqrEPHb%2BrIf1f0oM2FXydRublvE%2FQQc4ogXXTTG%2BobX8M9AY8%2FWygnfP8jLiaABcIWAYVtyBIUHx0wVC3UiguLGlOF40uOmqLMpSRWxctMMYGb8mkdkQZv6pn3TyA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31533887f723c-OSL\r\ncontent-length: 441\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":796,"size_decoded":1490,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"96f4c35ae667bc254a3cedbee8fea5ab","sha1":"557c471948ff981c73c4baf00f14a24a8760d523","sha256":"51a29787758e3ae48fc9d0a9e982c7ddf1111f4c4967c4bc85e2067810b572c8","sha512":"1a41f905ffffba3a39763a85f7c55dcedef2c1f5a8c8c4f117976c753f3978822f32b5544f2480271815514109a7549a52204adf78a6879b8764ac483f9e4cce","ssdeep":"","tlshash":"ce0115dee044c46d5c1cca57cd3567dc6ca354f367d2461885159a1c7013bee9c036c6","first_seen":"2026-07-10T09:45:03.499638Z","last_seen":"2026-07-12T22:01:35.260721Z","times_seen":17,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/login?_rsc=1otn0","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.314Z","timestamp":1783891136314,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /login?_rsc=1otn0 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QvxBRP0wsTR%2Bd1a0zAm%2FRWVfpVMIJL3sRhPJetk6zAZp0bt0ujqYa3KWmnm%2BnipvG2fHwu6P2QqmK1mkyeZ4wImfSlaaf1JyEqJ2tvYNhObSjos22CksOJDZj16JIA%3D%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i=?0\r\ncf-ray: a1a31551ff6e723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":130,"size_decoded":1185,"mime_type":"text/x-component","magic":"ASCII text","md5":"757bd258af89053ef88d4e973f43e89c","sha1":"fa2d69810ed2575455cbb8c822eab15f54f417c9","sha256":"40cfb2a00717929e54dc53bb7372baebc53d67ca4fcd31c0a8c4912fcb494b72","sha512":"1676769f2db650436ce9f38dc74ac43ddc7277afc5d20b3c616a0919f82f6328d10839e3544455b48bd6c25dfbed9b7cc26b06cd417ef19e1987adf8c5e2d61f","ssdeep":"","tlshash":"b8c09b31870d6df55cfa25c1421dc79b761d430b21d459f4d1b15b106f771215a475f4","first_seen":"2026-07-12T17:38:11.666876Z","last_seen":"2026-07-12T22:01:35.303828Z","times_seen":8,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/slots/fruit-party.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.481Z","timestamp":1783891131481,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/slots/fruit-party.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"13b8c-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nPqH6%2BpfbfT89O7ApZk41TtGAd4mN8olPDZmjq4%2BgfBXqUCg5pKLe2js%2BtEW%2FpD1fW27Ro%2FaYf7DFp0gT44UMIoz%2Be%2BKpEvMu1aEfUz9h6lUoO4iy21bi8lsuaqcSA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31533c8a4723c-OSL\r\ncontent-length: 80780\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80780,"size_decoded":81789,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"76124d66fd092f1fb46a2fd2d5baea5b","sha1":"a018a643b11d58fae6dd05ab45649a1b1ed87654","sha256":"898d2a436e53af8b4b276cdbe618f1bb8180726af0f59360789b2b2a9d8f9604","sha512":"6d50bd5aec5f9831e6f2c6a83f347530b1849abbccbd6120f11c32ca00b916cfffe9d30fbaed1538f3fa94372ca75ce6c3cd992fdf2bdc76bd353fdc9263a59e","ssdeep":"1536:FQsFiQFgi0PoyiGjaRt8HPYQ+3elQO0+Cyf+klBCsRR+PWVpWwhxP5EqUncxT2:FQkPT4iGjaRt8HPYGlQb+aSR+PWVpbVw","tlshash":"198312289c92e5274b45d345c37e570ae89f0de77d032ad6e40f97d2cac1639f82ac68","first_seen":"2026-07-10T09:45:03.482021Z","last_seen":"2026-07-12T22:01:35.320765Z","times_seen":17,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/avatars/avatar-03.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:55.899Z","timestamp":1783891135899,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/avatars/avatar-03.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:55 GMT\r\netag: W/\"b4a2-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xsE8cpEhL03FqQQ7pnxNjwQ%2BGHUgoG65az0xeN7Y3nKIJwkM5aabU9vbiBlqi%2F4fzThXViNFnZLoSEbTs9MbqG56Umz78bZXnkY7x%2Fg4kN9Cq4Ax2EC11xuhyJrQKw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a3154f6ecf723c-OSL\r\ncontent-length: 46242\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":46242,"size_decoded":47242,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"4fa74b80fc23a23ba9722e49be63a1e2","sha1":"1528f3b571fa660a31c45512b9e03553e98196c8","sha256":"b1bd6d8981b4f1567ab01976abfa8ced2a98cbaa78c8797b705353358a037545","sha512":"e1dc691b8ce5b9a5967c0a68b07789240f8780229c66086a289d3111a3e5bd532d6a8e98f012a0eeda7b18766b9945d49e1983fc9c5dbbbf79ec0d165d2b092c","ssdeep":"768:w1QjAVPlh5VliciOsObs+1nZSlK7NVOv/FtdM0tPKiHHvKo6IkECeVW0D4bq:wh39imbfbOvvC0NvKo6mbxDy","tlshash":"5b23029f7b51abcb0970a3b1545f8bda7e58f43941e27337eba10d908fa025d0825c6e","first_seen":"2026-07-10T09:45:03.501591Z","last_seen":"2026-07-12T22:01:35.284527Z","times_seen":16,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/images/payments/ethereum-eth-logo.svg","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.485Z","timestamp":1783891131485,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /images/payments/ethereum-eth-logo.svg HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-encoding: gzip\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"541-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AXsFpG6E%2BYYK5BesjD4en%2F8vcAfbSFaZK0s3db9Qd13AH%2FOe%2FWKAvxP35ZovTC6YrJ5eQ0eIQvoTAOirLgSHUJ2JSgQ1bzC4wse%2FB6LUZDCO5BgUbMIzOVafzP8lqQ%3D%3D\"}]}\r\ncf-ray: a1a31533c8ab723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1345,"size_decoded":1563,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7c19954628081bf6fd772fa0d0819547","sha1":"9c1d03cc04bb9d2e2f8577ad561abb9c9ac9dae5","sha256":"066b2a60df66fbe2c11bbf7d37201552fd27e4edca73cac4a3e7ebda3ceb2486","sha512":"3f40c39fa2e06194f6957ad2bb7cf6c752dd9ad12eaefe891a56380496d85f383331fc4c557b42f3cd897bdfa02c87d4f27ff457b1c11ecdbba6053ff2549ff4","ssdeep":"","tlshash":"fc21eef5ad9e6991c5fe83b4b5fc91532853c0cf008a0880fac07681ac066fe4e42adc","first_seen":"2023-10-24T01:06:33Z","last_seen":"2026-07-12T22:01:35.247599Z","times_seen":825,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/images/payments/mastercard.svg","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.488Z","timestamp":1783891131488,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /images/payments/mastercard.svg HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-encoding: gzip\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"204-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NNSd%2FazpJeKsBZTnBy12%2BKVOPc7y01RfOUbd9UkVHH%2Bj6vjcau2K56b1F2ARAI1MYHwYBCuh4qnN3TFw%2B3tRRFNXaYfBKwWo5uvVRheFN37BPJIVKI8hnYoQCtvNaw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31533c8ad723c-OSL\r\ncontent-length: 278\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":516,"size_decoded":1253,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5b10a5a92e4c713db4c2296ef3383274","sha1":"d4e8b3ffdd780a0e0ddd7b910410e94de00fabad","sha256":"228689600d87172162ceaaa0befff30ed32810abbfec1120b3a09613e37c4c9f","sha512":"567cd2a0882e6b1f9808a4a413db172f7f1b96bd82653abba4d578de6c03fa278d3f16ba0fb9cff5c0d93f7f669a371d80614253f01d002a1cef1e12524eaf9b","ssdeep":"","tlshash":"28f027a0e08790344819465c6f6410212e0fe2c8e344853eda52f5f53a686efe07b9ec","first_seen":"2025-06-26T00:57:44.560445Z","last_seen":"2026-07-12T22:01:35.27063Z","times_seen":22,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.869Z","timestamp":1783891131869,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/dmsans/v17/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K6z8GXhnU0.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://serawex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 36932\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 04:44:35 GMT\r\nexpires: Fri, 09 Jul 2027 04:44:35 GMT\r\ncache-control: public, max-age=31536000\r\nage: 318856\r\nlast-modified: Wed, 10 Sep 2025 16:31:03 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":36932,"size_decoded":37745,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 36932, version 1.0","md5":"7c87a648293fbb5b2924aafaa59e8aea","sha1":"c57593e0adc4cf99dd9e67cb782242220a061a9d","sha256":"9fea608a947e67020c33cad9a6fe3d60c54119dfb8cff87768a8117a15ed7543","sha512":"764ced325a768dca84e1fb0cc458818239ce379dbcbdb324ee8849bbe15f54e3f0254ae6e52ee5a92741840637b4f9885d246a0978af23176b3acfe5b9cec23f","ssdeep":"768:mMQPOAQQKW6GccoXQ+OGpHNzXgtDM0SVu7P3nqtPl9Bf2csDpHUjbYE8j2:mMQz4W5og+tpH6tDJku73EPlPOcs5U/l","tlshash":"c0f2f23e7ea5691487c2b0be506b00935344c9bd37c18121bbb953f44ea67addc5d63c","first_seen":"2025-09-11T17:08:25.889763Z","last_seen":"2026-07-13T12:08:36.203591Z","times_seen":29708,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":44,"dns":2,"connect":0,"send":0,"wait":34,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/5708-926a5cbb3579d1f7.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.423Z","timestamp":1783891131423,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /_next/static/chunks/5708-926a5cbb3579d1f7.js HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"6924-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oHkR8yWEroWyOQhv4RKzolS4V2EfSwvrwjd%2BKcziPN2V06AoXk%2FzeCQCPlkaEM8rs2N84am1udSeETY8eGlXXedwNXDQczkp74gVJp3Qnc4UnVrpBX90Zn3PBD9ldg%3D%3D\"}]}\r\ncf-ray: a1a31533685e723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26916,"size_decoded":7032,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (26916), with no line terminators","md5":"b58d901009e5dd078ec84a30e48e151d","sha1":"f871fd5e9a02a283c8e31a9be700e4ae15715e17","sha256":"0faa839769526c3620c7c8f7bc9b4b78004ef9980c103cd365079fbbedff3ab4","sha512":"b31d347b922a69e047655ced69bf8b14f63967d19b9b2df4b68726f51b5462170295305ad351d502bc84613fa23d89898c53400e8ce7adfa908d20f7c8ccf899","ssdeep":"384:u4daU8llCsp4PSOIX+lhs1UW5KRJ2YE7d2BzS+k0JQu2U67PMvia+MT/BuM+Mn4U:u4davGFu+j22","tlshash":"f1c27019aa4ba4bb87f116ef697d0b8401af075ff548ce17e529cf183347a252c91e2c","first_seen":"2026-07-10T09:45:03.479914Z","last_seen":"2026-07-12T22:01:35.306961Z","times_seen":17,"resource_available":true,"data":null}},"time_used":137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/css/65910d15602bebdb.css","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.399Z","timestamp":1783891131399,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /_next/static/css/65910d15602bebdb.css HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"31f38-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gZ0T5m7MXkAAAJ3mvMFcWtmBpzHe%2Fga6Q4huperJFGJbLPJUMvRdII17JOwoFfAGGukoQHol%2FTSFM50%2FigtOhe%2Bpx99CuREQeiC6DZWS6j7%2B9N3SG%2F5hzmRUKNlFog%3D%3D\"}]}\r\ncf-ray: a1a31533483d723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":204600,"size_decoded":31950,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"700cebd09c3c299cefcf95a2db9df5d9","sha1":"92327324c0a826656c708bd6caaf6b543d5b5c43","sha256":"c1cc07b695cea585a5986a797bf683e40175aaba9b113bbe46de4870bc810c9b","sha512":"20422a13fec2bd443071009d9c2a78814638e785725eb8c1db261cd43f92240325c9f68073d2713b9dbc276766d95f790e02dcb07127ebb6911913145a175590","ssdeep":"6144:QIjgxKfrm8khsWOshvZc/Xt3oVvAaz1NGGF+XtfKhRcOJHV6tyCsU9baLoofhhDq:FaBqZ","tlshash":"e8149670f6a0607bbd13b1fde7dce44cb50aa096ad229becba61651113d37f62d53a00","first_seen":"2026-07-10T09:45:03.520448Z","last_seen":"2026-07-12T22:01:35.245297Z","times_seen":17,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/6820-e593c9faa2a09980.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.413Z","timestamp":1783891131413,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /_next/static/chunks/6820-e593c9faa2a09980.js HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"29fc-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CYlih0hhL1jF9DBTFjcO0yqL6SVIUnhPil8uUDZES2q5%2BBkSHS%2FleREs3pemf%2FhkO4E2HcHSsZDFJ31JzjL71kS41rBjUnQqq72ikIfUIxaipoGM5a21CwpXKr0Muw%3D%3D\"}]}\r\ncf-ray: a1a315335852723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10748,"size_decoded":5237,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10748), with no line terminators","md5":"5c1e6130f49137ec5692ac319914a3f5","sha1":"e2db6215232326cd4d627e0f60c9a2c0ebc01c74","sha256":"131356516768ecf2507d0f76b9a7e9908b01e31dfc8df88329705d2e2afc3222","sha512":"d69ad7e662752ba1072c4de3574746de1675d7c123fc8c86dc45531e3ba9df2435998247276573ffc511590437f9cf1f4a3eab9c59d8e0ef9dfb3fc717e73b12","ssdeep":"192:WL9p3LRi2cihbDVksxQTu5c4tMSojxugZNYOHCh0wMcGW0T2vJVkwkFFtzQj:WL99Rx2Tu5cAMJVjiqwMcGW0T2vrkXbu","tlshash":"5422c8d9b5d1f8a583ab4090443f100bf2795d75281e5184e3f95ceab9a045ca2f2fa9","first_seen":"2026-07-10T09:45:03.49158Z","last_seen":"2026-07-12T22:01:35.290779Z","times_seen":17,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.874Z","timestamp":1783891131874,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://serawex.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: font/woff2\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\nexpires: Mon, 12 Jul 2027 21:18:51 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49332,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-07-13T12:18:10.107777Z","times_seen":233449,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":43,"dns":0,"connect":0,"send":0,"wait":57,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/slots/sugar-rush.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.454Z","timestamp":1783891131454,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/slots/sugar-rush.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"12dca-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Wvz2Bbmhh3Y0mItBazTlvJv2wuX9JR0q8OI2zNRi%2B1UDmZg15w4KsX%2BaR%2BJyWdGFDUrgqHRMtPXNgCW551RalJ1FdYFOm8dL7d8cVyjRNRPDkY4oUZWL8OWpGa0VqQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31533988b723c-OSL\r\ncontent-length: 77258\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":77258,"size_decoded":78259,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"bf41d2e5df715e30ae5765e27035f41e","sha1":"dcf2c0669dd20ad1b99ea77df4e3f6ccdeead5ab","sha256":"f737baadd156371777dacf433a53ad815758d08052959eb468d9f88e061ad90e","sha512":"b6993d81aab072729107d0d1d86fe16ccdf884f439d987f4cad006dc18158deeb30976237f695a306f65e299f828bee73d82148e2b0b09bb43249dede4c8558f","ssdeep":"1536:HMA87FnJmqOd5Zq0NK7TL4poJXAtB7QN1bbY:HpUnMq+u0NsTkoJXAz7+1vY","tlshash":"da7302d366435f630ec3b099ea9c8feabb66511cf0f602071e6a8744359c974a06eb74","first_seen":"2026-07-10T09:45:03.490538Z","last_seen":"2026-07-12T22:01:35.250373Z","times_seen":17,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/slots/big-bass-bonanza.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.470Z","timestamp":1783891131470,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/slots/big-bass-bonanza.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"169c6-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9w5Ja3DOhW%2FAeGT%2BE%2F%2BnNbvFNFp1x%2BUjacKNeuvveiWoEM1N3%2FwU%2BWp1H%2FOWcNJWiDd6QdvaDyNIbkViZFrNimoxxs%2FaC9iNXOwVNQUqxwC2L7COfVdnyDfkLjCkCg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31533b89f723c-OSL\r\ncontent-length: 92614\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":92614,"size_decoded":93627,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"443881f8c79d4de0a637df4ce96b3c19","sha1":"cbd10da798bfd8caf5d234360dc274c93b600900","sha256":"2e4b3955d6828099b57a5ccc9d325301b8abb126295de75f5317130d43a76691","sha512":"4d88e453ae4284e8fb7c32ebf84c645b5999e417279bccecc045871908df72432d08792bff06f102720ded6ebb7c282c54939150ce7d9125c2cb1b63e9f0bf98","ssdeep":"1536:bxW89UOQSeptnJIDxEwfsD6bM/o6mcf/CVu87qON304H+1+tydijszMYrFVGL:bxWMUOaudPs+bMA6NKfX304HNIdig4Ya","tlshash":"619302db442be59d773b0bbc7aa98f7669db11446824d316313ca0253af826184ec1f3","first_seen":"2026-07-10T09:45:03.456319Z","last_seen":"2026-07-12T22:01:35.307519Z","times_seen":17,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/api/site-config","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:55.731Z","timestamp":1783891135731,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /api/site-config HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 21:18:55 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YW9fVkhJAl5b63KnaBRlOnM4zzydP7GeJ1W94r3E0B9IqxW7pSGJDTTIMtPQkMwWNhKKD%2FVSMemkCHYtT53XGlwb1%2BfifaxshniOPvp3guASg4U1uVN3rxa5Bq0MCQ%3D%3D\"}]}\r\ncf-ray: a1a3154e5e93723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":684,"size_decoded":1512,"mime_type":"application/json","magic":"JSON text data","md5":"6f21b9eda8ca23101c2ed659cb51bbc3","sha1":"b3aadaef9349896c7ce65d5d75266f497dcecfd9","sha256":"263acefce8d31be8744752b012736ab58af15d981712aa26c3073ab5745f3ece","sha512":"f094a9bf9d1e0ee49749d3b7bacb6cc3f7d7aa7e2347caeaf685055e05172dbc9dbbef8e9b44d5c530169fcce405375f2259a3fca07803374d3da3713dbf281b","ssdeep":"","tlshash":"50012317436e2e2737e570c07d9f7c8824c815f49a80f8350d0d599446a73059cf83ce","first_seen":"2026-07-12T21:19:31.989907Z","last_seen":"2026-07-12T21:19:31.989907Z","times_seen":1,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/avatars/avatar-03.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.025Z","timestamp":1783891136025,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/avatars/avatar-03.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"b4a2-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NWLK6yD8Rp%2BFD491m41FOy8pyd0vQot2O3Ags2lVpY7oNC9d9c2pNYpqvH5%2FJIqnuwAmzEJkjQBzz9XZixHG0gz2%2Fh9stJHvCUTo62BW2rm46ma7Yoffv0sKsRO7fQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a315502f0e723c-OSL\r\ncontent-length: 46242\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":46242,"size_decoded":47245,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"4fa74b80fc23a23ba9722e49be63a1e2","sha1":"1528f3b571fa660a31c45512b9e03553e98196c8","sha256":"b1bd6d8981b4f1567ab01976abfa8ced2a98cbaa78c8797b705353358a037545","sha512":"e1dc691b8ce5b9a5967c0a68b07789240f8780229c66086a289d3111a3e5bd532d6a8e98f012a0eeda7b18766b9945d49e1983fc9c5dbbbf79ec0d165d2b092c","ssdeep":"768:w1QjAVPlh5VliciOsObs+1nZSlK7NVOv/FtdM0tPKiHHvKo6IkECeVW0D4bq:wh39imbfbOvvC0NvKo6mbxDy","tlshash":"5b23029f7b51abcb0970a3b1545f8bda7e58f43941e27337eba10d908fa025d0825c6e","first_seen":"2026-07-10T09:45:03.501591Z","last_seen":"2026-07-12T22:01:35.284527Z","times_seen":16,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/play/1164?provider=hacksaw\u0026_rsc=1otn0","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.391Z","timestamp":1783891136391,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /play/1164?provider=hacksaw\u0026_rsc=1otn0 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DJcnIYL0Z4DJY7whRTvKawzrpGxxdlvNLXzJVn%2BfPIqFYj9BdFXpx8yMfxQRJND9HNkbQI61Vd2JnyKWsItyIn1EcRmc8w3bmTRfTpq9HLB8v29nhTbDMtbLDYmMBw%3D%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i=?0\r\ncf-ray: a1a315527f80723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":210,"size_decoded":1226,"mime_type":"text/x-component","magic":"ASCII text","md5":"98ae05ea98c842962bdab96741a49fda","sha1":"169d031f7e1948b0ababbc917473af5542ffe560","sha256":"34e651b58ba6694c48b3fd74a6e3d7472b646241cb668a078a9d2841496b4c4d","sha512":"009407db9f0ed842bf9eec889100a22d5bcabaa0ed8bd2058c3639f1c793ad111fe9bd9dfa5ed0eb6a46966c8db8377ba18d7926b8530cc7d26a8f737726b7ba","ssdeep":"","tlshash":"4fd0a72647053bf16c7a1884457dc65f751e100b61c806f180935a31536303155035e9","first_seen":"2026-07-12T17:38:11.922317Z","last_seen":"2026-07-12T22:01:35.285833Z","times_seen":8,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/slots/wolf-gold.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:19:04.829Z","timestamp":1783891144829,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/slots/wolf-gold.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:19:04 GMT\r\netag: W/\"e082-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: EXPIRED\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pjmpIbxMwh5X2hH8f6wts6jLREi4uBWbavSlksOvtFk1Dkp2bHVk1diBxhuxiQEGsv0j44p%2B5x8XYzD%2ByWsSpZ1KEYXg1SWetcGbFgZu8Y6fGw7x9SAfyH4syzid4A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a315873d16723c-OSL\r\ncontent-length: 57474\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":57474,"size_decoded":58475,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"6705cd397c489728422c0670b86b5901","sha1":"c4de9ddd398312a49b6851018b180cf61b0b7deb","sha256":"44d27f27efb951e48ffabb381be0b255de5b0555f7d257b4ab5b297bcff8d5a2","sha512":"3035ba279c99aec13340c48187b829d2ae8c47dbe888cf5eedf2c591db098d2b1538d7884adca587828e5878ec992b4e0471e5baf74d80779768462ea3cfe397","ssdeep":"1536:U37DpmX6h92fm+68Cf2g7OE3mWwpRAUiKeyUo6xTsL:UrDAX6HE8CE2WwSUiKe1Ji","tlshash":"0c4302c18280cf866909c979e8b441413463051aba97b5d6fe1afaa20bdf14b3cdf13f","first_seen":"2026-07-10T09:45:03.458684Z","last_seen":"2026-07-12T22:01:35.255734Z","times_seen":17,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/main-app-f3336e172256d2ab.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.408Z","timestamp":1783891131408,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /_next/static/chunks/main-app-f3336e172256d2ab.js HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"23c-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z6nfirOseMUHKvuhyBDSsfzEOYvsKuFTGTQ%2BKMCl2%2FyBKHhYiIq%2BPnLjAPrb5V12qiEhRDWHGidZH4xDsDh3SBDr6TdxLoPLpusFUq75ekMxruBVAEgI6TXUUz6zCg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31533484f723c-OSL\r\ncontent-length: 239\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":572,"size_decoded":1253,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (572), with no line terminators","md5":"39016df7484bb925b0b0fe1905ddbceb","sha1":"088ce59eb609b8c19e00e2d93e10d33b75578d7a","sha256":"91801d552d3e97ad6aabb535c2d8eeff31bab152fb2448b8556373894e7d7215","sha512":"41618a49d22f65beb83086c769a8c67e5ba76cbd01b838ee2ef88857171a333a9ee680d08d182a3ef65393eef1b4d2984c122e3d4d0913e82c0f0e9ee004e46b","ssdeep":"","tlshash":"8bf0d69a4f0cf52f5d26ad65fe97ace2245f4175202b4e606901ee613c23bacd270404","first_seen":"2025-09-01T15:30:28.522834Z","last_seen":"2026-07-13T11:41:26.835456Z","times_seen":634,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/app/layout-3f0574c4e5d40333.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.432Z","timestamp":1783891131432,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /_next/static/chunks/app/layout-3f0574c4e5d40333.js HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"7968-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1zZaQ5zT2IQDiYlEb%2FRv5CghSjJTnqpv44DWpaEWB9yB49%2Bm0rn2CXRIH5Rgz%2FF9OUztCLVeM3yckAt7QkizTJ2hPBKSg54Y0HHUrJp%2Fm%2BSzUEFwj0gvhfL9B1i2BQ%3D%3D\"}]}\r\ncf-ray: a1a315337874723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31080,"size_decoded":10071,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (31076), with no line terminators","md5":"c0d11d52032af6ad193ca67a8408c35c","sha1":"8932c0ff9004f3317bb6d2e2c06693f5f855a761","sha256":"6165148d41738b1c671dce4457ec8f9742d6b4489d0de7f6c916b30a77d5f34e","sha512":"7a88391810320df94fc5f40b777293396b0f6fef64aac6c6ba2ac848997bf81dd11dc7cedbe7fbf16e450fe788117fe66f79dae4b072b67724e99c13c2590fdb","ssdeep":"768:+s5XQwaevuPsAc9kxPsAzea6AZZGSYY2pxJuFFdYnQ:+s5XQwaevuPxnpMpxJuFFynQ","tlshash":"80d21ba6920a293cb5b245e8663f910cb17f6b25d72e4414b7bf2c313b498cd92727cd","first_seen":"2026-07-10T09:45:03.495816Z","last_seen":"2026-07-12T22:01:35.275778Z","times_seen":17,"resource_available":true,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/lipis/flag-icons@7.2.3/flags/4x3/gb.svg","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.447Z","timestamp":1783891131447,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2026 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 20 May 2026 15:48:47 GMT","end":"Sat, 05 Dec 2026 14:48:47 GMT"},"fingerprint":{"sha1":"D4:05:C2:EC:C7:EE:2B:D0:08:68:0D:3D:33:77:48:78:43:E7:D1:E1","sha256":"ED:84:90:EE:71:BC:6B:5E:B3:D2:50:B0:23:3A:06:0D:E0:50:C6:B6:A9:09:36:E6:CE:FE:E8:66:89:EB:4E:C5"}}},"request":{"raw":"GET /gh/lipis/flag-icons@7.2.3/flags/4x3/gb.svg HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: image/svg+xml\r\nx-jsd-version: 7.2.3\r\nx-jsd-version-type: version\r\netag: W/\"1f8-Fh7iCgp1uwbU8sqazbsTfZqWPOw\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\nage: 982510\r\nx-served-by: cache-fra-eddf8230141-FRA, cache-bma-essb1270029-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 284\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":504,"size_decoded":1050,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6dcadf6916764560c2f1fec586e2c1de","sha1":"161ee20a0a75bb06d4f2ca9acdbb137d9a963cec","sha256":"c8be1e7208798a4ae692ee1e937065d498bb29e741943f6172b29118b8ed8066","sha512":"b925b9042182dc31f953ebfe2bbe666822bb9a56411fc1045d46b5b20e68effe25bd6ce65cad1bcee3ef9008768bdb8221f66573d8daa27c60a8d004acada0a1","ssdeep":"","tlshash":"a0f09ec8d32d7045c70793104cbcf8e3d4d962ce559400dab4d09ae4216e7a7d8d7d91","first_seen":"2023-12-20T14:16:02Z","last_seen":"2026-07-13T10:17:34.001497Z","times_seen":3877,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":2,"connect":9,"send":0,"wait":9,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/api/reviews?locale=en","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:55.813Z","timestamp":1783891135813,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /api/reviews?locale=en HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: no-store, no-cache, must-revalidate, private\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ndate: Sun, 12 Jul 2026 21:18:55 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\npragma: no-cache\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Host, X-Forwarded-Host, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zDejBAo1ZDbHqH3Wn9wWIxpsvxIc9ZVaqxAwMtTVzGywiqfeoKdibTsKWS%2BLXCkpsKL5evPoX6VBHtxqXnJSp4edjbERmDcsTxCRPycdmHAp96NoEYWeiBAnC%2BFD5A%3D%3D\"}]}\r\ncf-ray: a1a3154edeb4723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18928,"size_decoded":6354,"mime_type":"application/json","magic":"JSON text data","md5":"d16e373ccdd16c5e3e1f4d323449985a","sha1":"4f0be4b252aaaa30ae2f1fb5faaf1a47f4bd69e7","sha256":"ecf27688680d4cd4ef724bfa14d5b9599c6c53f13c8659747ca7adc6d66cd3d7","sha512":"e8436522448eae9b408b8bb4d4dfaffe07f4552cbc39b540fae25151c19c2e0ff993a75f8dbc873de8ad99eca787e4977686d4bf230d084179d819fa6c207097","ssdeep":"192:3uYByNeF6PSGNfHaN+NuYdyUpVEYiFtMnVVqqnRpldQdMn3kaeJ4XgA/57ZUnRvZ:BY90UvVNd3kaeKenVi7mi0cRHHEi1eZ","tlshash":"598264672518223c7a7220eac14b7fa4371cb9327712dca0ed0fcebe41e21f9447649a","first_seen":"2026-07-12T21:19:31.884951Z","last_seen":"2026-07-12T21:19:31.884951Z","times_seen":1,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/games/trytostart/vs20doghouse.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.145Z","timestamp":1783891136145,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /games/trytostart/vs20doghouse.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"c71d-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bLgfUkKyek1QKFEyeFKcAReppyTAgGvaACYHrrV0UkPkUnHLxv3FKdTtUtlXJhwvLhXFTzNq%2Bo3iU9Yg%2F28%2FQUdTcDB4a2qUZD%2FIshNxcAFYDuKCC8kMWltfHkC8tg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31550ef3c723c-OSL\r\ncontent-length: 50973\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":50973,"size_decoded":51901,"mime_type":"image/webp","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 360x472, components 3","md5":"e01e7dd2ed5b17e02bdeb34c09d2afed","sha1":"2f200ecea22af3478756569edfb30b72e45dde54","sha256":"1d195ef122b4e40d3305fc65cefaa7c5c967c1688533db98da9a4bad93a2c7ef","sha512":"038a542ea1cf08126b558d06a1025b3f4751c3af2bf7a388bd79678c8f5867c88c596513cd4d1a8035632783c8deddfc0999e9261742d81bf6ce4883c2063b14","ssdeep":"768:hYyBIClez5YsfIlCTuxHhs4QVz4cQ4ZgXrslVtBzLsaJc3sg2UlQlm90bE+VJp5p:h9plemtlpeDVzxos8Sc3zCweNfvv/31","tlshash":"3433f2f3bfffd21bf879f235c0a925f1433916b61329925bf1591b2c10906c8295984b","first_seen":"2026-07-10T09:45:03.447671Z","last_seen":"2026-07-12T22:01:35.292417Z","times_seen":16,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/news/how-to-buy-crypto.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.203Z","timestamp":1783891136203,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/news/how-to-buy-crypto.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"137f8-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eox7z29o2pfWOiIKAS3joNHVOLH8JfnQar2Wqzr2itLIVh0HA%2FJrWIAp0yZex8OeLLMotbaMYZ7KLiKXmBj8mPMgIKAe7Yns%2FVwlf8IZJGdHucracMZYkLSmJVYvsA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a315514f50723c-OSL\r\ncontent-length: 79864\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":79864,"size_decoded":80863,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1376x768, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"1107d21122506f88e0850792ab1fcaad","sha1":"30d895ba8c7434e748ded830911cc67a502baa28","sha256":"9704548ed0dae59ff4ce90cdde49cf54d0ed4bdcf9c4347235d4fa2da39265d3","sha512":"8a81780ea3078a9edb6cd267091142643ff671411b5152501df605d03186e070012be84c5dea9406f4067c07ef7c5ccd50aa399ec90bb3c7bcb65030d7cf6234","ssdeep":"1536:Hg62YCdvJWD5zcs/FGAFmu2J7hLSFAmdNb2V6WEvwpVkAPWWr33qM:AtxW5zcssBVJFLNCNb2kzkVkpWrnqM","tlshash":"91731222c523bf9908717e948403d04bb9205562d2e43b0a97b26adf6a334fe39d5ff5","first_seen":"2026-07-10T09:45:03.461412Z","last_seen":"2026-07-12T22:01:35.290266Z","times_seen":16,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/register?_rsc=1otn0","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.317Z","timestamp":1783891136317,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /register?_rsc=1otn0 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tf7mSMTF5iNHiNe2GArZGwbOCXgo8h80L8EnQTiYzreBzj0Bp1s7C4xBOHMRqgiXmnZwL8fzXtBKB9njbbmpSBdoxSEE8VKa71lmUHcHLJQ2rR12JjhXYJdjrNEr8Q%3D%3D\"}]}\r\ncf-ray: a1a31551ff70723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":189,"size_decoded":1203,"mime_type":"text/x-component","magic":"ASCII text","md5":"a32d94d91933902b4b05f3c8a735b560","sha1":"8920b174f43f30bbe53a5915b17f6ccfea6df3a0","sha256":"61e50f01d990079ece93a0c44410d3219ed663a3dcebb1fae2d4093bf2336dbc","sha512":"f4d80ee278294aa87a8a3ad34739cebb09409993c23c82e4c397b4fc7acb0aa0bc739c8ffd649aba0c45384582d03351f7f41cf2255e1ee289e7b4e685b7aff1","ssdeep":"","tlshash":"fec01227860c29b75cfe25b8042dc60f661e853f239454f0d1912d75ab771399d471e9","first_seen":"2026-07-12T17:38:11.797511Z","last_seen":"2026-07-12T22:01:35.304475Z","times_seen":8,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/images/payments/litecoin-ltc-logo.svg","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.486Z","timestamp":1783891131486,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /images/payments/litecoin-ltc-logo.svg HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\npriority: u=5,i\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/svg+xml\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"1e9-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oEFT1L4HZJni296V6RY7RNlClscnsEt4H0fQxnrlXy1NBuC0gE%2BHZWADELciMr3%2F76I45o4amQdilBWgRBCensy2WAQ8qnivlCfNvoioOX4BTMZnbIPfDkE2rjn8vg%3D%3D\"}]}\r\ncf-ray: a1a31533c8ac723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":489,"size_decoded":1256,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6046cca14ef5741d48469675250f8d1a","sha1":"e5d3cb531aa29112387e94a9d68a1ea583576c8b","sha256":"20dd004b22b76d98151807b3ca99196f84edf24cc5d66c33e3aaabfd9ada6d19","sha512":"e4153f5893945f12cf4bcb8b0a66e1b360fcbdd62be00058ec3e6d32452e3aaed2913e3328ca99a3067acb5ed5964df60796b7e56199dfb316790bc413877b31","ssdeep":"","tlshash":"f6f0d47bdb50ce2ddb50472cc0c2b50210704542f1c24294ef97012cf80b8b3747c9c2","first_seen":"2023-07-06T20:31:16Z","last_seen":"2026-07-12T22:01:35.279612Z","times_seen":793,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/predict?_rsc=1otn0","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:55.915Z","timestamp":1783891135915,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /predict?_rsc=1otn0 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 21:18:55 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=n3w7zjdVzmoM%2F%2BB1WagQkluMgO%2B5CMkgsbJEYLvM3XU4EvGqsHI2ILFK8j0QgU6FrlVeMJbc9EPf4AQqlrkaNnQY3g3qPp%2FqUdwXkPjtjbvmlfR73Z5fweqlYDm2tQ%3D%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i=?0\r\ncf-ray: a1a3154f7ed7723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":154,"size_decoded":1198,"mime_type":"text/x-component","magic":"ASCII text","md5":"427ba4325d78cf1b03cd9964bebd615c","sha1":"a319f409b20da4e7d3634bf3205cc481bac13b3e","sha256":"8f1e1cd448797cb2d551ffeb3ce2489a5189923888b37b971e38affc2562f8fb","sha512":"5d900b3a39417f099124fe928959ddba295143e3adfecb9c1329bbfb91722fd9505a1d8f1a59b41f965b2ce8a504f9c13d78c9bff486e348d5344979fed95c32","ssdeep":"","tlshash":"fac08c3a420b3ef5bcbb28aca4aec60f360e410b21c418f0d0924a10a73702105039e8","first_seen":"2026-07-12T17:38:11.79463Z","last_seen":"2026-07-12T22:01:35.293885Z","times_seen":8,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/play/vs10bbbnz1000?provider=pragmatic\u0026_rsc=1otn0","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.392Z","timestamp":1783891136392,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /play/vs10bbbnz1000?provider=pragmatic\u0026_rsc=1otn0 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oTYmx5EBm6EcH%2FgNwcTMcL3EERXHi%2ByskJLZZPD7xuWuOh%2FpKjVkgmzz3z%2BVh2Pt7I5iW5Qsr0SPEypChU2cMVbKImz%2F1aJQzmrr1c2IIZXP1HrdWF0QL0DlDUl5fQ%3D%3D\"}]}\r\ncf-ray: a1a315527f81723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":221,"size_decoded":1237,"mime_type":"text/x-component","magic":"ASCII text","md5":"ba26f32ffcaf2831d8ec0ac54f7d4872","sha1":"b9ee1b9c7f10092556bbec51149a9e459165adcb","sha256":"1402a8c710ad9f71fd8233661635a2433ecb2f6997bd53062856cc9bfbc34f7b","sha512":"c9a460d044be181512ca5abf0df6e510f4d42fc07a0362a7c46dc329473f9f7eae4a353c6546ed2a6b105127437d6a7ffb1b6ac820c14d2814fd162867d6bed0","ssdeep":"","tlshash":"e4d0a73a42053af56c7a2884057dca5f751e619ba1d846f250525e35976703119036e9","first_seen":"2026-07-12T17:38:11.676985Z","last_seen":"2026-07-12T22:01:35.315169Z","times_seen":8,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/play/vs20doghouse?provider=pragmatic\u0026_rsc=1otn0","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.394Z","timestamp":1783891136394,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /play/vs20doghouse?provider=pragmatic\u0026_rsc=1otn0 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7YUnHFzy1jlqCSyXQbJ1g%2FX7IUoAAdjSQ%2BhHaOue%2BBDkP%2BPDLz4oCx%2FYa99RMtz8nQHtgIzF9%2FjTIUfyF0qL0TmiU5UwMzzgsjSxnAVx6nbIXfsfj8eiTgvGv%2BnFUA%3D%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i=?0\r\ncf-ray: a1a315527f82723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":220,"size_decoded":1242,"mime_type":"text/x-component","magic":"ASCII text","md5":"d120a3dd10cd04cdaded6f8651558d72","sha1":"ff94165ee7679977ab16f4be9592f4c56316eb14","sha256":"c829a2a6598f90e23a2233b34f8287e3c80b8ba6715dbc0d9660c68ee3d4dcc0","sha512":"65fd30ddbe8d7856f6e86bd8a620e9fb7440e39b6fb799d8de2aa442dc4474ab81d45ad071b71593db908cf70ba3ca0bba37f53d0ff209c572187d343ee04227","ssdeep":"","tlshash":"7ed0972202053bf16c7e2888007cc68f740f104ba0c802f180624a3593230311a035e8","first_seen":"2026-07-12T17:38:11.679649Z","last_seen":"2026-07-12T22:01:35.296243Z","times_seen":8,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/avatars/avatar-07.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:19:00.341Z","timestamp":1783891140341,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/avatars/avatar-07.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:19:00 GMT\r\netag: W/\"450a-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aBXeJy6s7D6GPYwcaohz3RXeNBrlt6imrTxwgVtVdMMtGr%2BtUxhb%2FISA19YO6WuLI%2BoBAp%2BfkaO8hdENLAzUeZTAL2sMFPwImrelrNQ%2Fu1dE3LUU2csAKDgjmrQakA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a3156b2df4723c-OSL\r\ncontent-length: 17674\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17674,"size_decoded":18678,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2f04ece7f55be80ca5c7c5a84b68a4d9","sha1":"19c15be6f6ccba61003ca2bee22fda50982d6453","sha256":"e892676bd399ec5732a3a5232893070177cf3f4a252990f59d2d9ce96e2424e6","sha512":"6c749d39b3e718788b42c0067b1488e0e989bbbc1c6b8bf75de9811acf26cfcdf47bbae2a6fbfdf5c8e0377747b62025fe28a59a3e246892eb1330c90272d619","ssdeep":"384:WLsoy8QxUzRTQBlEXypgyXGS2HxN/XhA/YDmNAB+:WL5yNxUAKyptcxN/09","tlshash":"3d82c0b1e3cf6b19e5b19e3c9c94b24248ba8949661d023da4ed1f090f84f475647772","first_seen":"2026-07-10T09:45:03.493916Z","last_seen":"2026-07-12T22:01:35.299506Z","times_seen":11,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":120,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/_next/static/chunks/app/error-33d1788fed5ffb4f.js","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.434Z","timestamp":1783891131434,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /_next/static/chunks/app/error-33d1788fed5ffb4f.js HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"93c-19f52809f88\"\r\nlast-modified: Sat, 11 Jul 2026 18:46:29 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dWjR%2FPRJ77Gb5r8%2BwT%2F6b%2BVNz2Vct7f%2BrPlNkZrqvY6YiY9xxyBLXDMeLHMZn5T9mmo0w4ElqRlssgL76K%2Fiu3S5ffy3nK15OGQIpcpVlH4Y0Oxi06y2LAo0s0RzMw%3D%3D\"}]}\r\ncf-ray: a1a315337876723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2364,"size_decoded":2122,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2364), with no line terminators","md5":"5127c8a0bf18bf19c981c4c0f5fd3b5d","sha1":"f812e3d7611042d8be29a2491fa3cbbaf991d54a","sha256":"937b53427e51b436510f6512d504cecc2f6b5478328d3f8e1ce04c45758345b6","sha512":"46314691bf04c743c678ec3b850bf7fc634132b3102eff1279ab430bee9398efe937e8b5021231f5193dbaa3e459cdc12bfcd4e31160df42ac8d8f7fdebdba59","ssdeep":"","tlshash":"cd41621766056e18f437c94877ff900c71eb4428712ade7867a89d3a11d64e53a2b7d0","first_seen":"2026-07-10T09:45:03.569736Z","last_seen":"2026-07-12T22:01:35.294604Z","times_seen":17,"resource_available":true,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/hero/hero-prizes-v2.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.453Z","timestamp":1783891131453,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/hero/hero-prizes-v2.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"155a0-19f1fac3ba8\"\r\nlast-modified: Wed, 01 Jul 2026 21:53:29 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jAm%2Bc%2B9STj2rri8Bf4lpiQbQjYLY5QIaKCPt%2BInpZtZwepfz1N2Hbp8PaPwe4eY3M3sr15NkJSMTKNkzvaVnXXew%2FOHcbsQTzfrsXpVqt9cmlgz8kNeFok6YVxmsMg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31533988a723c-OSL\r\ncontent-length: 87456\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":87456,"size_decoded":88459,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"1e7ed6564b4d9f84e96781b9f7f3d7d8","sha1":"1c1b5e8bfbd1b7909859580dfee74bb9861ebcc1","sha256":"339e7f1e59b63184d606ae519a9ea274592c7b4b34020e875c699314d0cbf9e8","sha512":"cd39a863674a89ab3f65991de5f0120671fd82ce40a75c40506d65c05a7d30d934e44423afdd6c8ed8298ac1584a931bf56b937e9e278f34802971bad23a072d","ssdeep":"1536:1lclA3b1Jy6Q84I1VZzbTRDN8hc0nvFITLbleMrKHMGR7Q1q:HclA5JdQ9ItfhuVvGTLblbG1Rp","tlshash":"9c83021e431f503eee71f1e4b3b461f7c11ae1a822d8b4f6f45a48411b196ab4abf948","first_seen":"2026-07-10T09:45:03.577676Z","last_seen":"2026-07-12T22:01:35.30124Z","times_seen":17,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":51,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/lab/slots/bonanza-gold.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:51.468Z","timestamp":1783891131468,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /lab/slots/bonanza-gold.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:51 GMT\r\netag: W/\"19894-19f126f7450\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:02 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FCBjwFB7t6nOj5lIrRG5TFMlnfZev0GcY9nQspb997dK9AQ8EuAExRfwM2E7Ycyk%2Bwx4Qx6lZs2Q1dVzPzncxz1YHF%2FTOrmpQHMtXLTZmpEHhQMniJIrfuL6a7l6sg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31533a898723c-OSL\r\ncontent-length: 104596\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":104596,"size_decoded":105596,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 896x1200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"41a60a105c2cfe76d0467a5b09ae0a33","sha1":"551e9c83845fba6fc18db7a4ac086c215ff8a179","sha256":"b78350512b1d85e07b3ef58b82aad59ddb661cb83c0575faafe676525f215907","sha512":"1ea5a610329876344d027bec3868e54d569ea08899bf3bb565e0750b3fc468a48d78b675344162e4555d61112a30c161a8a4430502547898cee97fe320c5ec38","ssdeep":"3072:4kSF2Y4Jf5pFoQqvZ798oWHprJMkhu9uAvX5iQjgw1H:pSUX5A79dWJrJMkhuZvX5g4H","tlshash":"60a312c579393f7d83899a43ec1da0c3f026f9e51edd2f42dc4c5606ea3182918a4b67","first_seen":"2026-07-10T09:45:03.469823Z","last_seen":"2026-07-12T22:01:35.312172Z","times_seen":16,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":67,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/sport?_rsc=1otn0","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:55.921Z","timestamp":1783891135921,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /sport?_rsc=1otn0 HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nrsc: 1\r\nnext-router-state-tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(main)%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nnext-router-prefetch: 1\r\nnext-url: /\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/x-component\r\ndate: Sun, 12 Jul 2026 21:18:55 GMT\r\npermissions-policy: camera=(), microphone=(), geolocation=(), payment=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hmQ9mpDqq0IlG6DpiJcU0OIGPTFyWUUK7tQYlQn4TJwro83EAZWpfeCtUYr%2F3cDKjBxs0%2F6%2BQxiws%2Fgg8zDSCwStcDI3Q%2BrUpZcbiMP%2FQa%2BzgR8otmPs3irHaG4wbA%3D%3D\"}]}\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i=?0\r\ncf-ray: a1a3154f8ed9723c-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":150,"size_decoded":1203,"mime_type":"text/x-component","magic":"ASCII text","md5":"58dfd66d86ef41e0dbe017c5b7e355aa","sha1":"36d41337111ebea1844b4ce57f53a44899d98d93","sha256":"96bc05c57ac0edf0e2a5fedcaae23bc9f76f68e272b587454b2eaa39c54bc23a","sha512":"dc7904a78b124aa12553520a5e26687b56576e45ee054b476d0e7892df4b30f468e490f0eb9e0ecd30e7f471006435b5f2fdb6724fe4b3fd21d88a4adbe4401f","ssdeep":"","tlshash":"b7c08c2142483ef56cba2888156ec60f760e410b22c658f4a0d24b14a73723006035e8","first_seen":"2026-07-12T17:38:11.924846Z","last_seen":"2026-07-12T22:01:35.248934Z","times_seen":8,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/games/trytostart/1164.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.140Z","timestamp":1783891136140,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /games/trytostart/1164.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"3b07d-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BhRKL8rYFLTWGB2XY%2BXlWPwBM4OFVPAiIS%2FiptlnTH%2F%2BpbVv8nLyKBQUvrNEYAj80Co6NuaONmNMmHZSrCACc%2BTkjtY2RvX5RFK1RflJm2E8RDNEHiwj2RCbKu80MA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a31550ef3a723c-OSL\r\ncontent-length: 241789\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":241789,"size_decoded":242723,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"a22bee73d837dc2f4a18b7ecc93e521b","sha1":"9a9aa32d2ac85065925026752b2809670a73c586","sha256":"732b9916293e927de8a418624133957e9a2607fb891ecab95de2ba842aaa2641","sha512":"777e29c39d285ea5ede5543a3f4b5611729dcc61c0e0eaeb0fde66c5d4f9a8d3a227127a96e384d1071ba936aeecf7c4865363db6dedec3016b2e7b5c72140d3","ssdeep":"6144:T8vn7tHyt5P7xVpBeZ7RLlTeeZmI+qYuozxO24EfjO/1XNJc:TinRymZtLlTbZmJ0ozxO9EfqTC","tlshash":"da3422cad1c441b76c6a50882307b3d29fa064f7b97654eca4bee73c732e25ba523117","first_seen":"2026-07-10T09:45:03.5234Z","last_seen":"2026-07-12T22:01:35.323364Z","times_seen":16,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":98,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"serawex.com/games/trytostart/vs20olympgate.webp","fqdn":"serawex.com","domain":"serawex.com","tld":"com"},"ip":{"addr":"104.21.31.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://serawex.com/","date":"2026-07-12T21:18:56.162Z","timestamp":1783891136162,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serawex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Jul 2026 18:17:32 GMT","end":"Sat, 03 Oct 2026 19:16:07 GMT"},"fingerprint":{"sha1":"3F:0D:E2:C6:86:0A:AC:7A:FA:A6:9B:F0:5A:A3:BB:5D:3E:B3:A9:47","sha256":"DE:CD:DA:30:2D:0E:AE:BE:9D:9A:B0:2F:02:40:E7:DC:A2:57:33:31:9F:68:85:AB:E5:29:1A:E6:FF:82:81:6D"}}},"request":{"raw":"GET /games/trytostart/vs20olympgate.webp HTTP/1.1\r\nHost: serawex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://serawex.com/\r\nSec-GPC: 1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nConnection: keep-alive\r\nCookie: __Host-authjs.csrf-token=50159571c04e2b3b99ba96246b1c9715ce71f6bbc0b3db3a9d8f5996f7ad7892%7Ca19dbbb160e238280420eb60849e301e8b3fdf6e8d625ff4efdac50e0306fa4f; authjs.callback-url=https%3A%2F%2Faurexss.com\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=14400\r\ncontent-type: image/webp\r\ndate: Sun, 12 Jul 2026 21:18:56 GMT\r\netag: W/\"3a86a-19f126f6c80\"\r\nlast-modified: Mon, 29 Jun 2026 08:12:00 GMT\r\nreferrer-policy: strict-origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvia: 1.1 Caddy\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver-timing: cfExtPri\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cZGo%2BHrovksrkGvSUrhfKufesXWcYPTlozvOMDzyjDt3zDs4n0pGAlxbLQmhEfh%2BZTkBsLDL50pOA4lDH%2BLdY6NyfDkEgbovg3mcs6NaNv%2FupgQW%2BNmKQ1%2F1eiNp0Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a315510f48723c-OSL\r\ncontent-length: 239722\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":239722,"size_decoded":240656,"mime_type":"image/webp","magic":"PNG image data, 360 x 472, 8-bit/color RGB, non-interlaced","md5":"b35b2e8a7a9bd2a1a1a3f3410abc0b9e","sha1":"9eed673b17df07b5a18c95cd083bf70a6390443e","sha256":"9be0afa381a4a45438b694ea6274eb5dde604c78e2c73a29e6f90a01a7c6ca22","sha512":"df25a134ffba384be1f1b391c70bfce195f8f05af57102e4bfe93738ec3fa0617a177807f13adff85f3a944d8936af78078a6a5d7b9dfa08ffa92a73c86c2817","ssdeep":"6144:Re/CZmWFt/Sk0h8WB6H8/fL79MsmyAny6Tlc:RebI/9lWB6H8XLpjmXy6Tlc","tlshash":"c53423cc96dec83d1192865d889bedc1778875702b0a9281e16aa1fc153fdeedf0ed81","first_seen":"2026-07-10T09:45:03.575765Z","last_seen":"2026-07-12T22:01:35.25694Z","times_seen":16,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":99,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"serawex.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}
